From 7c7b9d023cd466c1771068badc020dab36beb553 Mon Sep 17 00:00:00 2001 From: Endi Sukma Dewata Date: Thu, 5 Apr 2012 14:49:11 -0500 Subject: Removed whitespaces from Java code. Whitespaces in Java code have been removed with the following command: find . -not -path .git -name *.java -exec sed -i 's/[[:blank:]]\+$//' {} \; Ticket #134 --- base/util/src/netscape/net/NetworkClient.java | 2 +- .../src/netscape/net/TransferProtocolClient.java | 2 +- base/util/src/netscape/net/smtp/SmtpClient.java | 2 +- .../src/netscape/security/acl/AclEntryImpl.java | 12 +- base/util/src/netscape/security/acl/AclImpl.java | 30 ++-- .../netscape/security/acl/AllPermissionsImpl.java | 4 +- base/util/src/netscape/security/acl/GroupImpl.java | 26 ++-- base/util/src/netscape/security/acl/OwnerImpl.java | 8 +- .../src/netscape/security/acl/PermissionImpl.java | 8 +- .../src/netscape/security/acl/PrincipalImpl.java | 6 +- .../src/netscape/security/acl/WorldGroupImpl.java | 4 +- .../extensions/AuthInfoAccessExtension.java | 10 +- .../CertificateRenewalWindowExtension.java | 6 +- .../security/extensions/CertificateScopeEntry.java | 4 +- .../extensions/CertificateScopeOfUseExtension.java | 6 +- .../security/extensions/GenericASN1Extension.java | 10 +- .../extensions/InhibitAnyPolicyExtension.java | 6 +- .../netscape/security/extensions/KerberosName.java | 8 +- .../security/extensions/NSCertTypeExtension.java | 14 +- .../extensions/SubjectInfoAccessExtension.java | 6 +- .../src/netscape/security/pkcs/ContentInfo.java | 2 +- base/util/src/netscape/security/pkcs/PKCS10.java | 24 ++-- .../netscape/security/pkcs/PKCS10Attribute.java | 24 ++-- .../netscape/security/pkcs/PKCS10Attributes.java | 10 +- base/util/src/netscape/security/pkcs/PKCS7.java | 26 ++-- base/util/src/netscape/security/pkcs/PKCS8Key.java | 20 +-- .../src/netscape/security/pkcs/PKCS9Attribute.java | 160 ++++++++++----------- .../netscape/security/pkcs/PKCS9Attributes.java | 26 ++-- .../src/netscape/security/pkcs/SignerInfo.java | 14 +- base/util/src/netscape/security/provider/DSA.java | 54 +++---- .../netscape/security/provider/DSAKeyFactory.java | 32 ++--- .../security/provider/DSAKeyPairGenerator.java | 26 ++-- .../security/provider/DSAParameterGenerator.java | 12 +- .../netscape/security/provider/DSAParameters.java | 6 +- .../netscape/security/provider/DSAPrivateKey.java | 8 +- .../netscape/security/provider/DSAPublicKey.java | 10 +- base/util/src/netscape/security/provider/MD5.java | 2 +- .../netscape/security/provider/RSAPublicKey.java | 18 +-- base/util/src/netscape/security/provider/SHA.java | 14 +- base/util/src/netscape/security/provider/Sun.java | 22 +-- .../netscape/security/util/ASN1CharStrConvMap.java | 22 +-- base/util/src/netscape/security/util/BigInt.java | 14 +- base/util/src/netscape/security/util/BitArray.java | 6 +- .../netscape/security/util/ByteArrayLexOrder.java | 6 +- .../netscape/security/util/ByteArrayTagOrder.java | 6 +- .../netscape/security/util/CertPrettyPrint.java | 4 +- .../src/netscape/security/util/CrlPrettyPrint.java | 4 +- .../src/netscape/security/util/DerEncoder.java | 4 +- .../src/netscape/security/util/DerInputBuffer.java | 2 +- .../src/netscape/security/util/DerInputStream.java | 26 ++-- .../netscape/security/util/DerOutputStream.java | 48 +++---- base/util/src/netscape/security/util/DerValue.java | 56 ++++---- .../src/netscape/security/util/ExtPrettyPrint.java | 4 +- .../netscape/security/util/IA5CharsetDecoder.java | 2 +- .../netscape/security/util/IA5CharsetEncoder.java | 2 +- .../netscape/security/util/ObjectIdentifier.java | 18 +-- .../netscape/security/util/PrettyPrintFormat.java | 6 +- .../security/util/PrettyPrintResources.java | 2 +- .../security/util/PrintableCharsetDecoder.java | 2 +- .../security/util/PrintableCharsetEncoder.java | 2 +- .../netscape/security/util/PubKeyPrettyPrint.java | 4 +- .../security/util/UniversalCharsetDecoder.java | 2 +- .../security/util/UniversalCharsetEncoder.java | 2 +- .../src/netscape/security/x509/ACertAttrSet.java | 28 ++-- base/util/src/netscape/security/x509/AVA.java | 42 +++--- .../netscape/security/x509/AVAValueConverter.java | 24 ++-- .../util/src/netscape/security/x509/Attribute.java | 32 ++--- .../x509/AuthorityKeyIdentifierExtension.java | 18 +-- .../security/x509/BasicConstraintsExtension.java | 16 +-- base/util/src/netscape/security/x509/CPSuri.java | 8 +- .../security/x509/CRLDistributionPoint.java | 10 +- .../x509/CRLDistributionPointsExtension.java | 12 +- .../src/netscape/security/x509/CRLExtensions.java | 14 +- .../netscape/security/x509/CRLNumberExtension.java | 16 +-- .../netscape/security/x509/CRLReasonExtension.java | 14 +- .../src/netscape/security/x509/CertAndKeyGen.java | 32 ++--- .../src/netscape/security/x509/CertAttrSet.java | 28 ++-- .../src/netscape/security/x509/CertException.java | 4 +- .../src/netscape/security/x509/CertParseError.java | 2 +- .../security/x509/CertificateAlgorithmId.java | 12 +- .../netscape/security/x509/CertificateChain.java | 10 +- .../security/x509/CertificateExtensions.java | 16 +-- .../security/x509/CertificateIssuerExtension.java | 14 +- .../security/x509/CertificateIssuerName.java | 12 +- .../x509/CertificateIssuerUniqueIdentity.java | 14 +- .../x509/CertificatePoliciesExtension.java | 18 +-- .../security/x509/CertificatePolicyId.java | 8 +- .../security/x509/CertificatePolicyInfo.java | 8 +- .../security/x509/CertificatePolicyMap.java | 8 +- .../security/x509/CertificatePolicySet.java | 8 +- .../security/x509/CertificateSerialNumber.java | 16 +-- .../security/x509/CertificateSubjectName.java | 14 +- .../x509/CertificateSubjectUniqueIdentity.java | 14 +- .../security/x509/CertificateValidity.java | 18 +-- .../netscape/security/x509/CertificateVersion.java | 14 +- .../netscape/security/x509/CertificateX509Key.java | 12 +- base/util/src/netscape/security/x509/DNSName.java | 8 +- .../security/x509/DeltaCRLIndicatorExtension.java | 16 +-- .../netscape/security/x509/DirStrConverter.java | 22 +-- .../src/netscape/security/x509/DisplayText.java | 6 +- .../src/netscape/security/x509/EDIPartyName.java | 12 +- .../util/src/netscape/security/x509/Extension.java | 14 +- .../src/netscape/security/x509/Extensions.java | 14 +- .../security/x509/FreshestCRLExtension.java | 12 +- .../src/netscape/security/x509/GeneralName.java | 16 +-- .../security/x509/GeneralNameInterface.java | 4 +- .../src/netscape/security/x509/GeneralNames.java | 12 +- .../security/x509/GeneralNamesException.java | 4 +- .../src/netscape/security/x509/GeneralSubtree.java | 10 +- .../netscape/security/x509/GeneralSubtrees.java | 10 +- .../security/x509/GenericValueConverter.java | 24 ++-- .../security/x509/HoldInstructionExtension.java | 22 +-- .../netscape/security/x509/IA5StringConverter.java | 30 ++-- .../src/netscape/security/x509/IPAddressName.java | 16 +-- .../security/x509/InvalidityDateExtension.java | 14 +- .../x509/IssuerAlternativeNameExtension.java | 16 +-- .../security/x509/IssuingDistributionPoint.java | 24 ++-- .../x509/IssuingDistributionPointExtension.java | 22 +-- .../src/netscape/security/x509/KeyIdentifier.java | 8 +- .../netscape/security/x509/KeyUsageExtension.java | 18 +-- .../netscape/security/x509/LdapDNStrConverter.java | 26 ++-- .../security/x509/LdapV3DNStrConverter.java | 76 +++++----- .../security/x509/NSCCommentExtension.java | 12 +- .../security/x509/NameConstraintsExtension.java | 12 +- .../netscape/security/x509/NoticeReference.java | 6 +- base/util/src/netscape/security/x509/OIDMap.java | 12 +- base/util/src/netscape/security/x509/OIDName.java | 8 +- .../util/src/netscape/security/x509/OtherName.java | 18 +-- .../src/netscape/security/x509/PKIXExtensions.java | 10 +- .../netscape/security/x509/PolicyConstraint.java | 8 +- .../security/x509/PolicyConstraintsExtension.java | 14 +- .../security/x509/PolicyMappingsExtension.java | 16 +-- .../security/x509/PolicyQualifierInfo.java | 10 +- .../netscape/security/x509/PolicyQualifiers.java | 10 +- .../netscape/security/x509/PrintableConverter.java | 22 +-- .../security/x509/PrivateKeyUsageExtension.java | 34 ++--- .../util/src/netscape/security/x509/Qualifier.java | 8 +- base/util/src/netscape/security/x509/RDN.java | 34 ++--- .../security/x509/RFC1779StrConverter.java | 16 +-- .../src/netscape/security/x509/RFC822Name.java | 8 +- .../src/netscape/security/x509/ReasonFlags.java | 18 +-- .../netscape/security/x509/RevocationReason.java | 6 +- .../netscape/security/x509/RevokedCertImpl.java | 40 +++--- .../netscape/security/x509/RevokedCertificate.java | 16 +-- .../src/netscape/security/x509/SerialNumber.java | 14 +- .../x509/SubjectAlternativeNameExtension.java | 16 +-- .../x509/SubjectDirAttributesExtension.java | 30 ++-- .../x509/SubjectKeyIdentifierExtension.java | 16 +-- base/util/src/netscape/security/x509/URIName.java | 8 +- .../src/netscape/security/x509/UniqueIdentity.java | 12 +- .../src/netscape/security/x509/UserNotice.java | 6 +- base/util/src/netscape/security/x509/X500Name.java | 60 ++++---- .../netscape/security/x509/X500NameAttrMap.java | 44 +++--- .../netscape/security/x509/X509AttributeName.java | 4 +- .../src/netscape/security/x509/X509CRLImpl.java | 96 ++++++------- base/util/src/netscape/security/x509/X509Cert.java | 58 ++++---- .../src/netscape/security/x509/X509CertImpl.java | 106 +++++++------- .../src/netscape/security/x509/X509CertInfo.java | 58 ++++---- .../security/x509/X509ExtensionException.java | 4 +- base/util/src/netscape/security/x509/X509Key.java | 46 +++--- 160 files changed, 1408 insertions(+), 1408 deletions(-) (limited to 'base/util/src/netscape') diff --git a/base/util/src/netscape/net/NetworkClient.java b/base/util/src/netscape/net/NetworkClient.java index ae8cdfcf4..f54ef7698 100644 --- a/base/util/src/netscape/net/NetworkClient.java +++ b/base/util/src/netscape/net/NetworkClient.java @@ -27,7 +27,7 @@ import java.net.UnknownHostException; /** * This is the base class for network clients. - * + * * @version 1.21, 08/07/97 * @author Jonathan Payne */ diff --git a/base/util/src/netscape/net/TransferProtocolClient.java b/base/util/src/netscape/net/TransferProtocolClient.java index 76e3a9c21..587ec85a1 100644 --- a/base/util/src/netscape/net/TransferProtocolClient.java +++ b/base/util/src/netscape/net/TransferProtocolClient.java @@ -23,7 +23,7 @@ import java.util.Vector; /** * This class implements that basic intefaces of transfer protocols. * It is used by subclasses implementing specific protocols. - * + * * @version 1.25, 08/07/97 * @author Jonathan Payne */ diff --git a/base/util/src/netscape/net/smtp/SmtpClient.java b/base/util/src/netscape/net/smtp/SmtpClient.java index 40b927b8f..bebeded3d 100644 --- a/base/util/src/netscape/net/smtp/SmtpClient.java +++ b/base/util/src/netscape/net/smtp/SmtpClient.java @@ -31,7 +31,7 @@ import netscape.net.TransferProtocolClient; * sender, calling startMessage to return a stream to which you write * the message (with RFC733 headers) and then you finally close the Smtp * Client. - * + * * @version 1.17, 12 Dec 1994 * @author James Gosling */ diff --git a/base/util/src/netscape/security/acl/AclEntryImpl.java b/base/util/src/netscape/security/acl/AclEntryImpl.java index 46365f5d8..878eacb68 100644 --- a/base/util/src/netscape/security/acl/AclEntryImpl.java +++ b/base/util/src/netscape/security/acl/AclEntryImpl.java @@ -28,7 +28,7 @@ import java.util.Vector; * This is a class that describes one entry that associates users * or groups with permissions in the ACL. * The entry may be used as a way of granting or denying permissions. - * + * * @author Satish Dharmaraj */ public class AclEntryImpl implements AclEntry { @@ -39,7 +39,7 @@ public class AclEntryImpl implements AclEntry { /** * Construct an ACL entry that associates a user with permissions * in the ACL. - * + * * @param user The user that is associated with this entry. */ public AclEntryImpl(Principal user) { @@ -56,7 +56,7 @@ public class AclEntryImpl implements AclEntry { * Sets the principal in the entity. If a group or a * principal had already been set, a false value is * returned, otherwise a true value is returned. - * + * * @param user The user that is associated with this entry. * @return true if the principal is set, false if there is * one already. @@ -87,7 +87,7 @@ public class AclEntryImpl implements AclEntry { /** * A principal or a group can be associated with multiple * permissions. This method adds a permission to the ACL entry. - * + * * @param permission The permission to be associated with * the principal or the group in the entry. * @return true if the permission was added, false if the @@ -106,7 +106,7 @@ public class AclEntryImpl implements AclEntry { /** * The method disassociates the permission from the Principal * or the Group in this ACL entry. - * + * * @param permission The permission to be disassociated with * the principal or the group in the entry. * @return true if the permission is removed, false if the @@ -119,7 +119,7 @@ public class AclEntryImpl implements AclEntry { /** * Checks if the passed permission is part of the allowed * permission set in this entry. - * + * * @param permission The permission that has to be part of * the permission set in the entry. * @return true if the permission passed is part of the diff --git a/base/util/src/netscape/security/acl/AclImpl.java b/base/util/src/netscape/security/acl/AclImpl.java index 76750b7b9..75ff02083 100644 --- a/base/util/src/netscape/security/acl/AclImpl.java +++ b/base/util/src/netscape/security/acl/AclImpl.java @@ -30,7 +30,7 @@ import java.util.Vector; /** * An Access Control List (ACL) is encapsulated by this class. - * + * * @author Satish Dharmaraj */ public class AclImpl extends OwnerImpl implements Acl { @@ -59,7 +59,7 @@ public class AclImpl extends OwnerImpl implements Acl { /** * Sets the name of the ACL. - * + * * @param caller the principal who is invoking this method. * @param name the name of the ACL. * @exception NotOwnerException if the caller principal is @@ -75,7 +75,7 @@ public class AclImpl extends OwnerImpl implements Acl { /** * Returns the name of the ACL. - * + * * @return the name of the ACL. */ public String getName() { @@ -90,7 +90,7 @@ public class AclImpl extends OwnerImpl implements Acl { * or positive) already in the table, a false value is returned. * The caller principal must be a part of the owners list of * the ACL in order to invoke this method. - * + * * @param caller the principal who is invoking this method. * @param entry the ACL entry that must be added to the ACL. * @return true on success, false if the entry is already present. @@ -116,7 +116,7 @@ public class AclImpl extends OwnerImpl implements Acl { * Removes an ACL entry from this ACL. * The caller principal must be a part of the owners list of the ACL * in order to invoke this method. - * + * * @param caller the principal who is invoking this method. * @param entry the ACL entry that must be removed from the ACL. * @return true on success, false if the entry is not part of the ACL. @@ -139,10 +139,10 @@ public class AclImpl extends OwnerImpl implements Acl { * This method returns the set of allowed permissions for the * specified principal. This set of allowed permissions is calculated * as follows: - * + * * If there is no entry for a group or a principal an empty permission * set is assumed. - * + * * The group positive permission set is the union of all * the positive permissions of each group that the individual belongs to. * The group negative permission set is the union of all @@ -151,18 +151,18 @@ public class AclImpl extends OwnerImpl implements Acl { * the postive permission set and the negative permission set, * it is removed from both. The group positive and negatoive permission * sets are calculated. - * + * * The individial positive permission set and the individual negative * permission set is then calculated. Again abscence of an entry means * the empty set. - * + * * The set of permissions granted to the principal is then calculated using * the simple rule: Individual permissions always override the Group permissions. * Specifically, individual negative permission set (specific * denial of permissions) overrides the group positive permission set. * And the individual positive permission set override the group negative * permission set. - * + * * @param user the principal for which the ACL entry is returned. * @return The resulting permission set that the principal is allowed. */ @@ -211,7 +211,7 @@ public class AclImpl extends OwnerImpl implements Acl { * permission false is returned, a true value is returned otherwise. * This method does not authenticate the principal. It presumes that * the principal is a valid authenticated principal. - * + * * @param principal the name of the authenticated principal * @param permission the permission that the principal must have. * @return true of the principal has the permission desired, false @@ -253,10 +253,10 @@ public class AclImpl extends OwnerImpl implements Acl { } // - // Find the table that this entry belongs to. There are 4 - // tables that are maintained. One each for postive and - // negative ACLs and one each for groups and users. - // This method figures out which + // Find the table that this entry belongs to. There are 4 + // tables that are maintained. One each for postive and + // negative ACLs and one each for groups and users. + // This method figures out which // table is the one that this AclEntry belongs to. // private Hashtable findTable(AclEntry entry) { diff --git a/base/util/src/netscape/security/acl/AllPermissionsImpl.java b/base/util/src/netscape/security/acl/AllPermissionsImpl.java index f2b57742f..df3ff6451 100644 --- a/base/util/src/netscape/security/acl/AllPermissionsImpl.java +++ b/base/util/src/netscape/security/acl/AllPermissionsImpl.java @@ -21,7 +21,7 @@ import java.security.acl.Permission; /** * This class implements the principal interface for the set of all permissions. - * + * * @author Satish Dharmaraj */ public class AllPermissionsImpl extends PermissionImpl { @@ -33,7 +33,7 @@ public class AllPermissionsImpl extends PermissionImpl { /** * This function returns true if the permission passed matches the permission represented in * this interface. - * + * * @param another The Permission object to compare with. * @return true always */ diff --git a/base/util/src/netscape/security/acl/GroupImpl.java b/base/util/src/netscape/security/acl/GroupImpl.java index ed087a544..d28e83f00 100644 --- a/base/util/src/netscape/security/acl/GroupImpl.java +++ b/base/util/src/netscape/security/acl/GroupImpl.java @@ -24,7 +24,7 @@ import java.util.Vector; /** * This class implements a group of principals. - * + * * @author Satish Dharmaraj */ public class GroupImpl implements Group { @@ -33,7 +33,7 @@ public class GroupImpl implements Group { /** * Constructs a Group object with no members. - * + * * @param groupName the name of the group */ public GroupImpl(String groupName) { @@ -42,7 +42,7 @@ public class GroupImpl implements Group { /** * adds the specified member to the group. - * + * * @param user The principal to add to the group. * @return true if the member was added - false if the * member could not be added. @@ -61,7 +61,7 @@ public class GroupImpl implements Group { /** * removes the specified member from the group. - * + * * @param user The principal to remove from the group. * @param true if the principal was removed false if * the principal was not a member @@ -80,7 +80,7 @@ public class GroupImpl implements Group { /** * This function returns true if the group passed matches * the group represented in this interface. - * + * * @param another The group to compare this group to. */ public boolean equals(Group another) { @@ -103,7 +103,7 @@ public class GroupImpl implements Group { /** * returns true if the passed principal is a member of the group. - * + * * @param member The principal whose membership must be checked for. * @return true if the principal is a member of this group, * false otherwise @@ -133,7 +133,7 @@ public class GroupImpl implements Group { // // This function is the recursive search of groups for this // implementation of the Group. The search proceeds building up - // a vector of already seen groups. Only new groups are considered, + // a vector of already seen groups. Only new groups are considered, // thereby avoiding loops. // boolean isMemberRecurse(Principal member, Vector alreadySeen) { @@ -147,12 +147,12 @@ public class GroupImpl implements Group { return true; } else if (p instanceof GroupImpl) { // - // if not recurse if the group has not been checked already. - // Can call method in this package only if the object is an - // instance of this class. Otherwise call the method defined - // in the interface. (This can lead to a loop if a mixture of - // implementations form a loop, but we live with this improbable - // case rather than clutter the interface by forcing the + // if not recurse if the group has not been checked already. + // Can call method in this package only if the object is an + // instance of this class. Otherwise call the method defined + // in the interface. (This can lead to a loop if a mixture of + // implementations form a loop, but we live with this improbable + // case rather than clutter the interface by forcing the // implementation of this method.) // GroupImpl g = (GroupImpl) p; diff --git a/base/util/src/netscape/security/acl/OwnerImpl.java b/base/util/src/netscape/security/acl/OwnerImpl.java index 3f47a1dd8..0e6e13e52 100644 --- a/base/util/src/netscape/security/acl/OwnerImpl.java +++ b/base/util/src/netscape/security/acl/OwnerImpl.java @@ -28,7 +28,7 @@ import java.util.Enumeration; * Class implementing the Owner interface. The * initial owner principal is configured as * part of the constructor. - * + * * @author Satish Dharmaraj */ public class OwnerImpl implements Owner { @@ -45,7 +45,7 @@ public class OwnerImpl implements Owner { * The caller principal must be a part of the owners list of the ACL in * order to invoke this method. The initial owner is configured * at ACL construction time. - * + * * @param caller the principal who is invoking this method. * @param owner The owner that should be added to the owners list. * @return true if success, false if already an owner. @@ -66,7 +66,7 @@ public class OwnerImpl implements Owner { * raised. * The caller principal must be a part of the owners list of the ACL in * order to invoke this method. - * + * * @param caller the principal who is invoking this method. * @param owner The owner to be removed from the owners list. * @return true if the owner is removed, false if the owner is not part @@ -95,7 +95,7 @@ public class OwnerImpl implements Owner { /** * returns if the given principal belongs to the owner list. - * + * * @param owner The owner to check if part of the owners list * @return true if the passed principal is in the owner list, false if not. */ diff --git a/base/util/src/netscape/security/acl/PermissionImpl.java b/base/util/src/netscape/security/acl/PermissionImpl.java index 2e73d3c7e..b20570a81 100644 --- a/base/util/src/netscape/security/acl/PermissionImpl.java +++ b/base/util/src/netscape/security/acl/PermissionImpl.java @@ -22,7 +22,7 @@ import java.security.acl.Permission; /** * The PermissionImpl class implements the permission * interface for permissions that are strings. - * + * * @author Satish Dharmaraj */ public class PermissionImpl implements Permission { @@ -31,7 +31,7 @@ public class PermissionImpl implements Permission { /** * Construct a permission object using a string. - * + * * @param permission the stringified version of the permission. */ public PermissionImpl(String permission) { @@ -41,7 +41,7 @@ public class PermissionImpl implements Permission { /** * This function returns true if the object passed matches the permission * represented in this interface. - * + * * @param another The Permission object to compare with. * @return true if the Permission objects are equal, false otherwise */ @@ -56,7 +56,7 @@ public class PermissionImpl implements Permission { /** * Prints a stringified version of the permission. - * + * * @return the string representation of the Permission. */ public String toString() { diff --git a/base/util/src/netscape/security/acl/PrincipalImpl.java b/base/util/src/netscape/security/acl/PrincipalImpl.java index 25fa11095..54de845d0 100644 --- a/base/util/src/netscape/security/acl/PrincipalImpl.java +++ b/base/util/src/netscape/security/acl/PrincipalImpl.java @@ -21,7 +21,7 @@ import java.security.Principal; /** * This class implements the principal interface. - * + * * @author Satish Dharmaraj */ public class PrincipalImpl implements Principal { @@ -30,7 +30,7 @@ public class PrincipalImpl implements Principal { /** * Construct a principal from a string user name. - * + * * @param user The string form of the principal name. */ public PrincipalImpl(String user) { @@ -40,7 +40,7 @@ public class PrincipalImpl implements Principal { /** * This function returns true if the object passed matches * the principal represented in this implementation - * + * * @param another the Principal to compare with. * @return true if the Principal passed is the same as that * encapsulated in this object, false otherwise diff --git a/base/util/src/netscape/security/acl/WorldGroupImpl.java b/base/util/src/netscape/security/acl/WorldGroupImpl.java index 2f885cbec..a8eea8a7e 100644 --- a/base/util/src/netscape/security/acl/WorldGroupImpl.java +++ b/base/util/src/netscape/security/acl/WorldGroupImpl.java @@ -21,7 +21,7 @@ import java.security.Principal; /** * This class implements a group of principals. - * + * * @author Satish Dharmaraj */ public class WorldGroupImpl extends GroupImpl { @@ -32,7 +32,7 @@ public class WorldGroupImpl extends GroupImpl { /** * returns true for all passed principals - * + * * @param member The principal whose membership must be checked in this Group. * @return true always since this is the "world" group. */ diff --git a/base/util/src/netscape/security/extensions/AuthInfoAccessExtension.java b/base/util/src/netscape/security/extensions/AuthInfoAccessExtension.java index b8e2933dd..13f8007ed 100644 --- a/base/util/src/netscape/security/extensions/AuthInfoAccessExtension.java +++ b/base/util/src/netscape/security/extensions/AuthInfoAccessExtension.java @@ -41,7 +41,7 @@ import netscape.security.x509.URIName; /** * This represents the authority information access extension * as defined in RFC2459. - * + * * id-pkix OBJECT IDENTIFIER ::= { iso(1) identified-organization(3) dod(6) * internet(1) security(5) mechanisms(5) * pkix(7) } } @@ -55,11 +55,11 @@ import netscape.security.x509.URIName; * id-ad OBJECT IDENTIFIER ::= { id-pkix 48 } * id-ad-ocsp OBJECT IDENTIFIER ::= { id-ad 1 } * id-ad-caIssuers OBJECT IDENTIFIER ::= { id-ad 2 } - * + * * Need to make sure the following is added to CMS.cfg: * oidmap.auth_info_access.class=com.netscape.certsrv.cert.AuthInfoAccessExtension * oidmap.auth_info_access.oid=1.3.6.1.5.5.7.1.1 - * + * * @author thomask * @version $Revision$, $Date$ */ @@ -83,7 +83,7 @@ public class AuthInfoAccessExtension extends Extension implements CertAttrSet { /** * Create the extension from the passed DER encoded value of the same. - * + * * @param critical true if the extension is to be treated as critical. * @param value Array of DER encoded bytes of the actual value. * @exception IOException on error. @@ -201,7 +201,7 @@ public class AuthInfoAccessExtension extends Extension implements CertAttrSet { /** * Write the extension to the DerOutputStream. - * + * * @param out the DerOutputStream to write the extension to. * @exception IOException on encoding errors. */ diff --git a/base/util/src/netscape/security/extensions/CertificateRenewalWindowExtension.java b/base/util/src/netscape/security/extensions/CertificateRenewalWindowExtension.java index 018fd71c8..f659cd1ad 100644 --- a/base/util/src/netscape/security/extensions/CertificateRenewalWindowExtension.java +++ b/base/util/src/netscape/security/extensions/CertificateRenewalWindowExtension.java @@ -33,11 +33,11 @@ import netscape.security.x509.Extension; /** * This represents the CertificateRenewalWindow extension * as defined in draft-thayes-cert-renewal-00 - * + * * CertificateRenewalWindow ::= SEQUENCE { * beginTime GeneralizedTime, * endTime GeneralizedTime OPTIONAL } - * + * * @author thomask * @version $Revision$, $Date$ */ @@ -161,7 +161,7 @@ public class CertificateRenewalWindowExtension extends Extension /** * Write the extension to the DerOutputStream. - * + * * @param out the DerOutputStream to write the extension to. * @exception IOException on encoding errors. */ diff --git a/base/util/src/netscape/security/extensions/CertificateScopeEntry.java b/base/util/src/netscape/security/extensions/CertificateScopeEntry.java index 527093ccf..0e16a1d35 100644 --- a/base/util/src/netscape/security/extensions/CertificateScopeEntry.java +++ b/base/util/src/netscape/security/extensions/CertificateScopeEntry.java @@ -27,13 +27,13 @@ import netscape.security.x509.GeneralName; /** * This represents the CertificateScopeOfUse extension * as defined in draft-thayes-cert-scope-00 - * + * * CertificateScopeEntry ::= SEQUENCE { * name GeneralName, -- pattern, as for NameConstraints * portNumber INTEGER OPTIONAL * } * CertificateScopeOfUse ::= SEQUENCE OF CertificateScopeEntry - * + * * @author thomask * @version $Revision$, $Date$ */ diff --git a/base/util/src/netscape/security/extensions/CertificateScopeOfUseExtension.java b/base/util/src/netscape/security/extensions/CertificateScopeOfUseExtension.java index 16641f36b..7055ad9d1 100644 --- a/base/util/src/netscape/security/extensions/CertificateScopeOfUseExtension.java +++ b/base/util/src/netscape/security/extensions/CertificateScopeOfUseExtension.java @@ -34,13 +34,13 @@ import netscape.security.x509.OIDMap; /** * This represents the CertificateScopeOfUse extension * as defined in draft-thayes-cert-scope-00 - * + * * CertificateScopeEntry ::= SEQUENCE { * name GeneralName, -- pattern, as for NameConstraints * portNumber INTEGER OPTIONAL * } * CertificateScopeOfUse ::= SEQUENCE OF CertificateScopeEntry - * + * * @author thomask * @version $Revision$, $Date$ */ @@ -166,7 +166,7 @@ public class CertificateScopeOfUseExtension extends Extension /** * Write the extension to the DerOutputStream. - * + * * @param out the DerOutputStream to write the extension to. * @exception IOException on encoding errors. */ diff --git a/base/util/src/netscape/security/extensions/GenericASN1Extension.java b/base/util/src/netscape/security/extensions/GenericASN1Extension.java index ff1ea7173..778f9cdf5 100644 --- a/base/util/src/netscape/security/extensions/GenericASN1Extension.java +++ b/base/util/src/netscape/security/extensions/GenericASN1Extension.java @@ -173,7 +173,7 @@ public class GenericASN1Extension extends Extension /** * Create a GenericASN1Extension with the value and oid. * The criticality is set to false. - * + * * @param the values to be set for the extension. */ public GenericASN1Extension(String name, String oid, String pattern, boolean critical, @@ -199,7 +199,7 @@ public class GenericASN1Extension extends Extension /** * Create a GenericASN1Extension with the value and oid. * The criticality is set to false. - * + * * @param the values to be set for the extension. */ public GenericASN1Extension(Hashtable config) @@ -228,7 +228,7 @@ public class GenericASN1Extension extends Extension /** * Create the extension from the passed DER encoded value of the same. - * + * * @param critical true if the extension is to be treated as critical. * @param value Array of DER encoded bytes of the actual value. * @exception IOException on error. @@ -276,7 +276,7 @@ public class GenericASN1Extension extends Extension /** * Decode the extension from the InputStream. - * + * * @param in the InputStream to unmarshal the contents from. * @exception IOException on decoding or validity errors. */ @@ -286,7 +286,7 @@ public class GenericASN1Extension extends Extension /** * Write the extension to the DerOutputStream. - * + * * @param out the DerOutputStream to write the extension to. * @exception IOException on encoding errors. */ diff --git a/base/util/src/netscape/security/extensions/InhibitAnyPolicyExtension.java b/base/util/src/netscape/security/extensions/InhibitAnyPolicyExtension.java index 81b8cf5b5..5295cf6a1 100644 --- a/base/util/src/netscape/security/extensions/InhibitAnyPolicyExtension.java +++ b/base/util/src/netscape/security/extensions/InhibitAnyPolicyExtension.java @@ -34,11 +34,11 @@ import netscape.security.x509.OIDMap; /** * RFC3280: - * + * * id-ce-inhibitAnyPolicy OBJECT IDENTIFIER ::= { id-ce 54 } - * + * * InhibitAnyPolicy ::= SkipCerts - * + * * SkipCerts ::= INTEGER (0..MAX) */ public class InhibitAnyPolicyExtension diff --git a/base/util/src/netscape/security/extensions/KerberosName.java b/base/util/src/netscape/security/extensions/KerberosName.java index 0a6a6e213..cf1ddc0a8 100644 --- a/base/util/src/netscape/security/extensions/KerberosName.java +++ b/base/util/src/netscape/security/extensions/KerberosName.java @@ -31,17 +31,17 @@ import netscape.security.util.ObjectIdentifier; /** * This represents a KerberosName as defined in * RFC 1510. - * + * * KerberosName ::= SEQUENCE { * realm [0] Realm, * principalName [1] CertPrincipalName -- defined above * } - * + * * CertPrincipalName ::= SEQUENCE { * name-type[0] INTEGER, * name-string[1] SEQUENCE OF UTF8String * } - * + * * @author thomask * @version $Revision$, $Date$ */ @@ -63,7 +63,7 @@ public class KerberosName { /** * Write the extension to the DerOutputStream. - * + * * @param out the DerOutputStream to write the extension to. * @exception IOException on encoding errors. */ diff --git a/base/util/src/netscape/security/extensions/NSCertTypeExtension.java b/base/util/src/netscape/security/extensions/NSCertTypeExtension.java index 04b3038e5..9865cde0a 100644 --- a/base/util/src/netscape/security/extensions/NSCertTypeExtension.java +++ b/base/util/src/netscape/security/extensions/NSCertTypeExtension.java @@ -33,11 +33,11 @@ import netscape.security.x509.Extension; /** * NSCertTypeExtension * Represents Netscape Certificate Type Extension - * + * *

* This deprecated extension, if present, defines both the purpose (e.g., encipherment, signature, certificate signing) * and the application (e.g., SSL, S/Mime or Object Signing of the key contained in the certificate. - * + * * @author galperin * @version $Revision$, $Date$ */ @@ -142,7 +142,7 @@ public class NSCertTypeExtension extends Extension implements CertAttrSet { /** * Check if bit is set. - * + * * @param position the position in the bit string to check. */ public boolean isSet(int position) { @@ -201,7 +201,7 @@ public class NSCertTypeExtension extends Extension implements CertAttrSet { /** * Create a NSCertTypeExtension with the passed bit settings. * The criticality is set to false. - * + * * @param bitString the bits to be set for the extension. */ public NSCertTypeExtension(boolean critical, byte[] bitString) throws IOException { @@ -220,7 +220,7 @@ public class NSCertTypeExtension extends Extension implements CertAttrSet { /** * Create the extension from the passed DER encoded value of the same. - * + * * @param critical true if the extension is to be treated as critical. * @param value Array of DER encoded bytes of the actual value. * @exception IOException on error. @@ -331,7 +331,7 @@ public class NSCertTypeExtension extends Extension implements CertAttrSet { /** * Decode the extension from the InputStream. - * + * * @param in the InputStream to unmarshal the contents from. * @exception IOException on decoding or validity errors. */ @@ -341,7 +341,7 @@ public class NSCertTypeExtension extends Extension implements CertAttrSet { /** * Write the extension to the DerOutputStream. - * + * * @param out the DerOutputStream to write the extension to. * @exception IOException on encoding errors. */ diff --git a/base/util/src/netscape/security/extensions/SubjectInfoAccessExtension.java b/base/util/src/netscape/security/extensions/SubjectInfoAccessExtension.java index 5c373289f..6bd5c95b6 100644 --- a/base/util/src/netscape/security/extensions/SubjectInfoAccessExtension.java +++ b/base/util/src/netscape/security/extensions/SubjectInfoAccessExtension.java @@ -41,7 +41,7 @@ import netscape.security.x509.URIName; /** * This represents the subject information access extension * as defined in RFC3280. - * + * * @author thomask * @version $Revision$, $Date$ */ @@ -65,7 +65,7 @@ public class SubjectInfoAccessExtension extends Extension implements CertAttrSet /** * Create the extension from the passed DER encoded value of the same. - * + * * @param critical true if the extension is to be treated as critical. * @param value Array of DER encoded bytes of the actual value. * @exception IOException on error. @@ -183,7 +183,7 @@ public class SubjectInfoAccessExtension extends Extension implements CertAttrSet /** * Write the extension to the DerOutputStream. - * + * * @param out the DerOutputStream to write the extension to. * @exception IOException on encoding errors. */ diff --git a/base/util/src/netscape/security/pkcs/ContentInfo.java b/base/util/src/netscape/security/pkcs/ContentInfo.java index 9825494c2..d6a4db7c6 100644 --- a/base/util/src/netscape/security/pkcs/ContentInfo.java +++ b/base/util/src/netscape/security/pkcs/ContentInfo.java @@ -26,7 +26,7 @@ import netscape.security.util.ObjectIdentifier; /** * A ContentInfo type, as defined in PKCS#7. - * + * * @version 1.12 * @author Benjamin Renaud */ diff --git a/base/util/src/netscape/security/pkcs/PKCS10.java b/base/util/src/netscape/security/pkcs/PKCS10.java index a6ddd203f..2d1c8eadb 100644 --- a/base/util/src/netscape/security/pkcs/PKCS10.java +++ b/base/util/src/netscape/security/pkcs/PKCS10.java @@ -43,28 +43,28 @@ import netscape.security.x509.X509Key; * the entity which created the certificate request. These cert requests * basically consist of the subject's X.500 name and public key, signed * using the corresponding private key. - * + * * The ASN.1 syntax for a Certification Request is: - * + * * 

  * CertificationRequest ::= SEQUENCE {
  *    certificationRequestInfo CertificationRequestInfo,
  *    signatureAlgorithm       SignatureAlgorithmIdentifier,
  *    signature                Signature
  *  }
- * 
+ *
  * SignatureAlgorithmIdentifier ::= AlgorithmIdentifier
  * Signature ::= BIT STRING
- * 
+ *
  * CertificationRequestInfo ::= SEQUENCE {
  *    version                 Version,
  *    subject                 Name,
  *    subjectPublicKeyInfo    SubjectPublicKeyInfo,
  *    attributes [0] IMPLICIT Attributes
- * }    
+ * }
  * Attributes ::= SET OF Attribute
  *
- * + * * @author David Brownell * @author Amit Kapoor * @author Hemma Prafullchandra @@ -75,7 +75,7 @@ public class PKCS10 { * Constructs an unsigned PKCS #10 certificate request. Before this * request may be used, it must be encoded and signed. Then it * must be retrieved in some conventional format (e.g. string). - * + * * @param publicKey the public key that should be placed * into the certificate generated by the CA. */ @@ -88,7 +88,7 @@ public class PKCS10 { * Constructs an unsigned PKCS #10 certificate request. Before this * request may be used, it must be encoded and signed. Then it * must be retrieved in some conventional format (e.g. string). - * + * * @param publicKey the public key that should be placed * into the certificate generated by the CA. * @param attributes additonal set of PKCS10 attributes requested @@ -107,7 +107,7 @@ public class PKCS10 { * the request's signature as it does so. This constructor would * typically be used by a Certificate Authority, from which a new * certificate would then be constructed. - * + * * @param data the DER-encoded PKCS #10 request. * @param sigver boolean specifies signature verification enabled or not * @exception IOException for low level errors reading the data @@ -207,7 +207,7 @@ public class PKCS10 { /** * Create the signed certificate request. This will later be * retrieved in either string or binary format. - * + * * @param requester identifies the signer (by X.500 name) * and provides the private key used to sign. * @exception IOException on errors. @@ -284,7 +284,7 @@ public class PKCS10 { /** * Returns the encoded and signed certificate request as a * DER-encoded byte array. - * + * * @return the certificate request, or null if encodeAndSign() * has not yet been called. */ @@ -299,7 +299,7 @@ public class PKCS10 { * used this for some time. Some certificate authorities expect some * more information, in particular contact information for the web * server administrator. - * + * * @param out the print stream where the certificate request * will be printed. * @exception IOException when an output operation failed diff --git a/base/util/src/netscape/security/pkcs/PKCS10Attribute.java b/base/util/src/netscape/security/pkcs/PKCS10Attribute.java index a649c395a..eae4b0479 100644 --- a/base/util/src/netscape/security/pkcs/PKCS10Attribute.java +++ b/base/util/src/netscape/security/pkcs/PKCS10Attribute.java @@ -37,17 +37,17 @@ import netscape.security.x509.OIDMap; /** * Represent a PKCS Attribute. - * + * *

* Attributes are addiitonal attributes which can be inserted in a PKCS certificate request. For example a * "Driving License Certificate" could have the driving license number as a attribute. - * + * *

* Attributes are represented as a sequence of the attribute identifier (Object Identifier) and a set of DER encoded * attribute values. The current implementation only supports one value per attribute. - * + * * ASN.1 definition of Attribute: - * + * * 

  * Attribute :: SEQUENCE {
  *    type    AttributeValue,
@@ -55,7 +55,7 @@ import netscape.security.x509.OIDMap;
  * }
  * AttributeValue ::= ANY
  *
- * + * * @author Amit Kapoor * @author Hemma Prafullchandra * @version 1.13 @@ -127,8 +127,8 @@ public class PKCS10Attribute implements DerEncoder, Serializable { Object[] passed = new Object[] { value }; attributeValue = cons.newInstance(passed); } else { - // attribute classes are usable for PKCS10 attributes. - // this is used where the attributes are not actual + // attribute classes are usable for PKCS10 attributes. + // this is used where the attributes are not actual // implemented extensions. attributeValue = new ACertAttrSet(inAttrValue); } @@ -142,7 +142,7 @@ public class PKCS10Attribute implements DerEncoder, Serializable { /** * Constructs an attribute from individual components of ObjectIdentifier * and the DER encoded value. - * + * * @param attributeId the ObjectIdentifier of the attribute. * @param attributeValue the CertAttrSet. */ @@ -155,7 +155,7 @@ public class PKCS10Attribute implements DerEncoder, Serializable { /** * Constructs an attribute from another attribute. To be used for * creating decoded subclasses. - * + * * @param attr the attribute to create from. */ public PKCS10Attribute(PKCS10Attribute attr) { @@ -165,7 +165,7 @@ public class PKCS10Attribute implements DerEncoder, Serializable { /** * Write the output to the DerOutputStream. - * + * * @param out the OutputStream to write the attribute to. * @exception CertificateException on certificate encoding errors. * @exception IOException on encoding errors. @@ -196,10 +196,10 @@ public class PKCS10Attribute implements DerEncoder, Serializable { /** * DER encode this object onto an output stream. * Implements the DerEncoder interface. - * + * * @param out * the OutputStream on which to write the DER encoding. - * + * * @exception IOException on encoding errors. */ public void derEncode(OutputStream out) throws IOException { diff --git a/base/util/src/netscape/security/pkcs/PKCS10Attributes.java b/base/util/src/netscape/security/pkcs/PKCS10Attributes.java index 8beb1e64c..d9b463b5f 100644 --- a/base/util/src/netscape/security/pkcs/PKCS10Attributes.java +++ b/base/util/src/netscape/security/pkcs/PKCS10Attributes.java @@ -30,7 +30,7 @@ import netscape.security.util.DerValue; /** * This class defines the PKCS10 attributes for the request. - * + * * @author Amit Kapoor * @author Hemma Prafullchandra * @version 1.10 @@ -52,7 +52,7 @@ public class PKCS10Attributes extends Vector implements DerEnco /** * Create the object, decoding the values from the passed DER stream. - * + * * @param in the DerInputStream to read the attributes from. * @exception IOException on decoding errors. */ @@ -73,9 +73,9 @@ public class PKCS10Attributes extends Vector implements DerEnco /** * Encode the attributes in DER form to the stream. - * + * * @param out the OutputStream to marshal the contents to. - * + * * @exception IOException on encoding errors. */ public void encode(OutputStream out) @@ -86,7 +86,7 @@ public class PKCS10Attributes extends Vector implements DerEnco /** * Encode the attributes in DER form to the stream. * Implements the DerEncoder interface. - * + * * @param out the OutputStream to marshal the contents to. * @exception IOException on encoding errors. */ diff --git a/base/util/src/netscape/security/pkcs/PKCS7.java b/base/util/src/netscape/security/pkcs/PKCS7.java index c8fb69582..26a0bdb34 100644 --- a/base/util/src/netscape/security/pkcs/PKCS7.java +++ b/base/util/src/netscape/security/pkcs/PKCS7.java @@ -43,7 +43,7 @@ import netscape.security.x509.X509CertImpl; * type, where to the type of data signed is plain Data. * For signedData, crls, attributes and * PKCS#6 Extended Certificates are not supported. - * + * * @version 1.33 97/12/10 * @author Benjamin Renaud */ @@ -61,7 +61,7 @@ public class PKCS7 { /** * Unmarshals a PKCS7 block from its encoded form, parsing the * encoded bytes from the InputStream. - * + * * @param in an input stream holding at least one PKCS7 block. * @exception ParsingException on parsing errors. * @exception IOException on other errors. @@ -93,7 +93,7 @@ public class PKCS7 { /** * Unmarshals a PKCS7 block from its encoded form, parsing the * encoded bytes from the DerInputStream. - * + * * @param derin a DerInputStream holding at least one PKCS7 block. * @exception ParsingException on parsing errors. */ @@ -104,7 +104,7 @@ public class PKCS7 { /** * Unmarshals a PKCS7 block from its encoded form, parsing the * encoded bytes. - * + * * @param bytes the encoded bytes. * @exception ParsingException on parsing errors. */ @@ -133,7 +133,7 @@ public class PKCS7 { /** * Construct an initialized PKCS7 block. - * + * * @param digestAlgorithmIds the message digest algorithm identifiers. * @param contentInfo the content information. * @param certificates an array of X.509 certificates. @@ -224,7 +224,7 @@ public class PKCS7 { /** * Encodes the signed data to an output stream. - * + * * @param out the output stream to write the encoded data to. * @exception IOException on encoding errors. */ @@ -254,7 +254,7 @@ public class PKCS7 { /** * Encodes the signed data to a DerOutputStream. - * + * * @param out the DerOutputStream to write the encoded data to. * @exception IOException on encoding errors. */ @@ -313,10 +313,10 @@ public class PKCS7 { /** * This verifies a given SignerInfo. - * + * * @param info the signer information. * @param bytes the DER encoded content information. - * + * * @exception NoSuchAlgorithmException on unrecognized algorithms. * @exception SignatureException on signature handling errors. */ @@ -327,9 +327,9 @@ public class PKCS7 { /** * Returns all signerInfos which self-verify. - * + * * @param bytes the DER encoded content information. - * + * * @exception NoSuchAlgorithmException on unrecognized algorithms. * @exception SignatureException on signature handling errors. */ @@ -355,7 +355,7 @@ public class PKCS7 { /** * Returns all signerInfos which self-verify. - * + * * @exception NoSuchAlgorithmException on unrecognized algorithms. * @exception SignatureException on signature handling errors. */ @@ -403,7 +403,7 @@ public class PKCS7 { * Returns the X.509 certificate listed in this PKCS7 block * which has a matching serial number and Issuer name, or * null if one is not found. - * + * * @param serial the serial number of the certificate to retrieve. * @param name the Distinguished Name of the Issuer. */ diff --git a/base/util/src/netscape/security/pkcs/PKCS8Key.java b/base/util/src/netscape/security/pkcs/PKCS8Key.java index 7c5f64582..db1d6b275 100644 --- a/base/util/src/netscape/security/pkcs/PKCS8Key.java +++ b/base/util/src/netscape/security/pkcs/PKCS8Key.java @@ -39,7 +39,7 @@ import netscape.security.x509.AlgorithmId; /** * Holds a PKCS#8 key, for example a private key - * + * * @version 1.30, 97/12/10 * @author Dave Brownell * @author Benjamin Renaud @@ -74,12 +74,12 @@ public class PKCS8Key implements PrivateKey { * the runtime environment is configured with a specific class for * this kind of key, a subclass is returned. Otherwise, a generic * PKCS8Key object is returned. - * + * *

* This mechanism gurantees that keys (and algorithms) may be freely manipulated and transferred, without risk of * losing information. Also, when a key (or algorithm) needs some special handling, that specific need can be * accomodated. - * + * * @param in the DER-encoded SubjectPublicKeyInfo value * @exception IOException on data format errors */ @@ -117,11 +117,11 @@ public class PKCS8Key implements PrivateKey { * keys encapsulate two unsigned integers (modulus and exponent) as * DER values within the key bits; Diffie-Hellman and * DSS/DSA keys encapsulate a single unsigned integer. - * + * *

* This function is called when creating PKCS#8 SubjectPublicKeyInfo values using the PKCS8Key member functions, * such as parse and decode. - * + * * @exception IOException if a parsing error occurs. * @exception InvalidKeyException if the key encoding is invalid. */ @@ -248,7 +248,7 @@ public class PKCS8Key implements PrivateKey { /** * Returns the DER-encoded form of the key as a byte array. - * + * * @exception InvalidKeyException if an encoding error occurs. */ public byte[] encode() throws InvalidKeyException { @@ -286,14 +286,14 @@ public class PKCS8Key implements PrivateKey { * PKCS#8 format: a sequence consisting of a version, an algorithm * ID and a bit string which holds the key. (That bit string is * often used to encapsulate another DER encoded sequence.) - * + * *

* Subclasses should not normally redefine this method; they should instead provide a parseKeyBits * method to parse any fields inside the key member. - * + * * @param in an input stream with a DER-encoded PKCS#8 * SubjectPublicKeyInfo value - * + * * @exception InvalidKeyException if a parsing error occurs. */ public void decode(InputStream in) throws InvalidKeyException { @@ -381,7 +381,7 @@ public class PKCS8Key implements PrivateKey { * to compare is not of type Key. * Otherwise, the encoding of this key object is compared with the * encoding of the given key object. - * + * * @param object the object with which to compare * @return true if this key has the same encoding as the * object argument; false otherwise. diff --git a/base/util/src/netscape/security/pkcs/PKCS9Attribute.java b/base/util/src/netscape/security/pkcs/PKCS9Attribute.java index 6a6fd7dc9..1239ccaf3 100644 --- a/base/util/src/netscape/security/pkcs/PKCS9Attribute.java +++ b/base/util/src/netscape/security/pkcs/PKCS9Attribute.java @@ -34,7 +34,7 @@ import netscape.security.x509.CertificateExtensions; * Class supporting any PKCS9 attribute except * ExtendedCertificateAttribute. Supports DER decoding and access to * attribute values, but not DER encoding or setting of values. - * + * * @version 1.2 97/12/10 * @author Douglas Hoover */ @@ -51,7 +51,7 @@ public class PKCS9Attribute implements DerEncoder { * Array of attribute OIDs defined in PKCS9, by number. */ static final ObjectIdentifier[] PKCS9_OIDS = - //new ObjectIdentifier[10]; + //new ObjectIdentifier[10]; // There are some Obsolete(?) attribute identifiers. // This is mainly for extensionRequest (14) in pkcs10. // We just add the other 4 as by products. @@ -174,118 +174,118 @@ public class PKCS9Attribute implements DerEncoder { /** * Class types required for values for a given PKCS9 * attribute type. - * + * *

* The following table shows the correspondence between attribute types and value component classes. - * + * *

* - * + * * * * * * * - * + * * * * * * * - * + * * * * * * * - * + * * * * * * * - * + * * * * * * * - * + * * * * * * * - * + * * * * * * * - * + * * * * * * * - * + * * * * * * * - * + * * * * * * * - * + * * * * * * * - * + * * * * * * * - * + * * * * * * * - * + * * * * * * * - * + * * * * * * * - * + * *
OIDAttribute Type NameKindValue Class
1.2.840.113549.1.9.1EmailAddressMultiple-valuedString[]
1.2.840.113549.1.9.2UnstructuredNameMultiple-valuedString
1.2.840.113549.1.9.3ContentTypeSingle-valuedObjectIdentifier
1.2.840.113549.1.9.4MessageDigestSingle-valuedbyte[]
1.2.840.113549.1.9.5SigningTimeSingle-valuedDate
1.2.840.113549.1.9.6CountersignatureMultiple-valuedSignerInfo
1.2.840.113549.1.9.7ChallengePasswordSingle-valuedString
1.2.840.113549.1.9.8UnstructuredAddressSingle-valuedString
1.2.840.113549.1.9.9ExtendedCertificateAttributesMultiple-valued(not supported)
1.2.840.113549.1.9.10IssuerAndSerialNumberSingle-valued(not supported)
1.2.840.113549.1.9.11PasswordCheckSingle-valued(not supported)
1.2.840.113549.1.9.12PublicKeySingle-valued(not supported)
1.2.840.113549.1.9.13SigningDescriptionSingle-valued(not supported)
1.2.840.113549.1.9.14ExtensionRequestSingle-valuedSequence
*/ private static final Class[] VALUE_CLASSES = new Class[15]; @@ -348,118 +348,118 @@ public class PKCS9Attribute implements DerEncoder { * value. If the attribute is * multiple-valued, provide an array containing all the values. * Arrays of length zero are accepted, though probably useless. - * + * *

* The following table gives the class that value must have for a given attribute. - * + * *

* - * + * * * * * * * - * + * * * * * * * - * + * * * * * * * - * + * * * * * * * - * + * * * * * * * - * + * * * * * * * - * + * * * * * * * - * + * * * * * * * - * + * * * * * * * - * + * * * * * * * - * + * * * * * * * - * + * * * * * * * - * + * * * * * * * - * + * * * * * * * - * + * * * * * * * - * + * *
OIDAttribute Type NameKindValue Class
1.2.840.113549.1.9.1EmailAddressMultiple-valuedString[]
1.2.840.113549.1.9.2UnstructuredNameMultiple-valuedString[]
1.2.840.113549.1.9.3ContentTypeSingle-valuedObjectIdentifier
1.2.840.113549.1.9.4MessageDigestSingle-valuedbyte[]
1.2.840.113549.1.9.5SigningTimeSingle-valuedDate
1.2.840.113549.1.9.6CountersignatureMultiple-valuedSignerInfo[]
1.2.840.113549.1.9.7ChallengePasswordSingle-valuedString
1.2.840.113549.1.9.8UnstructuredAddressSingle-valuedString[]
1.2.840.113549.1.9.9ExtendedCertificateAttributesMultiple-valued(not supported)
1.2.840.113549.1.9.10IssuerAndSerialNumberSingle-valued(not supported)
1.2.840.113549.1.9.11PasswordCheckSingle-valued(not supported)
1.2.840.113549.1.9.12PublicKeySingle-valued(not supported)
1.2.840.113549.1.9.13SigningDescriptionSingle-valued(not supported)
1.2.840.113549.1.9.14ExtensionRequestSingle-valuedSequence
*/ public PKCS9Attribute(ObjectIdentifier oid, Object value) @@ -474,121 +474,121 @@ public class PKCS9Attribute implements DerEncoder { * value. If the attribute is * multiple-valued, provide an array containing all the values. * Arrays of length zero are accepted, though probably useless. - * + * *

* The following table gives the class that value must have for a given attribute. Reasonable variants * of these attributes are accepted; in particular, case does not matter. - * + * *

* - * + * * * * * * * - * + * * * * * * * - * + * * * * * * * - * + * * * * * * * - * + * * * * * * * - * + * * * * * * * - * + * * * * * * * - * + * * * * * * * - * + * * * * * * * - * + * * * * * * * - * + * * * * * * * - * + * * * * * * * - * + * * * * * * * - * + * * * * * * * - * + * * * * * * * - * + * *
OIDAttribute Type NameKindValue Class
1.2.840.113549.1.9.1EmailAddressMultiple-valuedString[]
1.2.840.113549.1.9.2UnstructuredNameMultiple-valuedString[]
1.2.840.113549.1.9.3ContentTypeSingle-valuedObjectIdentifier
1.2.840.113549.1.9.4MessageDigestSingle-valuedbyte[]
1.2.840.113549.1.9.5SigningTimeSingle-valuedDate
1.2.840.113549.1.9.6CountersignatureMultiple-valuedSignerInfo[]
1.2.840.113549.1.9.7ChallengePasswordSingle-valuedString
1.2.840.113549.1.9.8UnstructuredAddressSingle-valuedString[]
1.2.840.113549.1.9.9ExtendedCertificateAttributesMultiple-valued(not supported)
1.2.840.113549.1.9.10IssuerAndSerialNumberSingle-valued(not supported)
1.2.840.113549.1.9.11PasswordCheckSingle-valued(not supported)
1.2.840.113549.1.9.12PublicKeySingle-valued(not supported)
1.2.840.113549.1.9.13SigningDescriptionSingle-valued(not supported)
1.2.840.113549.1.9.14ExtensionRequestSingle-valuedSequence
- * + * * @exception IllegalArgumentException * if the name is not recognized of the value has the wrong type. */ @@ -628,7 +628,7 @@ public class PKCS9Attribute implements DerEncoder { /** * Construct a PKCS9Attribute from its encoding on an input * stream. - * + * * @exception IOException on parsing error. */ public PKCS9Attribute(DerValue derVal) throws IOException { @@ -638,7 +638,7 @@ public class PKCS9Attribute implements DerEncoder { /** * Decode a PKCS9 attribute. - * + * * @param val * the DerValue representing the DER encoding of the attribute. */ @@ -752,7 +752,7 @@ public class PKCS9Attribute implements DerEncoder { /** * Write the DER encoding of this attribute to an output stream. - * + * *

* N.B.: This method always encodes values of ChallengePassword and UnstructuredAddress attributes as ASN.1 * PrintableStrings, without checking whether they should be encoded as T61Strings. @@ -876,120 +876,120 @@ public class PKCS9Attribute implements DerEncoder { * single-valued, return just the one value. If the attribute is * multiple-valued, return an array containing all the values. * It is possible for this array to be of length 0. - * + * *

* The following table gives the class of the value returned, depending on the type of this attribute. - * + * *

* - * + * * * * * * * - * + * * * * * * * - * + * * * * * * * - * + * * * * * * * - * + * * * * * * * - * + * * * * * * * - * + * * * * * * * - * + * * * * * * * - * + * * * * * * * - * + * * * * * * * - * + * * * * * * * - * + * * * * * * * - * + * * * * * * * - * + * * * * * * * - * + * * * * * * * - * + * *
OIDAttribute Type NameKindValue Class
1.2.840.113549.1.9.1EmailAddressMultiple-valuedString[]
1.2.840.113549.1.9.2UnstructuredNameMultiple-valuedString[]
1.2.840.113549.1.9.3ContentTypeSingle-valuedObjectIdentifier
1.2.840.113549.1.9.4MessageDigestSingle-valuedbyte[]
1.2.840.113549.1.9.5SigningTimeSingle-valuedDate
1.2.840.113549.1.9.6CountersignatureMultiple-valuedSignerInfo[]
1.2.840.113549.1.9.7ChallengePasswordSingle-valuedString
1.2.840.113549.1.9.8UnstructuredAddressSingle-valuedString[]
1.2.840.113549.1.9.9ExtendedCertificateAttributesMultiple-valued(not supported)
1.2.840.113549.1.9.10IssuerAndSerialNumberSingle-valued(not supported)
1.2.840.113549.1.9.11PasswordCheckSingle-valued(not supported)
1.2.840.113549.1.9.12PublicKeySingle-valued(not supported)
1.2.840.113549.1.9.13SigningDescriptionSingle-valued(not supported)
1.2.840.113549.1.9.14ExtensionRequestSingle-valuedSequence
- * + * */ public Object getValue() { return value; @@ -1073,7 +1073,7 @@ public class PKCS9Attribute implements DerEncoder { /** * Beginning the search at start, find the first * index i such that a[i] = obj. - * + * * @return the index, if found, and -1 otherwise. */ static int indexOf(Object obj, Object[] a, int start) { diff --git a/base/util/src/netscape/security/pkcs/PKCS9Attributes.java b/base/util/src/netscape/security/pkcs/PKCS9Attributes.java index 485cdded1..39bf2340e 100644 --- a/base/util/src/netscape/security/pkcs/PKCS9Attributes.java +++ b/base/util/src/netscape/security/pkcs/PKCS9Attributes.java @@ -29,7 +29,7 @@ import netscape.security.util.ObjectIdentifier; /** * A set of attributes of class PKCS9Attribute. - * + * * @version 1.2 97/12/10 * @author Douglas Hoover */ @@ -57,16 +57,16 @@ public class PKCS9Attributes { * with OIDs on the given * list. If the array is null, accept all attributes supported by * class PKCS9Attribute. - * + * * @param permittedAttributes * Array of attribute OIDs that will be accepted. * @param buf * the contents of the DER encoding of the attribute set. - * + * * @exception IOException * on i/o error, encoding syntax error, unacceptable or * unsupported attribute, or duplicate attribute. - * + * * @see PKCS9Attribute */ public PKCS9Attributes(ObjectIdentifier[] permittedAttributes, @@ -90,11 +90,11 @@ public class PKCS9Attributes { * Construct a set of PKCS9 Attributes from its contents of its * DER encoding on a DerInputStream. Accept all attributes * supported by class PKCS9Attribute. - * + * * @exception IOException * on i/o error, encoding syntax error, or unsupported or * duplicate attribute. - * + * * @see PKCS9Attribute */ public PKCS9Attributes(DerInputStream in) throws IOException { @@ -109,11 +109,11 @@ public class PKCS9Attributes { * PCK9 attributes. * DER encoding on a DerInputStream. All attributes in attribs must be * supported by class PKCS9Attribute. - * + * * @exception IOException * on i/o error, encoding syntax error, or unsupported or * duplicate attribute. - * + * * @see PKCS9Attribute */ public PKCS9Attributes(PKCS9Attribute[] attribs) @@ -136,10 +136,10 @@ public class PKCS9Attributes { /** * Decode this set of PKCS9 attribute set from the contents of its * DER encoding. - * + * * @param buf * the contents of the DER encoding of the attribute set. - * + * * @exception IOException * on i/o error, encoding syntax error, unacceptable or * unsupported attribute, or duplicate attribute. @@ -179,10 +179,10 @@ public class PKCS9Attributes { /** * Put the DER encoding of this PKCS9 attribute set on an * DerOutputStream, tagged with the given implicit tag. - * + * * @param tag the implicit tag to use in the DER encoding. * @param out the output stream on which to put the DER encoding. - * + * * @exception IOException on output error. */ public void encode(byte tag, OutputStream out) throws IOException { @@ -282,7 +282,7 @@ public class PKCS9Attributes { if (value == null) continue; - // we have a value; print it + // we have a value; print it if (first) first = false; else diff --git a/base/util/src/netscape/security/pkcs/SignerInfo.java b/base/util/src/netscape/security/pkcs/SignerInfo.java index adb0115cc..794033c87 100644 --- a/base/util/src/netscape/security/pkcs/SignerInfo.java +++ b/base/util/src/netscape/security/pkcs/SignerInfo.java @@ -38,7 +38,7 @@ import netscape.security.x509.X500Name; /** * A SignerInfo, as defined in PKCS#7's signedData type. - * + * * @author Benjamin Renaud * @version 1.27 97/12/10 */ @@ -110,7 +110,7 @@ public class SignerInfo implements DerEncoder { authenticatedAttributes = new PKCS9Attributes(derin); } - // digestEncryptionAlgorithmId - little RSA naming scheme - + // digestEncryptionAlgorithmId - little RSA naming scheme - // signature == encryption... tmp = derin.getDerValue(); @@ -141,10 +141,10 @@ public class SignerInfo implements DerEncoder { /** * DER encode this object onto an output stream. * Implements the DerEncoder interface. - * + * * @param out * the output stream on which to write the DER encoding. - * + * * @exception IOException on encoding error. */ public void derEncode(OutputStream out) throws IOException { @@ -229,11 +229,11 @@ public class SignerInfo implements DerEncoder { return null; } - // message digest attribute matched + // message digest attribute matched // digest of original data - // the data actually signed is the DER encoding of - // the authenticated attributes (tagged with + // the data actually signed is the DER encoding of + // the authenticated attributes (tagged with // the "SET OF" tag, not 0xA0). dataSigned = authenticatedAttributes.getDerEncoding(); } diff --git a/base/util/src/netscape/security/provider/DSA.java b/base/util/src/netscape/security/provider/DSA.java index 262095576..c9dc6c546 100644 --- a/base/util/src/netscape/security/provider/DSA.java +++ b/base/util/src/netscape/security/provider/DSA.java @@ -40,11 +40,11 @@ import netscape.security.util.DerValue; * The Digital Signature Standard (using the Digital Signature * Algorithm), as described in fips186 of the National Instute of * Standards and Technology (NIST), using fips180-1 (SHA-1). - * + * * @author Benjamin Renaud - * + * * @version 1.86, 97/09/17 - * + * * @see DSAPublicKey * @see DSAPrivateKey */ @@ -95,9 +95,9 @@ public final class DSA extends Signature { /** * Initialize the DSA object with a DSA private key. - * + * * @param privateKey the DSA private key - * + * * @exception InvalidKeyException if the key is not a valid DSA private * key. */ @@ -116,9 +116,9 @@ public final class DSA extends Signature { /** * Initialize the DSA object with a DSA public key. - * + * * @param publicKey the DSA public key. - * + * * @exception InvalidKeyException if the key is not a valid DSA public * key. */ @@ -143,13 +143,13 @@ public final class DSA extends Signature { * Sign all the data thus far updated. The signature is formatted * according to the Canonical Encoding Rules, returned as a DER * sequence of Integer, r and s. - * + * * @return a signature block formatted according to the Canonical * Encoding Rules. - * + * * @exception SignatureException if the signature object was not * properly initialized, or if another exception occurs. - * + * * @see netscape.security.provider.DSA#engineUpdate * @see netscape.security.provider.DSA#engineVerify */ @@ -178,13 +178,13 @@ public final class DSA extends Signature { /** * Verify all the data thus far updated. - * + * * @param signature the alledged signature, encoded using the * Canonical Encoding Rules, as a sequence of integers, r and s. - * + * * @exception SignatureException if the signature object was not * properly initialized, or if another exception occurs. - * + * * @see netscape.security.provider.DSA#engineUpdate * @see netscape.security.provider.DSA#engineSign */ @@ -327,11 +327,11 @@ public final class DSA extends Signature { /** * Compute k for a DSA signature. - * + * * @param seed the seed for generating k. This seed should be * secure. This is what is refered to as the KSEED in the DSA * specification. - * + * * @param g the g parameter from the DSA key pair. */ BigInteger generateK(int[] seed, BigInteger q) { @@ -427,13 +427,13 @@ public final class DSA extends Signature { /** * This implementation recognizes the following parameter: *

- * + * *
Kseed - * + * *
a byte array. - * + * *
- * + * * @deprecated */ protected void engineSetParameter(String key, Object param) { @@ -458,17 +458,17 @@ public final class DSA extends Signature { /** * Return the value of the requested parameter. Recognized * parameters are: - * + * *
- * + * *
Kseed - * + * *
a byte array. - * + * *
- * + * * @return the value of the requested parameter. - * + * * @deprecated */ protected Object engineGetParameter(String key) { @@ -491,7 +491,7 @@ public final class DSA extends Signature { /** * Update a byte to be signed or verified. - * + * * @param b the byte to updated. */ protected void engineUpdate(byte b) { @@ -500,7 +500,7 @@ public final class DSA extends Signature { /** * Update an array of bytes to be signed or verified. - * + * * @param data the bytes to be updated. */ protected void engineUpdate(byte[] data, int off, int len) { diff --git a/base/util/src/netscape/security/provider/DSAKeyFactory.java b/base/util/src/netscape/security/provider/DSAKeyFactory.java index 41f0081f2..ada152921 100755 --- a/base/util/src/netscape/security/provider/DSAKeyFactory.java +++ b/base/util/src/netscape/security/provider/DSAKeyFactory.java @@ -32,11 +32,11 @@ import java.security.spec.X509EncodedKeySpec; /** * This class implements the DSA key factory of the Sun provider. - * + * * @author Jan Luehe - * + * * @version 1.8, 97/12/10 - * + * * @since JDK1.2 */ @@ -45,11 +45,11 @@ public class DSAKeyFactory extends KeyFactorySpi { /** * Generates a public key object from the provided key specification * (key material). - * + * * @param keySpec the specification (key material) of the public key - * + * * @return the public key - * + * * @exception InvalidKeySpecException if the given key specification * is inappropriate for this key factory to produce a public key. */ @@ -77,11 +77,11 @@ public class DSAKeyFactory extends KeyFactorySpi { /** * Generates a private key object from the provided key specification * (key material). - * + * * @param keySpec the specification (key material) of the private key - * + * * @return the private key - * + * * @exception InvalidKeySpecException if the given key specification * is inappropriate for this key factory to produce a private key. */ @@ -109,15 +109,15 @@ public class DSAKeyFactory extends KeyFactorySpi { /** * Returns a specification (key material) of the given key object * in the requested format. - * + * * @param key the key - * + * * @param keySpec the requested format in which the key material shall be * returned - * + * * @return the underlying key specification (key material) in the * requested format - * + * * @exception InvalidKeySpecException if the requested key specification is * inappropriate for the given key, or the given key cannot be processed * (e.g., the given key has an unrecognized algorithm or format). @@ -188,11 +188,11 @@ public class DSAKeyFactory extends KeyFactorySpi { /** * Translates a key object, whose provider may be unknown or potentially * untrusted, into a corresponding key object of this key factory. - * + * * @param key the key whose provider is unknown or untrusted - * + * * @return the translated key - * + * * @exception InvalidKeyException if the given key cannot be processed by * this key factory. */ diff --git a/base/util/src/netscape/security/provider/DSAKeyPairGenerator.java b/base/util/src/netscape/security/provider/DSAKeyPairGenerator.java index 3e04792bf..c0fc274a9 100644 --- a/base/util/src/netscape/security/provider/DSAKeyPairGenerator.java +++ b/base/util/src/netscape/security/provider/DSAKeyPairGenerator.java @@ -40,9 +40,9 @@ import netscape.security.x509.AlgIdDSA; * This class generates DSA key parameters and public/private key * pairs according to the DSS standard NIST FIPS 186. It uses the * updated version of SHA, SHA-1 as described in FIPS 180-1. - * + * * @author Benjamin Renaud - * + * * @version 1.23, 97/12/10 */ @@ -60,7 +60,7 @@ public class DSAKeyPairGenerator extends KeyPairGenerator from the DSA specification, FIPS 186, and the FIPS 186 Change No 1, which updates the test vector using SHA-1 instead of SHA (for both the G function and the message - hash. + hash. */ precomputedParams = new Hashtable(); @@ -206,7 +206,7 @@ public class DSAKeyPairGenerator extends KeyPairGenerator /** * Initializes the DSA object using a DSA parameter object. - * + * * @param params a fully initialized DSA parameter object. */ public void initialize(DSAParams params, SecureRandom random) @@ -217,11 +217,11 @@ public class DSAKeyPairGenerator extends KeyPairGenerator /** * Initializes the DSA object using a parameter object. - * + * * @param params the parameter set to be used to generate * the keys. * @param random the source of randomness for this generator. - * + * * @exception InvalidAlgorithmParameterException if the given parameters * are inappropriate for this key pair generator */ @@ -238,11 +238,11 @@ public class DSAKeyPairGenerator extends KeyPairGenerator /** * Generates a pair of keys usable by any JavaSecurity compliant * DSA implementation. - * + * * @param rnd the source of random bits from which the random key * generation parameters are drawn. In particular, this includes * the XSEED parameter. - * + * * @exception InvalidParameterException if the modulus is not * between 512 and 1024. */ @@ -339,13 +339,13 @@ public class DSAKeyPairGenerator extends KeyPairGenerator * Given a seed, generate the private key component of the key * pair. In the terminology used in the DSA specification * (FIPS-186) seed is the XSEED quantity. - * + * * @param seed the seed to use to generate the private key. */ BigInteger generateX(int[] seed, BigInteger q) { - /* Test vector - int[] tseed = { 0xbd029bbe, 0x7f51960b, 0xcf9edb2b, + /* Test vector + int[] tseed = { 0xbd029bbe, 0x7f51960b, 0xcf9edb2b, 0x61f06f0f, 0xeb5a38b6 }; seed = tseed; */ @@ -368,9 +368,9 @@ public class DSAKeyPairGenerator extends KeyPairGenerator /** * Generate the public key component y of the key pair. - * + * * @param x the private key component. - * + * * @param p the base parameter. */ BigInteger generateY(BigInteger x, BigInteger p, BigInteger g) { diff --git a/base/util/src/netscape/security/provider/DSAParameterGenerator.java b/base/util/src/netscape/security/provider/DSAParameterGenerator.java index cd7b8de33..3a316cac5 100755 --- a/base/util/src/netscape/security/provider/DSAParameterGenerator.java +++ b/base/util/src/netscape/security/provider/DSAParameterGenerator.java @@ -68,7 +68,7 @@ public class DSAParameterGenerator extends AlgorithmParameterGeneratorSpi { /** * Initializes this parameter generator for a certain strength * and source of randomness. - * + * * @param strength the strength (size of prime) in bits * @param random the source of randomness */ @@ -91,10 +91,10 @@ public class DSAParameterGenerator extends AlgorithmParameterGeneratorSpi { /** * Initializes this parameter generator with a set of * algorithm-specific parameter generation values. - * + * * @param params the set of algorithm-specific parameter generation values * @param random the source of randomness - * + * * @exception InvalidAlgorithmParameterException if the given parameter * generation values are inappropriate for this parameter generator */ @@ -106,7 +106,7 @@ public class DSAParameterGenerator extends AlgorithmParameterGeneratorSpi { /** * Generates the parameters. - * + * * @return the new AlgorithmParameters object */ protected AlgorithmParameters engineGenerateParameters() { @@ -148,7 +148,7 @@ public class DSAParameterGenerator extends AlgorithmParameterGeneratorSpi { * * @param random the source of randomness to generate the * seed - * @param L the size of p, in bits. + * @param L the size of p, in bits. * * @return an array of BigInteger, with p at index 0 and * q at index 1. @@ -178,7 +178,7 @@ public class DSAParameterGenerator extends AlgorithmParameterGeneratorSpi { * * @return an array of BigInteger, with p at index 0, * q at index 1, the seed at index 2, and the counter value - * at index 3, or null if the seed does not yield suitable numbers. + * at index 3, or null if the seed does not yield suitable numbers. */ BigInteger[] generatePandQ(byte[] seed, int L) { diff --git a/base/util/src/netscape/security/provider/DSAParameters.java b/base/util/src/netscape/security/provider/DSAParameters.java index e2a5dd128..d22ab10fc 100755 --- a/base/util/src/netscape/security/provider/DSAParameters.java +++ b/base/util/src/netscape/security/provider/DSAParameters.java @@ -32,11 +32,11 @@ import netscape.security.util.DerValue; * This class implements the parameter set used by the * Digital Signature Algorithm as specified in the FIPS 186 * standard. - * + * * @author Jan Luehe - * + * * @version 1.8, 97/12/10 - * + * * @since JDK1.2 */ diff --git a/base/util/src/netscape/security/provider/DSAPrivateKey.java b/base/util/src/netscape/security/provider/DSAPrivateKey.java index 0cfc5e5ea..d18206c1e 100644 --- a/base/util/src/netscape/security/provider/DSAPrivateKey.java +++ b/base/util/src/netscape/security/provider/DSAPrivateKey.java @@ -33,11 +33,11 @@ import netscape.security.x509.AlgIdDSA; /** * A PKCS#8 private key for the Digital Signature Algorithm. - * + * * @author Benjamin Renaud - * + * * @version 1.47, 97/12/10 - * + * * @see DSAPublicKey * @see AlgIdDSA * @see DSA @@ -110,7 +110,7 @@ public final class DSAPrivateKey extends PKCS8Key /** * Get the raw private key, x, without the parameters. - * + * */ public BigInteger getX() { return x; diff --git a/base/util/src/netscape/security/provider/DSAPublicKey.java b/base/util/src/netscape/security/provider/DSAPublicKey.java index 89262809b..699a28261 100644 --- a/base/util/src/netscape/security/provider/DSAPublicKey.java +++ b/base/util/src/netscape/security/provider/DSAPublicKey.java @@ -34,11 +34,11 @@ import netscape.security.x509.X509Key; /** * An X.509 public key for the Digital Signature Algorithm. - * + * * @author Benjamin Renaud - * + * * @version 1.52, 97/12/10 - * + * * @see DSAPrivateKey * @see AlgIdDSA * @see DSA @@ -54,7 +54,7 @@ public final class DSAPublicKey extends X509Key private BigInteger y; /* - * Keep this constructor for backwards compatibility with JDK1.1. + * Keep this constructor for backwards compatibility with JDK1.1. */ public DSAPublicKey() { } @@ -110,7 +110,7 @@ public final class DSAPublicKey extends X509Key /** * Get the raw public value, y, without the parameters. - * + * */ public BigInteger getY() { return y; diff --git a/base/util/src/netscape/security/provider/MD5.java b/base/util/src/netscape/security/provider/MD5.java index d7aeacaee..00d3a4c29 100644 --- a/base/util/src/netscape/security/provider/MD5.java +++ b/base/util/src/netscape/security/provider/MD5.java @@ -24,7 +24,7 @@ import java.security.MessageDigestSpi; * The MD5 class is used to compute an MD5 message digest over a given * buffer of bytes. It is an implementation of the RSA Data Security Inc * MD5 algorithim as described in internet RFC 1321. - * + * * @version 1.24 97/12/10 * @author Chuck McManis * @author Benjamin Renaud diff --git a/base/util/src/netscape/security/provider/RSAPublicKey.java b/base/util/src/netscape/security/provider/RSAPublicKey.java index 4c65b4fa0..a70d1aeee 100644 --- a/base/util/src/netscape/security/provider/RSAPublicKey.java +++ b/base/util/src/netscape/security/provider/RSAPublicKey.java @@ -31,19 +31,19 @@ import netscape.security.x509.X509Key; /** * An X.509 public key for the RSA Algorithm. - * + * * @author galperin - * + * * @version $Revision$, $Date$ - * + * */ public final class RSAPublicKey extends X509Key implements Serializable { /* XXX This currently understands only PKCS#1 RSA Encryption OID and parameter format - Later we may consider adding X509v3 OID for RSA keys. Besides - different OID it also has a parameter equal to modulus size + Later we may consider adding X509v3 OID for RSA keys. Besides + different OID it also has a parameter equal to modulus size in bits (redundant!) */ @@ -59,7 +59,7 @@ public final class RSAPublicKey extends X509Key implements Serializable { private BigInt publicExponent; /* - * Keep this constructor for backwards compatibility with JDK1.1. + * Keep this constructor for backwards compatibility with JDK1.1. */ public RSAPublicKey() { } @@ -97,7 +97,7 @@ public final class RSAPublicKey extends X509Key implements Serializable { /** * Get key size as number of bits in modulus * (Always rounded up to a multiple of 8) - * + * */ public int getKeySize() { return this.modulus.byteLength() * 8; @@ -105,7 +105,7 @@ public final class RSAPublicKey extends X509Key implements Serializable { /** * Get the raw public exponent - * + * */ public BigInt getPublicExponent() { return this.publicExponent; @@ -113,7 +113,7 @@ public final class RSAPublicKey extends X509Key implements Serializable { /** * Get the raw modulus - * + * */ public BigInt getModulus() { return this.modulus; diff --git a/base/util/src/netscape/security/provider/SHA.java b/base/util/src/netscape/security/provider/SHA.java index 42a6b8b90..c19992309 100644 --- a/base/util/src/netscape/security/provider/SHA.java +++ b/base/util/src/netscape/security/provider/SHA.java @@ -25,11 +25,11 @@ import java.security.MessageDigestSpi; * the National Institute of Standards and Technology along with the * National Security Agency. This is the updated version of SHA * fip-180 as superseded by fip-180-1. - * + * *

* It implement JavaSecurity MessageDigest, and can be used by in the Java Security framework, as a pluggable * implementation, as a filter for the digest stream classes. - * + * * @version 1.30 97/12/10 * @author Roger Riggs * @author Benjamin Renaud @@ -38,7 +38,7 @@ import java.security.MessageDigestSpi; public class SHA extends MessageDigestSpi implements Cloneable { /* This private hookm controlled by the appropriate constructor, - causes this class to implement the first version of SHA, + causes this class to implement the first version of SHA, as defined in FIPS 180, as opposed to FIPS 180-1. This was useful for DSA testing. */ private int version = 1; @@ -81,7 +81,7 @@ public class SHA extends MessageDigestSpi implements Cloneable { /** * Update a byte. - * + * * @param b the byte */ private void engineUpdate(int b) { @@ -105,7 +105,7 @@ public class SHA extends MessageDigestSpi implements Cloneable { /** * Update a buffer. - * + * * @param b the data to be updated. * @param off the start offset in the data * @param len the number of bytes to be updated. @@ -256,11 +256,11 @@ public class SHA extends MessageDigestSpi implements Cloneable { /** * Compute a the hash for the current block. - * + * * This is in the same vein as Peter Gutmann's algorithm listed in * the back of Applied Cryptography, Compact implementation of * "old" NIST Secure Hash Algorithm. - * + * */ private void computeBlock() { int temp, a, b, c, d, e; diff --git a/base/util/src/netscape/security/provider/Sun.java b/base/util/src/netscape/security/provider/Sun.java index df384aeab..e056b7bb1 100644 --- a/base/util/src/netscape/security/provider/Sun.java +++ b/base/util/src/netscape/security/provider/Sun.java @@ -22,32 +22,32 @@ import java.security.Provider; /** * The SUN Security Provider. * - * @author Benjamin Renaud + * @author Benjamin Renaud * * @version 1.24, 97/12/10 */ /** * Defines the SUN provider. - * + * * Algorithm supported, and their names: - * + * * - SHA-1 is the message digest scheme decribed FIPS 180-1. * Aliases for SHA-1 are SHA. - * + * * - DSA is the signature scheme described in FIPS 186. (SHA used in * DSA is SHA-1: FIPS 186 with Change No 1.) Aliases for DSA are * SHA/DSA, SHA-1/DSA, SHA1/DSA, DSS and the object identifier * strings "OID.1.3.14.3.2.13", "OID.1.3.14.3.2.27" and * "OID.1.2.840.10040.4.3". - * + * * - DSA is the key generation scheme as described in FIPS 186. * Aliases for DSA include the OID strings "OID.1.3.14.3.2.12" * and "OID.1.2.840.10040.4.1". - * + * * - MD5 is the message digest scheme described in RFC 1321. * There are no aliases for MD5. - * + * * Notes: The name of algorithm described in FIPS-180 is SHA-0, and is * not supported by the SUN provider.) */ @@ -69,7 +69,7 @@ public final class Sun extends Provider { // AccessController.beginPrivileged(); /* - * Signature engines + * Signature engines */ put("Signature.DSA", "netscape.security.provider.DSA"); @@ -89,7 +89,7 @@ public final class Sun extends Provider { put("Alg.Alias.Signature.SHA1withDSA", "DSA"); /* - * Key Pair Generator engines + * Key Pair Generator engines */ put("KeyPairGenerator.DSA", "netscape.security.provider.DSAKeyPairGenerator"); @@ -101,8 +101,8 @@ public final class Sun extends Provider { put("Alg.Alias.KeyPairGenerator.1.3.14.3.2.12", "DSA"); put("Alg.Alias.KeyPairGenerator.1.2.840.10040.4.1", "DSA"); - /* - * Digest engines + /* + * Digest engines */ put("MessageDigest.MD5", "netscape.security.provider.MD5"); put("MessageDigest.SHA-1", "netscape.security.provider.SHA"); diff --git a/base/util/src/netscape/security/util/ASN1CharStrConvMap.java b/base/util/src/netscape/security/util/ASN1CharStrConvMap.java index c9c364f4f..912b363e5 100644 --- a/base/util/src/netscape/security/util/ASN1CharStrConvMap.java +++ b/base/util/src/netscape/security/util/ASN1CharStrConvMap.java @@ -28,13 +28,13 @@ import java.util.Map; * Maps a ASN.1 character string type to a charset encoder and decoder. * The converter is used to convert a DerValue of a ASN.1 character string type * from bytes to unicode characters and vice versa. - * + * *

* A global default ASN1CharStrConvMap is created when the class is initialized. The global default map is extensible. - * + * * @author Lily Hsiao * @author Slava Galperin - * + * */ public class ASN1CharStrConvMap { @@ -48,10 +48,10 @@ public class ASN1CharStrConvMap { /** * Get an encoder for the specified DER tag. - * + * * @param tag A DER tag of a ASN.1 character string type, * for example DerValue.tag_PrintableString. - * + * * @return An encoder for the DER tag. */ public CharsetEncoder getEncoder(byte tag) { @@ -63,10 +63,10 @@ public class ASN1CharStrConvMap { /** * Get a decoder for the given DER tag. - * + * * @param tag A DER tag of a ASN.1 character string type, * for example DerValue.tag_PrintableString. - * + * * @return A decoder for the DER tag. */ public CharsetDecoder getDecoder(byte tag) { @@ -78,7 +78,7 @@ public class ASN1CharStrConvMap { /** * Add a tag-charset entry in the map. - * + * * @param tag A DER tag of a ASN.1 character string type, * ex. DerValue.tag_IA5String * @param charset A charset for the tag. @@ -101,7 +101,7 @@ public class ASN1CharStrConvMap { /** * Get an iterator of all tags in the map. - * + * * @return An Iterator of DER tags in the map as Bytes. */ public Iterator getTags() { @@ -112,7 +112,7 @@ public class ASN1CharStrConvMap { /** * Get the global ASN1CharStrConvMap. - * + * * @return The global default ASN1CharStrConvMap. */ static public ASN1CharStrConvMap getDefault() { @@ -121,7 +121,7 @@ public class ASN1CharStrConvMap { /** * Set the global default ASN1CharStrConvMap. - * + * * @param newDefault The new default ASN1CharStrConvMap. */ static public void setDefault(ASN1CharStrConvMap newDefault) { diff --git a/base/util/src/netscape/security/util/BigInt.java b/base/util/src/netscape/security/util/BigInt.java index 9210648f1..aed24e7ad 100644 --- a/base/util/src/netscape/security/util/BigInt.java +++ b/base/util/src/netscape/security/util/BigInt.java @@ -25,12 +25,12 @@ import java.math.BigInteger; * such parsed values. Convert to "BigInteger" if you need to do * arbitrary precision arithmetic, rather than just represent * the number as a wrapped array of bytes. - * + * *

* NOTE: This class may eventually disappear, to * be supplanted by big-endian byte arrays which hold both signed * and unsigned arbitrary-precision integers. - * + * * @version 1.23 * @author David Brownell */ @@ -42,7 +42,7 @@ public final class BigInt { /** * Constructs a "Big" integer from a set of (big-endian) bytes. * Leading zeroes should be stripped off. - * + * * @param data a sequence of bytes, most significant bytes/digits * first. CONSUMED. */ @@ -80,7 +80,7 @@ public final class BigInt { /** * Constructs a "Big" integer from a normal Java integer. - * + * * @param i the java primitive integer */ public BigInt(int i) { @@ -107,7 +107,7 @@ public final class BigInt { /** * Converts the "big" integer to a java primitive integer. - * + * * @exception NumberFormatException if 32 bits is insufficient. */ public int toInt() { @@ -181,7 +181,7 @@ public final class BigInt { /** * Returns true iff the parameter is a numerically equivalent * BigInt. - * + * * @param other the object being compared with this one. */ public boolean equals(Object other) { @@ -192,7 +192,7 @@ public final class BigInt { /** * Returns true iff the parameter is numerically equivalent. - * + * * @param other the BigInt being compared with this one. */ public boolean equals(BigInt other) { diff --git a/base/util/src/netscape/security/util/BitArray.java b/base/util/src/netscape/security/util/BitArray.java index ab77c226e..e37de4eb5 100644 --- a/base/util/src/netscape/security/util/BitArray.java +++ b/base/util/src/netscape/security/util/BitArray.java @@ -21,7 +21,7 @@ import java.io.ByteArrayOutputStream; /** * A packed array of booleans. - * + * * @author Joshua Bloch * @author Douglas Hoover * @version 1.2 97/12/10 @@ -78,7 +78,7 @@ public class BitArray { int unusedBits = repLength * BITS_PER_UNIT - length; byte bitMask = (byte) (0xFF << unusedBits); - /* + /* normalize the representation: 1. discard extra bytes 2. zero out extra bits in the last byte @@ -191,7 +191,7 @@ public class BitArray { /** * Returns a hash code value for this bit array. - * + * * @return a hash code value for this bit array. */ public int hashCode() { diff --git a/base/util/src/netscape/security/util/ByteArrayLexOrder.java b/base/util/src/netscape/security/util/ByteArrayLexOrder.java index 2ee2f740e..48954850e 100644 --- a/base/util/src/netscape/security/util/ByteArrayLexOrder.java +++ b/base/util/src/netscape/security/util/ByteArrayLexOrder.java @@ -21,7 +21,7 @@ import java.util.Comparator; /** * Compare two byte arrays in lexicographical order. - * + * * @version 1.4 97/12/10 * @author D. N. Hoover */ @@ -33,12 +33,12 @@ public class ByteArrayLexOrder implements Comparator { * in order until they differ--the array with the smaller entry * is "smaller". If array entries are * equal till one array ends, then the longer array is "bigger". - * + * * @param obj1 first byte array to compare. * @param obj2 second byte array to compare. * @return negative number if obj1 < obj2, 0 if obj1 == obj2, * positive number if obj1 > obj2. - * + * * @exception ClassCastException if either argument is not a byte array. */ public final int compare(byte[] bytes1, byte[] bytes2) { diff --git a/base/util/src/netscape/security/util/ByteArrayTagOrder.java b/base/util/src/netscape/security/util/ByteArrayTagOrder.java index e57a3b5f1..40a627627 100644 --- a/base/util/src/netscape/security/util/ByteArrayTagOrder.java +++ b/base/util/src/netscape/security/util/ByteArrayTagOrder.java @@ -25,18 +25,18 @@ public class ByteArrayTagOrder implements Comparator { * Compare two byte arrays, by the order of their tags, * as defined in ITU-T X.680, sec. 6.4. (First compare * tag classes, then tag numbers, ignoring the constructivity bit.) - * + * * @param obj1 first byte array to compare. * @param obj2 second byte array to compare. * @return negative number if obj1 < obj2, 0 if obj1 == obj2, * positive number if obj1 > obj2. - * + * * @exception ClassCastException if either argument is not a byte array. */ public final int compare(byte[] bytes1, byte[] bytes2) { - // tag order is same as byte order ignoring any difference in + // tag order is same as byte order ignoring any difference in // the constructivity bit (0x02) return (bytes1[0] | 0x20) - (bytes2[0] | 0x20); } diff --git a/base/util/src/netscape/security/util/CertPrettyPrint.java b/base/util/src/netscape/security/util/CertPrettyPrint.java index 3a8c65fd0..7dfbf1588 100644 --- a/base/util/src/netscape/security/util/CertPrettyPrint.java +++ b/base/util/src/netscape/security/util/CertPrettyPrint.java @@ -40,7 +40,7 @@ import org.mozilla.jss.pkcs7.SignedData; /** * This class will display the certificate content in predefined * format. - * + * * @author Jack Pan-Chen * @version $Revision$, $Date$ */ @@ -82,7 +82,7 @@ public class CertPrettyPrint { /** * This method return string representation of the certificate * in predefined format using specified client local. I18N Support. - * + * * @param clientLocale Locale to be used for localization * @return string representation of the certificate */ diff --git a/base/util/src/netscape/security/util/CrlPrettyPrint.java b/base/util/src/netscape/security/util/CrlPrettyPrint.java index edf1217ea..77c1e196f 100644 --- a/base/util/src/netscape/security/util/CrlPrettyPrint.java +++ b/base/util/src/netscape/security/util/CrlPrettyPrint.java @@ -32,7 +32,7 @@ import netscape.security.x509.X509CRLImpl; /** * This class will display the certificate content in predefined * format. - * + * * @author Andrew Wnuk * @version $Revision$, $Date$ */ @@ -66,7 +66,7 @@ public class CrlPrettyPrint { * This method return string representation of the certificate * revocation list in predefined format using specified client * local. I18N Support. - * + * * @param clientLocale Locale to be used for localization * @return string representation of the certificate */ diff --git a/base/util/src/netscape/security/util/DerEncoder.java b/base/util/src/netscape/security/util/DerEncoder.java index c2eb64fc0..b19ca2cd2 100644 --- a/base/util/src/netscape/security/util/DerEncoder.java +++ b/base/util/src/netscape/security/util/DerEncoder.java @@ -23,7 +23,7 @@ import java.io.OutputStream; /** * Interface to an object that knows how to write its own DER * encoding to an output stream. - * + * * @version 1.2 97/12/10 * @author D. N. Hoover */ @@ -31,7 +31,7 @@ public interface DerEncoder { /** * DER encode this object and write the results to a stream. - * + * * @param out the stream on which the DER encoding is written. */ public void derEncode(OutputStream out) diff --git a/base/util/src/netscape/security/util/DerInputBuffer.java b/base/util/src/netscape/security/util/DerInputBuffer.java index 7534f3d06..429bf4d6a 100644 --- a/base/util/src/netscape/security/util/DerInputBuffer.java +++ b/base/util/src/netscape/security/util/DerInputBuffer.java @@ -27,7 +27,7 @@ import java.io.OutputStream; * does so with impunity, since it's not intended to be exposed to the * anyone who could violate the "typed value stream" DER model and hence * corrupt the input stream of DER values. - * + * * @version 1.11 * @author David Brownell */ diff --git a/base/util/src/netscape/security/util/DerInputStream.java b/base/util/src/netscape/security/util/DerInputStream.java index 20ced6757..7508f81b9 100644 --- a/base/util/src/netscape/security/util/DerInputStream.java +++ b/base/util/src/netscape/security/util/DerInputStream.java @@ -31,18 +31,18 @@ import java.util.Vector; * the advantage that it allows only a single encoding of primitive data. * (High level data such as dates still support many encodings.) That is, * it uses the "Definite" Encoding Rules (DER) not the "Basic" ones (BER). - * + * *

* Note that, like BER/1, DER streams are streams of explicitly tagged data values. Accordingly, this programming * interface does not expose any variant of the java.io.InputStream interface, since that kind of input stream holds * untagged data values and using that I/O model could prevent correct parsing of the DER data. - * + * *

* At this time, this class supports only a subset of the types of DER data encodings which are defined. That subset is * sufficient for parsing most X.509 certificates. - * + * * @version 1.35 - * + * * @author David Brownell * @author Amit Kapoor * @author Hemma Prafullchandra @@ -60,7 +60,7 @@ public class DerInputStream { * Create a DER input stream from a data buffer. The buffer is not * copied, it is shared. Accordingly, the buffer should be treated * as read-only. - * + * * @param data the buffer from which to create the string (CONSUMED) */ public DerInputStream(byte[] data) { @@ -72,7 +72,7 @@ public class DerInputStream { * Create a DER input stream from part of a data buffer. * The buffer is not copied, it is shared. Accordingly, the * buffer should be treated as read-only. - * + * * @param data the buffer from which to create the string (CONSUMED) * @param offset the first index of data which will * be read as DER input in the new stream @@ -91,7 +91,7 @@ public class DerInputStream { /** * Creates a new DER input stream from part of this input stream. - * + * * @param len how long a chunk of the current input stream to use, * starting at the current position. * @param do_skip true if the existing data in the input stream should @@ -173,8 +173,8 @@ public class DerInputStream { int length = getLength(buffer) - 1; /* - * First byte = number of excess bits in the last octet of the - * representation. + * First byte = number of excess bits in the last octet of the + * representation. */ int validBits = length * 8 - buffer.read(); @@ -231,7 +231,7 @@ public class DerInputStream { * ordered, and they are often used, like a "struct" in C or C++, * to group data values. They may have optional or context * specific values. - * + * * @param startLen guess about how long the sequence will be * (used to initialize an auto-growing data structure) * @return array of the values in the sequence @@ -256,7 +256,7 @@ public class DerInputStream { * though DER may specify an order for some kinds of sets (such * as the attributes in an X.500 relative distinguished name) * to facilitate binary comparisons of encoded values. - * + * * @param startLen guess about how large the set will be * (used to initialize an auto-growing data structure) * @return array of the values in the sequence @@ -272,7 +272,7 @@ public class DerInputStream { * though DER may specify an order for some kinds of sets (such * as the attributes in an X.500 relative distinguished name) * to facilitate binary comparisons of encoded values. - * + * * @param startLen guess about how large the set will be * (used to initialize an auto-growing data structure) * @param implicit if true tag is assumed implicit. @@ -299,7 +299,7 @@ public class DerInputStream { if (len == 0) // return empty array instead of null, which should be - // used only for missing optionals + // used only for missing optionals return new DerValue[0]; /* diff --git a/base/util/src/netscape/security/util/DerOutputStream.java b/base/util/src/netscape/security/util/DerOutputStream.java index 62290d604..df16d0b38 100644 --- a/base/util/src/netscape/security/util/DerOutputStream.java +++ b/base/util/src/netscape/security/util/DerOutputStream.java @@ -36,13 +36,13 @@ import java.util.TimeZone; * Output stream marshaling DER-encoded data. This is eventually provided * in the form of a byte array; there is no advance limit on the size of * that byte array. - * + * *

* At this time, this class supports only a subset of the types of DER data encodings which are defined. That subset is * sufficient for generating most X.509 certificates. - * + * * @version 1.32 - * + * * @author David Brownell * @author Amit Kapoor * @author Hemma Prafullchandra @@ -51,7 +51,7 @@ public class DerOutputStream extends ByteArrayOutputStream implements DerEncoder { /** * Construct an DER output stream. - * + * * @param size how large a buffer to preallocate. */ public DerOutputStream(int size) { @@ -68,7 +68,7 @@ public class DerOutputStream * Writes tagged, pre-marshaled data. This calcuates and encodes * the length, so that the output data is the standard triple of * { tag, length, data } used by all DER values. - * + * * @param tag the DER value tag for the data, such as DerValue.tag_Sequence * @param buf buffered data, which must be DER-encoded */ @@ -82,7 +82,7 @@ public class DerOutputStream * Writes tagged data using buffer-to-buffer copy. As above, * this writes a standard DER record. This is often used when * efficiently encapsulating values in sequences. - * + * * @param tag the DER value tag for the data, such as DerValue.tag_Sequence * @param out buffered data */ @@ -96,14 +96,14 @@ public class DerOutputStream * Writes implicitly tagged data using buffer-to-buffer copy. As above, * this writes a standard DER record. This is often used when * efficiently encapsulating implicitly tagged values. - * + * * @param tag the DER value of the context-specific tag that replaces * original tag of the value in the output , such as in - * + * * 

      * 	  [N] IMPLICIT 
      *
- * + * * For example, FooLength [1] IMPLICIT INTEGER, with value=4; * would be encoded as "81 01 04" whereas in explicit * tagging it would be encoded as "A1 03 02 01 04". @@ -236,7 +236,7 @@ public class DerOutputStream /** * Marshals a DER bit string on the output stream. The bit * string must be byte-aligned. - * + * * @param bits the bit string, MSB first */ public void putBitString(byte[] bits) throws IOException { @@ -297,7 +297,7 @@ public class DerOutputStream byte lastByte = bitString[maxIndex]; length = (maxIndex + 1) * 8; // maximum, might reduce in next step - // now find the last 1 bit in this last byte + // now find the last 1 bit in this last byte for (i = 1; i <= 0x80; i <<= 1) { if ((lastByte & i) == 0) { length--; @@ -311,7 +311,7 @@ public class DerOutputStream /** * Marshals a DER bit string on the output stream. * The bit strings need not be byte-aligned. - * + * * @param bits the bit string, MSB first */ public void putUnalignedBitString(BitArray ba) throws IOException { @@ -327,7 +327,7 @@ public class DerOutputStream * Marshals a DER bit string on the output stream. * All trailing 0 bits will be stripped off in accordance with DER * encoding. - * + * * @param bits the bit string, MSB first */ public void putUnalignedBitString(byte[] bitString) throws IOException { @@ -338,7 +338,7 @@ public class DerOutputStream * Marshals a DER bit string on the output stream. * All trailing 0 bits will be stripped off in accordance with DER * encoding. - * + * * @param bits the bit string as an array of booleans. */ public void putUnalignedBitString(boolean[] bitString) throws IOException { @@ -347,7 +347,7 @@ public class DerOutputStream /** * DER-encodes an ASN.1 OCTET STRING value on the output stream. - * + * * @param octets the octet string */ public void putOctetString(byte[] octets) throws IOException { @@ -390,7 +390,7 @@ public class DerOutputStream * Marshals the contents of a set on the output stream without * ordering the elements. Ok for BER encoding, but not for DER * encoding. - * + * * For DER encoding, use orderedPutSet() or orderedPutSetOf(). */ public void putSet(DerValue[] set) throws IOException { @@ -419,7 +419,7 @@ public class DerOutputStream * set elements be sorted into ascending lexicographical order * before being output. Hence sets with the same tags and * elements have the same DER encoding. - * + * * This method supports the ASN.1 "SET OF" construct, but not * "SET", which uses a different order. */ @@ -433,7 +433,7 @@ public class DerOutputStream * set elements be sorted into ascending tag order * before being output. Hence sets with the same tags and * elements have the same DER encoding. - * + * * This method supports the ASN.1 "SET" construct, but not * "SET OF", which uses a different order. */ @@ -456,7 +456,7 @@ public class DerOutputStream /** * Marshals a the contents of a set on the output stream with the * encodings of its sorted in increasing order. - * + * * @param order the order to use when sorting encodings of components. */ private void putOrderedSet(byte tag, DerEncoder[] set, @@ -612,7 +612,7 @@ public class DerOutputStream /** * Marshals a DER UTC time/date value. - * + * *

* YYMMDDhhmmss{Z|+hhmm|-hhmm} ... emits only using Zulu time and with seconds (even if seconds=0) as per IETF-PKIX * partI. @@ -642,7 +642,7 @@ public class DerOutputStream /** * Marshals a DER Generalized Time/date value. - * + * *

* YYYYMMDDhhmmss{Z|+hhmm|-hhmm} ... emits only using Zulu time and with seconds (even if seconds=0) as per * IETF-PKIX partI. @@ -669,7 +669,7 @@ public class DerOutputStream /** * Put the encoding of the length in the stream. - * + * * @param len the length of the attribute. * @exception IOException on writing errors. */ @@ -703,7 +703,7 @@ public class DerOutputStream /** * Put the tag of the attribute in the stream. - * + * * @param class the tag class type, one of UNIVERSAL, CONTEXT, * APPLICATION or PRIVATE * @param form if true, the value is constructed, otherwise it is @@ -720,7 +720,7 @@ public class DerOutputStream /** * Write the current contents of this DerOutputStream to an OutputStream. - * + * * @exception IOException on output error. */ public void derEncode(OutputStream out) throws IOException { diff --git a/base/util/src/netscape/security/util/DerValue.java b/base/util/src/netscape/security/util/DerValue.java index 71b6f7f2c..40215626a 100644 --- a/base/util/src/netscape/security/util/DerValue.java +++ b/base/util/src/netscape/security/util/DerValue.java @@ -34,18 +34,18 @@ import netscape.security.x509.GenericValueConverter; * Represents a single DER-encoded value. DER encoding rules are a subset * of the "Basic" Encoding Rules (BER), but they only support a single way * ("Definite" encoding) to encode any given value. - * + * *

* All DER-encoded data are triples {type, length, data}. This class represents such tagged values as they have * been read (or constructed), and provides structured access to the encoded data. - * + * *

* At this time, this class supports only a subset of the types of DER data encodings which are defined. That subset is * sufficient for parsing most X.509 certificates, and working with selected additional formats (such as PKCS #10 * certificate requests, and some kinds of PKCS #7 data). - * + * * @version 1.43 - * + * * @author David Brownell * @author Amit Kapoor * @author Hemma Prafullchandra @@ -215,7 +215,7 @@ public class DerValue { /** * Creates a DerValue from a tag and some DER-encoded data. - * + * * @param tag the DER type tag * @param data the DER-encoded data */ @@ -229,7 +229,7 @@ public class DerValue { /** * Creates a DerValue from a tag and some DER-encoded data. - * + * * @param tag the DER type tag * @param data the DER-encoded data * @param offset offset of the data @@ -264,7 +264,7 @@ public class DerValue { * Get an ASN.1/DER encoded datum from a buffer. The * entire buffer must hold exactly one datum, including * its tag and length. - * + * * @param buf buffer holding a single DER-encoded datum. */ public DerValue(byte[] buf) throws IOException { @@ -275,7 +275,7 @@ public class DerValue { * Get an ASN.1/DER encoded datum from part of a buffer. * That part of the buffer must hold exactly one datum, including * its tag and length. - * + * * @param buf the buffer * @param offset start point of the single DER-encoded dataum * @param length how many bytes are in the encoded datum @@ -287,7 +287,7 @@ public class DerValue { /** * Get an ASN1/DER encoded datum from an input stream. The * stream may have additional data following the encoded datum. - * + * * @param in the input stream holding a single DER datum, * which may be followed by additional data */ @@ -336,7 +336,7 @@ public class DerValue { /** * Returns an ASN.1 BOOLEAN - * + * * @return the boolean held in this DER value */ public boolean getBoolean() throws IOException { @@ -354,7 +354,7 @@ public class DerValue { /** * Returns an ASN.1 OBJECT IDENTIFIER. - * + * * @return the OID held in this DER value */ public ObjectIdentifier getOID() throws IOException { @@ -365,7 +365,7 @@ public class DerValue { /** * Returns an ASN.1 OCTET STRING - * + * * @return the octet string held in this DER value */ public byte[] getOctetString() throws IOException { @@ -382,7 +382,7 @@ public class DerValue { /** * Returns an ASN.1 unsigned integer value of enumerated value. - * + * * @return the (unsigned) integer held in this DER value */ public int getEnumerated() @@ -412,7 +412,7 @@ public class DerValue { /** * Returns an ASN.1 unsigned INTEGER value. - * + * * @return the (unsigned) integer held in this DER value */ public BigInt getInteger() throws IOException { @@ -424,7 +424,7 @@ public class DerValue { /** * Returns an ASN.1 unsigned INTEGER value, the parameter determining * if the tag is implicit. - * + * * @param tagImplicit if true, ignores the tag value as it is * assumed implicit. * @return the (unsigned) integer held in this DER value @@ -441,7 +441,7 @@ public class DerValue { /** * Returns an ASN.1 BIT STRING value. The bit string must be byte-aligned. - * + * * @return the bit string held in this value */ public byte[] getBitString() throws IOException { @@ -454,7 +454,7 @@ public class DerValue { /** * Returns an ASN.1 BIT STRING value that need not be byte-aligned. - * + * * @return a BitArray representing the bit string held in this value */ public BitArray getUnalignedBitString() throws IOException { @@ -477,7 +477,7 @@ public class DerValue { /** * Returns an ASN.1 BIT STRING value, with the tag assumed implicit * based on the parameter. The bit string must be byte-aligned. - * + * * @param tagImplicit if true, the tag is assumed implicit. * @return the bit string held in this value */ @@ -493,7 +493,7 @@ public class DerValue { /** * Returns an ASN.1 BIT STRING value, with the tag assumed implicit * based on the parameter. The bit string need not be byte-aligned. - * + * * @param tagImplicit if true, the tag is assumed implicit. * @return the bit string held in this value */ @@ -509,7 +509,7 @@ public class DerValue { /** * Returns an ASN.1 STRING value - * + * * @return the printable string held in this value */ public String getPrintableString() @@ -546,7 +546,7 @@ public class DerValue { /** * Returns an ASN.1 T61 (Teletype) STRING value - * + * * @return the teletype string held in this value */ public String getT61String() throws IOException { @@ -559,7 +559,7 @@ public class DerValue { /** * Returns an ASN.1 IA5 (ASCII) STRING value - * + * * @return the ASCII string held in this value */ public String getIA5String() throws IOException { @@ -600,7 +600,7 @@ public class DerValue { /** * Returns true iff the other object is a DER value which * is bitwise equal to this one. - * + * * @param other the object being compared with this one */ public boolean equals(Object other) { @@ -614,7 +614,7 @@ public class DerValue { * Bitwise equality comparison. DER encoded values have a single * encoding, so that bitwise equality of the encoded values is an * efficient way to establish equivalence of the unencoded values. - * + * * @param other the object being compared with this one */ public boolean equals(DerValue other) { @@ -631,7 +631,7 @@ public class DerValue { /** * Returns a printable representation of the value. - * + * * @return printable representation of the value */ public String toString() { @@ -656,7 +656,7 @@ public class DerValue { /** * Returns a DER-encoded value, such that if it's passed to the * DerValue constructor, a value equivalent to "this" is returned. - * + * * @return DER-encoded value, including tag and length. */ public byte[] toByteArray() throws IOException { @@ -688,7 +688,7 @@ public class DerValue { /** * Create the tag of the attribute. - * + * * @param class the tag class type, one of UNIVERSAL, CONTEXT, * APPLICATION or PRIVATE * @param form if true, the value is constructed, otherwise it @@ -706,7 +706,7 @@ public class DerValue { /** * Set the tag of the attribute. Commonly used to reset the * tag value used for IMPLICIT encodings. - * + * * @param tag the tag value */ public void resetTag(byte tag) { diff --git a/base/util/src/netscape/security/util/ExtPrettyPrint.java b/base/util/src/netscape/security/util/ExtPrettyPrint.java index 90d0d094f..c0e9050ea 100644 --- a/base/util/src/netscape/security/util/ExtPrettyPrint.java +++ b/base/util/src/netscape/security/util/ExtPrettyPrint.java @@ -80,7 +80,7 @@ import netscape.security.x509.UserNotice; /** * This class will display the certificate content in predefined * format. - * + * * @author Andrew Wnuk * @version $Revision$, $Date$ */ @@ -115,7 +115,7 @@ public class ExtPrettyPrint { /** * This method return string representation of the certificate * in predefined format using specified client local. I18N Support. - * + * * @param clientLocale Locale to be used for localization * @return string representation of the certificate */ diff --git a/base/util/src/netscape/security/util/IA5CharsetDecoder.java b/base/util/src/netscape/security/util/IA5CharsetDecoder.java index 620d65aca..106bf9fb7 100644 --- a/base/util/src/netscape/security/util/IA5CharsetDecoder.java +++ b/base/util/src/netscape/security/util/IA5CharsetDecoder.java @@ -26,7 +26,7 @@ import java.nio.charset.CodingErrorAction; /** * Converts bytes in ASN.1 IA5String character set to IA5String characters. - * + * * @author Lily Hsiao * @author Slava Galperin */ diff --git a/base/util/src/netscape/security/util/IA5CharsetEncoder.java b/base/util/src/netscape/security/util/IA5CharsetEncoder.java index dad0c9a2d..6581e95b1 100644 --- a/base/util/src/netscape/security/util/IA5CharsetEncoder.java +++ b/base/util/src/netscape/security/util/IA5CharsetEncoder.java @@ -26,7 +26,7 @@ import java.nio.charset.CodingErrorAction; /** * Converts characters in ASN.1 IA5String character set to IA5String bytes. - * + * * @author Lily Hsiao * @author Slava Galperin */ diff --git a/base/util/src/netscape/security/util/ObjectIdentifier.java b/base/util/src/netscape/security/util/ObjectIdentifier.java index 6ff02d1b0..a1d7b0a75 100644 --- a/base/util/src/netscape/security/util/ObjectIdentifier.java +++ b/base/util/src/netscape/security/util/ObjectIdentifier.java @@ -24,19 +24,19 @@ import java.util.StringTokenizer; /** * Represent an ISO Object Identifier. - * + * *

* Object Identifiers are arbitrary length hierarchical identifiers. The individual components are numbers, and they * define paths from the root of an ISO-managed identifier space. You will sometimes see a string name used instead of * (or in addition to) the numerical id. These are synonyms for the numerical IDs, but are not widely used since most * sites do not know all the requisite strings, while all sites can parse the numeric forms. - * + * *

* So for example, JavaSoft has the sole authority to assign the meaning to identifiers below the 1.3.6.1.4.42.2.17 node * in the hierarchy, and other organizations can easily acquire the ability to assign such unique identifiers. - * + * * @version 1.23 - * + * * @author David Brownell * @author Amit Kapoor * @author Hemma Prafullchandra @@ -95,11 +95,11 @@ final public class ObjectIdentifier implements Serializable { * Constructs an object ID from an ASN.1 encoded input stream. * The encoding of the ID in the stream uses "DER", a BER/1 subset. * In this case, that means a triple { typeId, length, data }. - * + * *

* NOTE: When an exception is thrown, the input stream has not been returned to its "initial" * state. - * + * * @param in DER-encoded data holding an object ID * @exception IOException indicates a decoding error */ @@ -275,7 +275,7 @@ final public class ObjectIdentifier implements Serializable { /** * Compares this identifier with another, for sorting purposes. * An identifier does not precede itself. - * + * * @param other identifer that may precede this one. * @return true iff other precedes this one * in a particular sorting order. @@ -308,7 +308,7 @@ final public class ObjectIdentifier implements Serializable { /** * Compares this identifier with another, for equality. - * + * * @return true iff the names are identical. */ public boolean equals(ObjectIdentifier other) { @@ -372,7 +372,7 @@ final public class ObjectIdentifier implements Serializable { * should help reduces in-memory Object Identifier object. * This function also provide additional checking on the OID. * A valid OID should start with 0, 1, or 2. - * + * * Notes: * This function never returns null. IOException is raised * in error conditions. diff --git a/base/util/src/netscape/security/util/PrettyPrintFormat.java b/base/util/src/netscape/security/util/PrettyPrintFormat.java index 25bc23d26..4bbc87936 100644 --- a/base/util/src/netscape/security/util/PrettyPrintFormat.java +++ b/base/util/src/netscape/security/util/PrettyPrintFormat.java @@ -20,7 +20,7 @@ package netscape.security.util; /** * This class will display the certificate content in predefined * format. - * + * * @author Andrew Wnuk * @version $Revision$, $Date$ */ @@ -74,7 +74,7 @@ public class PrettyPrintFormat { /** * Provide white space indention * stevep - speed improvements. Factor of 10 improvement - * + * * @param numSpace number of white space to be returned * @return white spaces */ @@ -90,7 +90,7 @@ public class PrettyPrintFormat { /** * Convert Byte Array to Hex String Format * stevep - speedup by factor of 8 - * + * * @param byte array of data to hexify * @param indentSize number of spaces to prepend before each line * @param lineLen number of bytes to output on each line (0 diff --git a/base/util/src/netscape/security/util/PrettyPrintResources.java b/base/util/src/netscape/security/util/PrettyPrintResources.java index a3f068f64..2c91a0ef0 100644 --- a/base/util/src/netscape/security/util/PrettyPrintResources.java +++ b/base/util/src/netscape/security/util/PrettyPrintResources.java @@ -24,7 +24,7 @@ import netscape.security.x509.KeyUsageExtension; /** * Resource Boundle for the Pretty Print - * + * * @author Jack Pan-Chen * @version $Revision$, $Date$ */ diff --git a/base/util/src/netscape/security/util/PrintableCharsetDecoder.java b/base/util/src/netscape/security/util/PrintableCharsetDecoder.java index 014095494..cf557d492 100644 --- a/base/util/src/netscape/security/util/PrintableCharsetDecoder.java +++ b/base/util/src/netscape/security/util/PrintableCharsetDecoder.java @@ -27,7 +27,7 @@ import java.nio.charset.CodingErrorAction; /** * Converts bytes in ASN.1 PrintableString character set to PrintableString * characters. - * + * * @author Lily Hsiao * @author Slava Galperin */ diff --git a/base/util/src/netscape/security/util/PrintableCharsetEncoder.java b/base/util/src/netscape/security/util/PrintableCharsetEncoder.java index bc658096a..9ee40ad15 100644 --- a/base/util/src/netscape/security/util/PrintableCharsetEncoder.java +++ b/base/util/src/netscape/security/util/PrintableCharsetEncoder.java @@ -27,7 +27,7 @@ import java.nio.charset.CodingErrorAction; /** * Converts characters in ASN.1 PrintableString character set to PrintableString * bytes. - * + * * @author Lily Hsiao * @author Slava Galperin */ diff --git a/base/util/src/netscape/security/util/PubKeyPrettyPrint.java b/base/util/src/netscape/security/util/PubKeyPrettyPrint.java index 46c007cd9..88fcdddb5 100644 --- a/base/util/src/netscape/security/util/PubKeyPrettyPrint.java +++ b/base/util/src/netscape/security/util/PubKeyPrettyPrint.java @@ -27,7 +27,7 @@ import netscape.security.x509.X509Key; /** * This class will display the certificate content in predefined * format. - * + * * @author Jack Pan-Chen * @author Andrew Wnuk * @version $Revision$, $Date$ @@ -58,7 +58,7 @@ public class PubKeyPrettyPrint { /** * This method return string representation of the certificate * in predefined format using specified client local. I18N Support. - * + * * @param clientLocale Locale to be used for localization * @return string representation of the certificate */ diff --git a/base/util/src/netscape/security/util/UniversalCharsetDecoder.java b/base/util/src/netscape/security/util/UniversalCharsetDecoder.java index a41c5ad50..cb23ec7e2 100644 --- a/base/util/src/netscape/security/util/UniversalCharsetDecoder.java +++ b/base/util/src/netscape/security/util/UniversalCharsetDecoder.java @@ -27,7 +27,7 @@ import java.nio.charset.CodingErrorAction; /** * Converts bytes in ASN.1 UniversalString character set to UniversalString * characters. - * + * * @author Lily Hsiao * @author Slava Galperin */ diff --git a/base/util/src/netscape/security/util/UniversalCharsetEncoder.java b/base/util/src/netscape/security/util/UniversalCharsetEncoder.java index cd2a51296..bb9ad4fcc 100644 --- a/base/util/src/netscape/security/util/UniversalCharsetEncoder.java +++ b/base/util/src/netscape/security/util/UniversalCharsetEncoder.java @@ -26,7 +26,7 @@ import java.nio.charset.CoderResult; /** * Converts characters in ASN.1 UniversalString character set to UniversalString * bytes. - * + * * @author Lily Hsiao * @author Slava Galperin */ diff --git a/base/util/src/netscape/security/x509/ACertAttrSet.java b/base/util/src/netscape/security/x509/ACertAttrSet.java index 8a757d7f5..437af2317 100755 --- a/base/util/src/netscape/security/x509/ACertAttrSet.java +++ b/base/util/src/netscape/security/x509/ACertAttrSet.java @@ -28,7 +28,7 @@ import netscape.security.util.DerValue; /** * A plain certattr set used by pkcs10 to parse an unknown attribute. - * + * * @author Lily Hsiao */ public class ACertAttrSet implements CertAttrSet { @@ -45,7 +45,7 @@ public class ACertAttrSet implements CertAttrSet { /** * Returns a short string describing this certificate attribute. - * + * * @return value of this certificate attribute in * printable form. */ @@ -56,9 +56,9 @@ public class ACertAttrSet implements CertAttrSet { /** * Encodes the attribute to the output stream in a format * that can be parsed by the decode method. - * + * * @param out the OutputStream to encode the attribute to. - * + * * @exception CertificateException on encoding or validity errors. * @exception IOException on other errors. */ @@ -69,9 +69,9 @@ public class ACertAttrSet implements CertAttrSet { /** * Decodes the attribute in the input stream. - * + * * @param in the InputStream to read the encoded attribute from. - * + * * @exception CertificateException on decoding or validity errors. * @exception IOException on other errors. */ @@ -82,10 +82,10 @@ public class ACertAttrSet implements CertAttrSet { /** * Sets an attribute value within this CertAttrSet. - * + * * @param name the name of the attribute (e.g. "x509.info.key") * @param obj the attribute object. - * + * * @exception CertificateException on attribute handling errors. * @exception IOException on other errors. */ @@ -96,9 +96,9 @@ public class ACertAttrSet implements CertAttrSet { /** * Gets an attribute value for this CertAttrSet. - * + * * @param name the name of the attribute to return. - * + * * @exception CertificateException on attribute handling errors. * @exception IOException on other errors. */ @@ -109,9 +109,9 @@ public class ACertAttrSet implements CertAttrSet { /** * Deletes an attribute value from this CertAttrSet. - * + * * @param name the name of the attribute to delete. - * + * * @exception CertificateException on attribute handling errors. * @exception IOException on other errors. */ @@ -123,7 +123,7 @@ public class ACertAttrSet implements CertAttrSet { /** * Returns an enumeration of the names of the attributes existing within * this attribute. - * + * * @return an enumeration of the attribute names. */ public Enumeration getAttributeNames() { @@ -132,7 +132,7 @@ public class ACertAttrSet implements CertAttrSet { /** * Returns the name (identifier) of this CertAttrSet. - * + * * @return the name of this CertAttrSet. */ public String getName() { diff --git a/base/util/src/netscape/security/x509/AVA.java b/base/util/src/netscape/security/x509/AVA.java index ad94c2c61..fc6601223 100644 --- a/base/util/src/netscape/security/x509/AVA.java +++ b/base/util/src/netscape/security/x509/AVA.java @@ -37,17 +37,17 @@ import netscape.security.util.ObjectIdentifier; * some attribute ID, has some particular value. Values are as a rule ASN.1 * printable strings. A conventional set of type IDs is recognized when * parsing (and generating) RFC 1779 syntax strings. - * + * *

* AVAs are components of X.500 relative names. Think of them as being individual fields of a database record. The * attribute ID is how you identify the field, and the value is part of a particular record. - * + * * @see X500Name * @see RDN * @see LdapDNStrConverter - * + * * @version 1.14 - * + * * @author David Brownell * @author Amit Kapoor * @author Hemma Prafullchandra @@ -61,7 +61,7 @@ public final class AVA implements DerEncoder { /** * Constructs an AVA from a Ldap DN string with one AVA component * using the global default LdapDNStrConverter. - * + * * @see LdapDNStrConverter * @param avaString a Ldap DN string with one AVA component. */ @@ -87,7 +87,7 @@ public final class AVA implements DerEncoder { /** * Constructs an AVA from a Ldap DN string containing one AVA * component using the specified LdapDNStrConverter. - * + * * @see LdapDNStrConverter * @param avaString a Ldap DN string containing one AVA. * @param ldapDNStrConverter a LdapDNStrConverter @@ -102,7 +102,7 @@ public final class AVA implements DerEncoder { /** * Constructs an AVA from an OID and DerValue. - * + * * @param type an ObjectIdentifier * @param val a DerValue */ @@ -119,11 +119,11 @@ public final class AVA implements DerEncoder { * Parses an RFC 1779 style AVA string: CN=fee fie foe fum * or perhaps with quotes. Not all defined AVA tags are supported; * of current note are X.400 related ones (PRMD, ADMD, etc). - * + * * This terminates at unescaped AVA separators ("+") or RDN * separators (",", ";"), or DN terminators (">"), and removes * cosmetic whitespace at the end of values. - * + * * @see LdapDNStrConverter * @param in the input stream. */ @@ -149,7 +149,7 @@ public final class AVA implements DerEncoder { /** * Constructs an AVA from a Der Input Stream. - * + * * @param in the Der Input Stream. */ public AVA(DerInputStream in) throws IOException { @@ -181,7 +181,7 @@ public final class AVA implements DerEncoder { /** * Returns true if another AVA has the same OID and DerValue. - * + * * @param other the other AVA. * @return ture iff other AVA has same oid and value. */ @@ -192,7 +192,7 @@ public final class AVA implements DerEncoder { /** * Compares the AVA with an Object, returns true if the object is * an AVA and has the same OID and value. - * + * * @param other the other object. * @return true iff other object is an AVA and has same oid and value. */ @@ -206,7 +206,7 @@ public final class AVA implements DerEncoder { /** * Encodes the AVA to a Der output stream. * AVAs are encoded as a SEQUENCE of two elements. - * + * * @param out The Der output stream. */ public void encode(DerOutputStream out) throws IOException { @@ -216,10 +216,10 @@ public final class AVA implements DerEncoder { /** * DER encode this object onto an output stream. * Implements the DerEncoder interface. - * + * * @param out * the output stream on which to write the DER encoding. - * + * * @exception IOException on encoding error. */ public void derEncode(OutputStream out) throws IOException { @@ -235,7 +235,7 @@ public final class AVA implements DerEncoder { /** * Returns a Ldap DN string with one AVA component using * the global default LdapDNStrConverter. - * + * * @return a Ldap DN string * @exception IOException if an error occurs during conversion. * @see LdapDNStrConverter @@ -249,7 +249,7 @@ public final class AVA implements DerEncoder { /** * Returns a Ldap DN string with one AVA component using the specified * LdapDNStrConverter. - * + * * @return a Ldap DN string * @param ldapDNStrConverter a Ldap DN String Converter * @exception IOException if an error occurs during the conversion. @@ -263,14 +263,14 @@ public final class AVA implements DerEncoder { /** * Returns a Ldap DN string with the AVA component using the global * default LdapDNStrConverter, or null if an error occurs in conversion. - * + * * @return a Ldap DN string containing the AVA, or null if an * error occurs in the conversion. */ public String toString() { String s; try { - // NOTE that a LdapDNString is returned here to match the + // NOTE that a LdapDNString is returned here to match the // original source from sun. Could also return the raw value // (before Ldap escaping) here. s = toLdapDNString(); @@ -282,7 +282,7 @@ public final class AVA implements DerEncoder { /** * Returns the OID in the AVA. - * + * * @return the ObjectIdentifier in this AVA. */ public ObjectIdentifier getOid() { @@ -291,7 +291,7 @@ public final class AVA implements DerEncoder { /** * Returns the value in this AVA as a DerValue - * + * * @return attribute value in this AVA. */ public DerValue getValue() { diff --git a/base/util/src/netscape/security/x509/AVAValueConverter.java b/base/util/src/netscape/security/x509/AVAValueConverter.java index cd3ce7616..50ccd4d8a 100644 --- a/base/util/src/netscape/security/x509/AVAValueConverter.java +++ b/base/util/src/netscape/security/x509/AVAValueConverter.java @@ -26,23 +26,23 @@ import netscape.security.util.DerValue; * DER encoded ASN.1 value and vice versa. * The converters are associated with attribute types, such as * directory string, ia5string, etc. - * + * *

* For example, to convert a string, such as an organization name for the "O" attribute to a DerValue, the "O" attribute * is mapped to the DirStrConverter which is used to convert the organization name to a DER encoded Directory String * which is a DerValue of a ASN.1 PrintableString, T.61String or UniversalString for the organization name. - * + * * @author Lily Hsiao, Slava Galperin at Netscape Communications, Inc. */ public interface AVAValueConverter { /** * Converts a string to a DER encoded attribute value. - * + * * @param valueString An AVA value string not encoded in any form. - * + * * @return A DerValue object. - * + * * @exception IOException if an error occurs during the conversion. */ public DerValue getValue(String valueString) @@ -53,11 +53,11 @@ public interface AVAValueConverter { * Specify the order of DER tags to use if more than one encoding is * possible. Currently Directory Strings can have different order * for backwards compatibility. By 2003 all should be UTF8String. - * + * * @param valueString An AVA value string not encoded in any form. - * + * * @return A DerValue object. - * + * * @exception IOException if an error occurs during the conversion. */ public DerValue getValue(String valueString, byte[] tags) @@ -65,7 +65,7 @@ public interface AVAValueConverter { /** * Converts a BER encoded value to a DER encoded attribute value. - * + * * @param berStream A byte array of the BER encoded AVA value. * @return A DerValue object. */ @@ -74,11 +74,11 @@ public interface AVAValueConverter { /** * Converts a DER encoded value to a string, not encoded in any form. - * + * * @param avaValue A DerValue object. - * + * * @return A string for the value or null if it can't be converted. - * + * * @exception IOException if an error occurs during the conversion. */ public String getAsString(DerValue avaValue) diff --git a/base/util/src/netscape/security/x509/Attribute.java b/base/util/src/netscape/security/x509/Attribute.java index 11e22db10..6cc1bfa03 100644 --- a/base/util/src/netscape/security/x509/Attribute.java +++ b/base/util/src/netscape/security/x509/Attribute.java @@ -32,27 +32,27 @@ import netscape.security.util.ObjectIdentifier; * An attribute, as identified by some attribute ID, has some particular values. * Values are as a rule ASN.1 printable strings. A conventional set of type IDs * is recognized when parsing. The following shows the syntax: - * + * * 

- * 
+ *
  *    Attribute	::= SEQUENCE {
  * type		AttributeType,
  * 	value		SET OF AttributeValue
  *              	-- at least one value is required --}
- * 
+ *
  *    AttributeType	::= OBJECT IDENTIFIER
- * 
+ *
  *    AttributeValue	::= ANY
- * 
+ *
  *
- * + * * Refer to draft-ietf-pkix-ipki-part1-11 for the support attributes listed on * page 96 of the internet draft. The are listed here for easy reference: name, * common name, surname, given name, initials, generation qualifier, dn qualifier, * country name, locality name, state or province name, organization name, organization * unit name, title, pkcs9 email. Not all the attributes are supported. Please check * the X500NameAttrMap for defined attributes. - * + * * @author Christine Ho */ @@ -71,7 +71,7 @@ public final class Attribute implements Serializable, DerEncoder { /** * Construct an attribute from attribute type and attribute value - * + * * @param oid the object identifier of the attribute type * @param value the value string */ @@ -89,7 +89,7 @@ public final class Attribute implements Serializable, DerEncoder { /** * Construct an attribute from attribute type and attribute values - * + * * @param oid the object identifier of the attribute type * @param values String value vector */ @@ -112,7 +112,7 @@ public final class Attribute implements Serializable, DerEncoder { /** * Construct an attribute from attribute type and attribute values - * + * * @param oid attribute type string CN,OU,O,C,L,TITLE,ST,STREET,UID,MAIL,E,DC * @param values String value vector */ @@ -148,7 +148,7 @@ public final class Attribute implements Serializable, DerEncoder { /** * Construct an attribute from a der encoded object. This der * der encoded value should represent the attribute object. - * + * * @param value the attribute object in der encode form. */ public Attribute(DerValue val) @@ -168,7 +168,7 @@ public final class Attribute implements Serializable, DerEncoder { /** * Returns the OID in the Attribute. - * + * * @return the ObjectIdentifier in this Attribute. */ public ObjectIdentifier getOid() { @@ -177,7 +177,7 @@ public final class Attribute implements Serializable, DerEncoder { /** * Returns enumeration of values in this attribute. - * + * * @return Enumeration of values of this Attribute. */ public Enumeration getValues() { @@ -189,7 +189,7 @@ public final class Attribute implements Serializable, DerEncoder { /** * Encodes the Attribute to a Der output stream. * Attribute are encoded as a SEQUENCE of two elements. - * + * * @param out The Der output stream. */ public void encode(DerOutputStream out) throws IOException { @@ -199,10 +199,10 @@ public final class Attribute implements Serializable, DerEncoder { /** * DER encode this object onto an output stream. * Implements the DerEncoder interface. - * + * * @param out * the output stream on which to write the DER encoding. - * + * * @exception IOException on encoding error. */ public void derEncode(OutputStream out) throws IOException { diff --git a/base/util/src/netscape/security/x509/AuthorityKeyIdentifierExtension.java b/base/util/src/netscape/security/x509/AuthorityKeyIdentifierExtension.java index 91b6c2598..a8df9d132 100644 --- a/base/util/src/netscape/security/x509/AuthorityKeyIdentifierExtension.java +++ b/base/util/src/netscape/security/x509/AuthorityKeyIdentifierExtension.java @@ -29,14 +29,14 @@ import netscape.security.util.DerValue; /** * This class represents the Authority Key Identifier Extension. - * + * *

* The authority key identifier extension provides a means of identifying the particular public key used to sign a * certificate. This extension would be used where an issuer has multiple signing keys (either due to multiple * concurrent key pairs or due to changeover). *

* The ASN.1 syntax for this is: - * + * * 

  * AuthorityKeyIdentifier ::= SEQUENCE {
  *    keyIdentifier             [0] KeyIdentifier           OPTIONAL,
@@ -45,7 +45,7 @@ import netscape.security.util.DerValue;
  * }
  * KeyIdentifier ::= OCTET STRING
  *
- * + * * @author Amit Kapoor * @author Hemma Prafullchandra * @version 1.9 @@ -130,7 +130,7 @@ public class AuthorityKeyIdentifierExtension extends Extension /** * The default constructor for this extension. Null parameters make * the element optional (not present). - * + * * @param id the KeyIdentifier associated with this extension. * @param names the GeneralNames associated with this extension * @param serialNum the CertificateSerialNumber associated with @@ -151,7 +151,7 @@ public class AuthorityKeyIdentifierExtension extends Extension /** * Create the extension from the passed DER encoded value of the same. - * + * * @param critical true if the extension is to be treated as critical. * @param value Array of DER encoded bytes of the actual value. * @exception IOException on error. @@ -176,8 +176,8 @@ public class AuthorityKeyIdentifierExtension extends Extension } // NB. this is always encoded with the IMPLICIT tag - // The checks only make sense if we assume implicit tagging, - // with explicit tagging the form is always constructed. + // The checks only make sense if we assume implicit tagging, + // with explicit tagging the form is always constructed. while (val.data.available() != 0) { DerValue opt = val.data.getDerValue(); @@ -232,7 +232,7 @@ public class AuthorityKeyIdentifierExtension extends Extension /** * Decode the extension from the InputStream. - * + * * @param in the InputStream to unmarshal the contents from. * @exception IOException on decoding or validity errors. */ @@ -242,7 +242,7 @@ public class AuthorityKeyIdentifierExtension extends Extension /** * Write the extension to the OutputStream. - * + * * @param out the OutputStream to write the extension to. * @exception IOException on error. */ diff --git a/base/util/src/netscape/security/x509/BasicConstraintsExtension.java b/base/util/src/netscape/security/x509/BasicConstraintsExtension.java index 2688e961d..ed619cb1b 100644 --- a/base/util/src/netscape/security/x509/BasicConstraintsExtension.java +++ b/base/util/src/netscape/security/x509/BasicConstraintsExtension.java @@ -30,11 +30,11 @@ import netscape.security.util.DerValue; /** * This class represents the Basic Constraints Extension. - * + * *

* The basic constraints extension identifies whether the subject of the certificate is a CA and how deep a * certification path may exist through that CA. - * + * * 

  * The ASN.1 syntax for this extension is:
  * BasicConstraints ::= SEQUENCE {
@@ -42,7 +42,7 @@ import netscape.security.util.DerValue;
  *     pathLenConstraint INTEGER (0..MAX) OPTIONAL
  * }
  *
- * + * * @author Amit Kapoor * @author Hemma Prafullchandra * @version 1.7 @@ -88,7 +88,7 @@ public class BasicConstraintsExtension extends Extension /** * Default constructor for this object. - * + * * @param ca true, if the subject of the Certificate is a CA. * @param len specifies the depth of the certification path. */ @@ -106,7 +106,7 @@ public class BasicConstraintsExtension extends Extension /** * Default constructor for this object. - * + * * @param ca true, if the subject of the Certificate is a CA. * @param len specifies the depth of the certification path. */ @@ -120,7 +120,7 @@ public class BasicConstraintsExtension extends Extension /** * Create the extension from the passed DER encoded value of the same. - * + * * @param extension the DER encoded value of the extension. * @exception IOException on error. */ @@ -193,7 +193,7 @@ public class BasicConstraintsExtension extends Extension /** * Decode the extension from the InputStream. - * + * * @param in the InputStream to unmarshal the contents from. * @exception IOException on decoding or validity errors. */ @@ -203,7 +203,7 @@ public class BasicConstraintsExtension extends Extension /** * Encode this extension value to the output stream. - * + * * @param out the DerOutputStream to encode the extension to. */ public void encode(OutputStream out) throws IOException { diff --git a/base/util/src/netscape/security/x509/CPSuri.java b/base/util/src/netscape/security/x509/CPSuri.java index d0a2e0762..b39f04895 100644 --- a/base/util/src/netscape/security/x509/CPSuri.java +++ b/base/util/src/netscape/security/x509/CPSuri.java @@ -24,9 +24,9 @@ import netscape.security.util.DerValue; /** * Represent the CPSuri Qualifier. - * + * * CPSuri ::= IA5String; - * + * * @author Thomas Kwan */ public class CPSuri extends Qualifier { @@ -39,7 +39,7 @@ public class CPSuri extends Qualifier { /** * Create a PolicyQualifierInfo - * + * * @param id the ObjectIdentifier for the policy id. */ public CPSuri(String uri) { @@ -52,7 +52,7 @@ public class CPSuri extends Qualifier { /** * Write the PolicyQualifier to the DerOutputStream. - * + * * @param out the DerOutputStream to write the object to. * @exception IOException on errors. */ diff --git a/base/util/src/netscape/security/x509/CRLDistributionPoint.java b/base/util/src/netscape/security/x509/CRLDistributionPoint.java index c7ad84389..442957449 100644 --- a/base/util/src/netscape/security/x509/CRLDistributionPoint.java +++ b/base/util/src/netscape/security/x509/CRLDistributionPoint.java @@ -43,11 +43,11 @@ import org.mozilla.jss.asn1.Tag; * distributionPoint [0] DistributionPointName OPTIONAL, * reasons [1] ReasonFlags OPTIONAL, * cRLIssuer [2] GeneralNames OPTIONAL } - * + * * DistributionPointName ::= CHOICE { * fullName [0] GeneralNames, * nameRelativeToCRLIssuer [1] RelativeDistinguishedName } - * + * * ReasonFlags ::= BIT STRING { * unused (0), * keyCompromise (1), @@ -92,7 +92,7 @@ public class CRLDistributionPoint implements ASN1Value { * If it is set to a non-null value, relativeName will be * set to null, because at most one of these two attributes * can be specified at a time. - * + * * @exception GeneralNamesException If an error occurs encoding the * name. */ @@ -156,7 +156,7 @@ public class CRLDistributionPoint implements ASN1Value { /** * Sets the CRLIssuer for the CRL at this distribution point. * May be set to null. - * + * * @exception GeneralNamesException If an error occurs encoding the name. */ public void setCRLIssuer(GeneralNames CRLIssuer) @@ -235,7 +235,7 @@ public class CRLDistributionPoint implements ASN1Value { seq.encode(implicitTag, ostream); } catch (InvalidBERException e) { - // this shouldn't happen unless there is a bug in one of + // this shouldn't happen unless there is a bug in one of // the Sun encoding classes throw new IOException(e.toString()); } diff --git a/base/util/src/netscape/security/x509/CRLDistributionPointsExtension.java b/base/util/src/netscape/security/x509/CRLDistributionPointsExtension.java index c939a7431..6ab962fae 100644 --- a/base/util/src/netscape/security/x509/CRLDistributionPointsExtension.java +++ b/base/util/src/netscape/security/x509/CRLDistributionPointsExtension.java @@ -37,19 +37,19 @@ import org.mozilla.jss.asn1.SEQUENCE; /** * An extension that tells applications where to find the CRL for * this certificate. - * + * * 
  * cRLDistributionPoints ::= SEQUENCE SIZE (1..MAX) OF DistributionPoint
- * 
+ *
  * DistributionPoint ::= SEQUENCE {
  *      distributionPoint       [0]     DistributionPointName OPTIONAL,
  *      reasons                 [1]     ReasonFlags OPTIONAL,
  *      cRLIssuer               [2]     GeneralNames OPTIONAL }
- * 
+ *
  * DistributionPointName ::= CHOICE {
  *      fullName                [0]     GeneralNames,
  *      nameRelativeToCRLIssuer [1]     RelativeDistinguishedName }
- * 
+ *
  * ReasonFlags ::= BIT STRING {
  *      unused                  (0),
  *      keyCompromise           (1),
@@ -334,7 +334,7 @@ public class CRLDistributionPointsExtension extends Extension
         /**
          * Given a bit array representing reason flags, extracts the reasons
          * and returns them as an array.
-         * 
+         *
          * @param bitFlags A bit vector containing reason flags.
          * @return An array of reasons contained in the bit vector.
          *         May be zero-length but will not be null.
@@ -347,7 +347,7 @@ public class CRLDistributionPointsExtension extends Extension
          * Given a bit array representing reason flags, extracts the reasons
          * and returns them as an array. Currently, only the first byte
          * of the bitflags are examined.
-         * 
+         *
          * @param bitFlags A bit vector containing reason flags. The format
          *            is big-endian (MSB first). Only the first byte is examined.
          * @return An array of reasons contained in the bit vector.
diff --git a/base/util/src/netscape/security/x509/CRLExtensions.java b/base/util/src/netscape/security/x509/CRLExtensions.java
index bdadcc12e..4a567e173 100755
--- a/base/util/src/netscape/security/x509/CRLExtensions.java
+++ b/base/util/src/netscape/security/x509/CRLExtensions.java
@@ -35,7 +35,7 @@ import netscape.security.util.DerValue;
 
 /**
  * This class defines the CRL Extensions.
- * 
+ *
  * @author Hemma Prafullchandra
  * @version 1.4
  */
@@ -94,7 +94,7 @@ public class CRLExtensions extends Vector {
 
     /**
      * Create the object, decoding the values from the passed DER stream.
-     * 
+     *
      * @param in the DerInputStream to read the Extension from.
      * @exception CRLException on decoding errors.
      * @exception X509ExtensionException on extension handling errors.
@@ -117,7 +117,7 @@ public class CRLExtensions extends Vector {
 
     /**
      * Decode the extensions from the InputStream.
-     * 
+     *
      * @param in the InputStream to unmarshal the contents from.
      * @exception CRLException on decoding or validity errors.
      * @exception X509ExtensionException on extension handling errors.
@@ -142,7 +142,7 @@ public class CRLExtensions extends Vector {
 
     /**
      * Encode the extensions in DER form to the stream.
-     * 
+     *
      * @param out the DerOutputStream to marshal the contents to.
      * @param isExplicit the tag indicating whether this is an entry
      *            extension or a CRL extension.
@@ -185,7 +185,7 @@ public class CRLExtensions extends Vector {
 
     /**
      * Get the extension with this alias.
-     * 
+     *
      * @param alias the identifier string for the extension to retrieve.
      * @exception X509ExtensionException on extension handling errors.
      */
@@ -207,7 +207,7 @@ public class CRLExtensions extends Vector {
 
     /**
      * Set the extension value with this alias.
-     * 
+     *
      * @param alias the identifier string for the extension to set.
      * @param obj the Object to set the extension identified by the
      *            alias.
@@ -220,7 +220,7 @@ public class CRLExtensions extends Vector {
 
     /**
      * Return an enumeration of names of the extensions.
-     * 
+     *
      * @return an enumeration of the names of the extensions in this CRL.
      */
     public Enumeration getElements() {
diff --git a/base/util/src/netscape/security/x509/CRLNumberExtension.java b/base/util/src/netscape/security/x509/CRLNumberExtension.java
index 7c89b179f..4cacde942 100755
--- a/base/util/src/netscape/security/x509/CRLNumberExtension.java
+++ b/base/util/src/netscape/security/x509/CRLNumberExtension.java
@@ -31,12 +31,12 @@ import netscape.security.util.DerValue;
 
 /**
  * Represent the CRL Number Extension.
- * 
+ *
  * 

  * This extension, if present, conveys a monotonically increasing sequence number for each CRL issued by a given CA
  * through a specific CA X.500 Directory entry or CRL distribution point. This extension allows users to easily
  * determine when a particular CRL supersedes another CRL.
- * 
+ *
  * @author Hemma Prafullchandra
  * @version 1.2
  * @see Extension
@@ -69,7 +69,7 @@ public class CRLNumberExtension extends Extension
     /**
      * Create a CRLNumberExtension with the integer value .
      * The criticality is set to false.
-     * 
+     *
      * @param crlNum the value to be set for the extension.
      */
     public CRLNumberExtension(int crlNum) throws IOException {
@@ -82,7 +82,7 @@ public class CRLNumberExtension extends Extension
     /**
      * Create a CRLNumberExtension with the BigInteger value .
      * The criticality is set to false.
-     * 
+     *
      * @param crlNum the value to be set for the extension.
      */
     public CRLNumberExtension(BigInteger crlNum) throws IOException {
@@ -94,7 +94,7 @@ public class CRLNumberExtension extends Extension
 
     /**
      * Create a CRLNumberExtension with the BigInteger value .
-     * 
+     *
      * @param critical true if the extension is to be treated as critical.
      * @param crlNum the value to be set for the extension.
      */
@@ -107,7 +107,7 @@ public class CRLNumberExtension extends Extension
 
     /**
      * Create the extension from the passed DER encoded value of the same.
-     * 
+     *
      * @param critical true if the extension is to be treated as critical.
      * @param value Array of DER encoded bytes of the actual value.
      * @exception IOException on error.
@@ -181,7 +181,7 @@ public class CRLNumberExtension extends Extension
 
     /**
      * Decode the extension from the InputStream.
-     * 
+     *
      * @param in the InputStream to unmarshal the contents from.
      * @exception IOException on decoding or validity errors.
      */
@@ -191,7 +191,7 @@ public class CRLNumberExtension extends Extension
 
     /**
      * Write the extension to the DerOutputStream.
-     * 
+     *
      * @param out the DerOutputStream to write the extension to.
      * @exception IOException on encoding errors.
      */
diff --git a/base/util/src/netscape/security/x509/CRLReasonExtension.java b/base/util/src/netscape/security/x509/CRLReasonExtension.java
index 3c11fc70b..bd82ff2fc 100644
--- a/base/util/src/netscape/security/x509/CRLReasonExtension.java
+++ b/base/util/src/netscape/security/x509/CRLReasonExtension.java
@@ -28,10 +28,10 @@ import netscape.security.util.DerValue;
 
 /**
  * Represent the CRLReason Extension of CRL entry.
- * 
+ *
  * 

  * This extension, if present, defines the identifies the reason for the certificate revocation.
- * 
+ *
  * @author galperin
  * @version $Revision$, $Date$
  * @see Extension
@@ -75,7 +75,7 @@ public final class CRLReasonExtension extends Extension implements CertAttrSet {
 
     /**
      * Default constructor
-     * 
+     *
      */
 
     public CRLReasonExtension() {
@@ -86,7 +86,7 @@ public final class CRLReasonExtension extends Extension implements CertAttrSet {
 
     /**
      * Create extension value for specific revocation reason
-     * 
+     *
      */
 
     public CRLReasonExtension(RevocationReason reason) {
@@ -104,7 +104,7 @@ public final class CRLReasonExtension extends Extension implements CertAttrSet {
 
     /**
      * Create the object from the passed DER encoded value.
-     * 
+     *
      * @param derVal the DerValue decoded from the stream.
      * @exception IOException on decoding errors.
      */
@@ -169,7 +169,7 @@ public final class CRLReasonExtension extends Extension implements CertAttrSet {
 
     /**
      * Decode the extension from the InputStream.
-     * 
+     *
      * @param in the InputStream to unmarshal the contents from.
      * @exception IOException on decoding or validity errors.
      */
@@ -188,7 +188,7 @@ public final class CRLReasonExtension extends Extension implements CertAttrSet {
 
     /**
      * Write the extension to the DerOutputStream.
-     * 
+     *
      * @param out the OutputStream to write the extension to.
      * @exception IOException on encoding errors.
      */
diff --git a/base/util/src/netscape/security/x509/CertAndKeyGen.java b/base/util/src/netscape/security/x509/CertAndKeyGen.java
index 1579d46bf..703585f36 100644
--- a/base/util/src/netscape/security/x509/CertAndKeyGen.java
+++ b/base/util/src/netscape/security/x509/CertAndKeyGen.java
@@ -38,22 +38,22 @@ import netscape.security.pkcs.PKCS10;
 /**
  * Generate a pair of keys, and provide access to them. This class is
  * provided primarily for ease of use.
- * 
+ *
  * 

  * This provides some simple certificate management functionality. Specifically, it allows you to create self-signed
  * X.509 certificates as well as PKCS 10 based certificate signing requests.
- * 
+ *
  * 

  * Keys for some public key signature algorithms have algorithm parameters, such as DSS/DSA. Some sites' Certificate
  * Authorities adopt fixed algorithm parameters, which speeds up some operations including key generation and signing.
  * At this time, this interface
  * does not provide a way to provide such algorithm parameters, e.g.
  * by providing the CA certificate which includes those parameters.
- * 
+ *
  * 

  * Also, note that at this time only signature-capable keys may be acquired through this interface. Diffie-Hellman keys,
  * used for secure key exchange, may be supported later.
- * 
+ *
  * @author David Brownell
  * @author Hemma Prafullchandra
  * @version 1.44
@@ -64,7 +64,7 @@ public final class CertAndKeyGen {
     /**
      * Creates a CertAndKeyGen object for a particular key type
      * and signature algorithm.
-     * 
+     *
      * @param keyType type of key, e.g. "RSA", "DSA"
      * @param sigAlg name of the signature algorithm, e.g. "MD5WithRSA",
      *            "MD2WithRSA", "SHAwithDSA".
@@ -83,7 +83,7 @@ public final class CertAndKeyGen {
      * to get a reproducible sequence of keys and signatures, or
      * because you may be able to take advantage of strong sources
      * of randomness/entropy in your environment.
-     * 
+     *
      * @deprecated All random numbers come from PKCS #11 now.
      */
     public void setRandom(SecureRandom generator) {
@@ -97,12 +97,12 @@ public final class CertAndKeyGen {
      * for the same key size, because of the "work factor" involved in
      * brute force attacks. As computers become faster, it becomes
      * easier to perform such attacks. Small keys are to be avoided.
-     * 
+     *
      * 

      * Note that not all values of "keyBits" are valid for all algorithms, and not all public key algorithms are
      * currently supported for use in X.509 certificates. If the algorithm you specified does not produce X.509
      * compatible keys, an invalid key exception is thrown.
-     * 
+     *
      * @param keyBits the number of bits in the keys.
      * @exception InvalidKeyException if the environment does not
      *                provide X.509 public keys for this signature algorithm.
@@ -140,7 +140,7 @@ public final class CertAndKeyGen {
 
     /**
      * Returns the private key of the generated key pair.
-     * 
+     *
      * 

      * Be extremely careful when handling private keys.
      * When private keys are not kept secret, they lose their ability
@@ -154,15 +154,15 @@ public final class CertAndKeyGen {
     /**
      * Returns a self-signed X.509v1 certificate for the public key.
      * The certificate is immediately valid.
-     * 
+     *
      * 

      * Such certificates normally are used to identify a "Certificate Authority" (CA). Accordingly, they will not always
      * be accepted by other parties. However, such certificates are also useful when you are bootstrapping your security
      * infrastructure, or deploying system prototypes.
-     * 
+     *
      * @deprecated Use the new 
-     * 
+     *
      * @param myname X.500 name of the subject (who is also the issuer)
      * @param validity how long the certificate should be valid, in seconds
      */
@@ -185,12 +185,12 @@ public final class CertAndKeyGen {
     /**
      * Returns a self-signed X.509v3 certificate for the public key.
      * The certificate is immediately valid. No extensions.
-     * 
+     *
      * 

      * Such certificates normally are used to identify a "Certificate Authority" (CA). Accordingly, they will not always
      * be accepted by other parties. However, such certificates are also useful when you are bootstrapping your security
      * infrastructure, or deploying system prototypes.
-     * 
+     *
      * @param myname X.500 name of the subject (who is also the issuer)
      * @param validity how long the certificate should be valid, in seconds
      * @exception CertificateException on certificate handling errors.
@@ -246,11 +246,11 @@ public final class CertAndKeyGen {
      * Returns a PKCS #10 certificate request. The caller uses either PKCS10.print or
      * PKCS10.toByteArray operations on the result, to get the request in an appropriate
      * transmission format.
-     * 
+     *
      * 

      * PKCS #10 certificate requests are sent, along with some proof of identity, to Certificate Authorities (CAs) which
      * then issue X.509 public key certificates.
-     * 
+     *
      * @param myname X.500 name of the subject
      * @exception InvalidKeyException on key handling errors.
      * @exception SignatureException on signature handling errors.
diff --git a/base/util/src/netscape/security/x509/CertAttrSet.java b/base/util/src/netscape/security/x509/CertAttrSet.java
index 7e8d6db82..2dde4430e 100755
--- a/base/util/src/netscape/security/x509/CertAttrSet.java
+++ b/base/util/src/netscape/security/x509/CertAttrSet.java
@@ -31,7 +31,7 @@ import java.util.Enumeration;
  * 

  * A CertAttrSet itself can also be comprised of other sub-sets. In the case of X.509 V3 certificates, for example, the
  * "extensions" attribute has subattributes, such as those for KeyUsage and AuthorityKeyIdentifier.
- * 
+ *
  * @author Amit Kapoor
  * @author Hemma Prafullchandra
  * @version 1.9
@@ -40,7 +40,7 @@ import java.util.Enumeration;
 public interface CertAttrSet {
     /**
      * Returns a short string describing this certificate attribute.
-     * 
+     *
      * @return value of this certificate attribute in
      *         printable form.
      */
@@ -49,9 +49,9 @@ public interface CertAttrSet {
     /**
      * Encodes the attribute to the output stream in a format
      * that can be parsed by the decode method.
-     * 
+     *
      * @param out the OutputStream to encode the attribute to.
-     * 
+     *
      * @exception CertificateException on encoding or validity errors.
      * @exception IOException on other errors.
      */
@@ -60,9 +60,9 @@ public interface CertAttrSet {
 
     /**
      * Decodes the attribute in the input stream.
-     * 
+     *
      * @param in the InputStream to read the encoded attribute from.
-     * 
+     *
      * @exception CertificateException on decoding or validity errors.
      * @exception IOException on other errors.
      */
@@ -71,10 +71,10 @@ public interface CertAttrSet {
 
     /**
      * Sets an attribute value within this CertAttrSet.
-     * 
+     *
      * @param name the name of the attribute (e.g. "x509.info.key")
      * @param obj the attribute object.
-     * 
+     *
      * @exception CertificateException on attribute handling errors.
      * @exception IOException on other errors.
      */
@@ -83,9 +83,9 @@ public interface CertAttrSet {
 
     /**
      * Gets an attribute value for this CertAttrSet.
-     * 
+     *
      * @param name the name of the attribute to return.
-     * 
+     *
      * @exception CertificateException on attribute handling errors.
      * @exception IOException on other errors.
      */
@@ -94,9 +94,9 @@ public interface CertAttrSet {
 
     /**
      * Deletes an attribute value from this CertAttrSet.
-     * 
+     *
      * @param name the name of the attribute to delete.
-     * 
+     *
      * @exception CertificateException on attribute handling errors.
      * @exception IOException on other errors.
      */
@@ -106,14 +106,14 @@ public interface CertAttrSet {
     /**
      * Returns an enumeration of the names of the attributes existing within
      * this attribute.
-     * 
+     *
      * @return an enumeration of the attribute names.
      */
     Enumeration getAttributeNames();
 
     /**
      * Returns the name (identifier) of this CertAttrSet.
-     * 
+     *
      * @return the name of this CertAttrSet.
      */
     String getName();
diff --git a/base/util/src/netscape/security/x509/CertException.java b/base/util/src/netscape/security/x509/CertException.java
index 31d9e686e..d9a618925 100644
--- a/base/util/src/netscape/security/x509/CertException.java
+++ b/base/util/src/netscape/security/x509/CertException.java
@@ -19,9 +19,9 @@ package netscape.security.x509;
 
 /**
  * CertException indicates one of a variety of certificate problems.
- * 
+ *
  * @version 1.18
- * 
+ *
  * @author David Brownell
  * @author Amit Kapoor
  * @author Hemma Prafullchandra
diff --git a/base/util/src/netscape/security/x509/CertParseError.java b/base/util/src/netscape/security/x509/CertParseError.java
index 7328c7207..dc4aa7b8f 100644
--- a/base/util/src/netscape/security/x509/CertParseError.java
+++ b/base/util/src/netscape/security/x509/CertParseError.java
@@ -23,7 +23,7 @@ package netscape.security.x509;
 
 /**
  * CertException indicates one of a variety of certificate problems.
- * 
+ *
  * @version 1.7
  * @author David Brownell
  */
diff --git a/base/util/src/netscape/security/x509/CertificateAlgorithmId.java b/base/util/src/netscape/security/x509/CertificateAlgorithmId.java
index 41610844e..b1b14f42b 100644
--- a/base/util/src/netscape/security/x509/CertificateAlgorithmId.java
+++ b/base/util/src/netscape/security/x509/CertificateAlgorithmId.java
@@ -32,7 +32,7 @@ import netscape.security.util.DerValue;
 
 /**
  * This class defines the AlgorithmId for the Certificate.
- * 
+ *
  * @author Amit Kapoor
  * @author Hemma Prafullchandra
  * @version 1.7
@@ -58,7 +58,7 @@ public class CertificateAlgorithmId implements CertAttrSet, Serializable {
 
     /**
      * Default constructor for the certificate attribute.
-     * 
+     *
      * @param algId the Algorithm identifier
      */
     public CertificateAlgorithmId(AlgorithmId algId) {
@@ -67,7 +67,7 @@ public class CertificateAlgorithmId implements CertAttrSet, Serializable {
 
     /**
      * Create the object, decoding the values from the passed DER stream.
-     * 
+     *
      * @param in the DerInputStream to read the serial number from.
      * @exception IOException on decoding errors.
      */
@@ -78,7 +78,7 @@ public class CertificateAlgorithmId implements CertAttrSet, Serializable {
 
     /**
      * Create the object, decoding the values from the passed stream.
-     * 
+     *
      * @param in the InputStream to read the serial number from.
      * @exception IOException on decoding errors.
      */
@@ -109,7 +109,7 @@ public class CertificateAlgorithmId implements CertAttrSet, Serializable {
 
     /**
      * Encode the algorithm identifier in DER form to the stream.
-     * 
+     *
      * @param out the DerOutputStream to marshal the contents to.
      * @exception IOException on errors.
      */
@@ -122,7 +122,7 @@ public class CertificateAlgorithmId implements CertAttrSet, Serializable {
 
     /**
      * Decode the algorithm identifier from the passed stream.
-     * 
+     *
      * @param in the InputStream to unmarshal the contents from.
      * @exception IOException on errors.
      */
diff --git a/base/util/src/netscape/security/x509/CertificateChain.java b/base/util/src/netscape/security/x509/CertificateChain.java
index b60325378..60df0ec65 100644
--- a/base/util/src/netscape/security/x509/CertificateChain.java
+++ b/base/util/src/netscape/security/x509/CertificateChain.java
@@ -33,7 +33,7 @@ public class CertificateChain implements Serializable {
 
     /**
      * constructs a certificate chain from a certificate.
-     * 
+     *
      * @param cert a certificate
      */
     public CertificateChain(X509Certificate cert) {
@@ -43,7 +43,7 @@ public class CertificateChain implements Serializable {
 
     /**
      * constructs a certificate chain from a X509 certificate array.
-     * 
+     *
      * @param chain a certificate array.
      */
     public CertificateChain(X509Certificate[] chain) {
@@ -52,7 +52,7 @@ public class CertificateChain implements Serializable {
 
     /**
      * returns the certificate at specified index in chain.
-     * 
+     *
      * @param index the index.
      * @return the X509 certificate at the given index.
      */
@@ -62,7 +62,7 @@ public class CertificateChain implements Serializable {
 
     /**
      * returns the first certificate in chain.
-     * 
+     *
      * @return the X509 certificate at the given index.
      */
     public X509Certificate getFirstCertificate() {
@@ -71,7 +71,7 @@ public class CertificateChain implements Serializable {
 
     /**
      * returns the certificate chain as an array of X509 certificates.
-     * 
+     *
      * @return an array of X509 Certificates.
      */
     public X509Certificate[] getChain() {
diff --git a/base/util/src/netscape/security/x509/CertificateExtensions.java b/base/util/src/netscape/security/x509/CertificateExtensions.java
index b9667d8f6..a358a0f6a 100644
--- a/base/util/src/netscape/security/x509/CertificateExtensions.java
+++ b/base/util/src/netscape/security/x509/CertificateExtensions.java
@@ -37,7 +37,7 @@ import netscape.security.util.DerValue;
 
 /**
  * This class defines the Extensions attribute for the Certificate.
- * 
+ *
  * @author Amit Kapoor
  * @author Hemma Prafullchandra
  * @version 1.11
@@ -111,7 +111,7 @@ public class CertificateExtensions extends Vector
 
     /**
      * Create the object, decoding the values from the passed DER stream.
-     * 
+     *
      * @param in the DerInputStream to read the Extension from.
      * @exception IOException on decoding errors.
      */
@@ -129,7 +129,7 @@ public class CertificateExtensions extends Vector
 
     /**
      * Decode the extensions from the InputStream.
-     * 
+     *
      * @param in the InputStream to unmarshal the contents from.
      * @exception IOException on decoding or validity errors.
      */
@@ -148,7 +148,7 @@ public class CertificateExtensions extends Vector
 
     /**
      * Decode the extensions from the InputStream.
-     * 
+     *
      * @param in the InputStream to unmarshal the contents from.
      * @exception IOException on decoding or validity errors.
      */
@@ -182,7 +182,7 @@ public class CertificateExtensions extends Vector
 
     /**
      * Encode the extensions in DER form to the stream.
-     * 
+     *
      * @param out the DerOutputStream to marshal the contents to.
      * @exception CertificateException on encoding errors.
      * @exception IOException on errors.
@@ -212,7 +212,7 @@ public class CertificateExtensions extends Vector
 
     /**
      * Set the attribute value.
-     * 
+     *
      * @param name the extension name used in the cache.
      * @param obj the object to set.
      * @exception IOException if the object could not be cached.
@@ -224,7 +224,7 @@ public class CertificateExtensions extends Vector
 
     /**
      * Get the attribute value.
-     * 
+     *
      * @param name the extension name used in the lookup.
      * @exception IOException if named extension is not found.
      */
@@ -238,7 +238,7 @@ public class CertificateExtensions extends Vector
 
     /**
      * Delete the attribute value.
-     * 
+     *
      * @param name the extension name used in the lookup.
      * @exception IOException if named extension is not found.
      */
diff --git a/base/util/src/netscape/security/x509/CertificateIssuerExtension.java b/base/util/src/netscape/security/x509/CertificateIssuerExtension.java
index 774116bcc..4f20cb685 100644
--- a/base/util/src/netscape/security/x509/CertificateIssuerExtension.java
+++ b/base/util/src/netscape/security/x509/CertificateIssuerExtension.java
@@ -30,11 +30,11 @@ import netscape.security.util.DerValue;
 
 /**
  * Represent the CRL Certificate Issuer Extension.
- * 
+ *
  * 

  * This CRL entry extension identifies the certificate issuer associated with an entry in an indirect CRL, i.e. a CRL
  * that has the indirectCRL indicator set in its issuing distribution point extension.
- * 
+ *
  * @see Extension
  * @see CertAttrSet
  */
@@ -81,7 +81,7 @@ public class CertificateIssuerExtension extends Extension
     /**
      * Create a CertificateIssuerExtension with the passed GeneralNames
      * and criticality.
-     * 
+     *
      * @param critical true if the extension is to be treated as critical.
      * @param names the GeneralNames for the issuer.
      * @exception IOException on error.
@@ -96,7 +96,7 @@ public class CertificateIssuerExtension extends Extension
 
     /**
      * Create a CertificateIssuerExtension with the passed GeneralNames.
-     * 
+     *
      * @param names the GeneralNames for the issuer.
      * @exception IOException on error.
      */
@@ -119,7 +119,7 @@ public class CertificateIssuerExtension extends Extension
 
     /**
      * Create the extension from the passed DER encoded value.
-     * 
+     *
      * @param critical true if the extension is to be treated as critical.
      * @param value Array of DER encoded bytes of the actual value.
      * @exception IOException on error.
@@ -157,7 +157,7 @@ public class CertificateIssuerExtension extends Extension
 
     /**
      * Decode the extension from the InputStream.
-     * 
+     *
      * @param in the InputStream to unmarshal the contents from.
      * @exception IOException on decoding or validity errors.
      */
@@ -167,7 +167,7 @@ public class CertificateIssuerExtension extends Extension
 
     /**
      * Write the extension to the OutputStream.
-     * 
+     *
      * @param out the OutputStream to write the extension to.
      * @exception IOException on encoding error.
      */
diff --git a/base/util/src/netscape/security/x509/CertificateIssuerName.java b/base/util/src/netscape/security/x509/CertificateIssuerName.java
index a2f9026c1..a075fdf56 100644
--- a/base/util/src/netscape/security/x509/CertificateIssuerName.java
+++ b/base/util/src/netscape/security/x509/CertificateIssuerName.java
@@ -29,7 +29,7 @@ import netscape.security.util.DerValue;
 
 /**
  * This class defines the X500Name attribute for the Certificate.
- * 
+ *
  * @author Amit Kapoor
  * @author Hemma Prafullchandra
  * @version 1.6
@@ -52,7 +52,7 @@ public class CertificateIssuerName implements CertAttrSet {
 
     /**
      * Default constructor for the certificate attribute.
-     * 
+     *
      * @param name the X500Name
      */
     public CertificateIssuerName(X500Name name) {
@@ -61,7 +61,7 @@ public class CertificateIssuerName implements CertAttrSet {
 
     /**
      * Create the object, decoding the values from the passed DER stream.
-     * 
+     *
      * @param in the DerInputStream to read the X500Name from.
      * @exception IOException on decoding errors.
      */
@@ -71,7 +71,7 @@ public class CertificateIssuerName implements CertAttrSet {
 
     /**
      * Create the object, decoding the values from the passed stream.
-     * 
+     *
      * @param in the InputStream to read the X500Name from.
      * @exception IOException on decoding errors.
      */
@@ -91,7 +91,7 @@ public class CertificateIssuerName implements CertAttrSet {
 
     /**
      * Encode the name in DER form to the stream.
-     * 
+     *
      * @param out the DerOutputStream to marshal the contents to.
      * @exception IOException on errors.
      */
@@ -104,7 +104,7 @@ public class CertificateIssuerName implements CertAttrSet {
 
     /**
      * Decode the name in DER form from the stream.
-     * 
+     *
      * @param in the InputStream to marshal the contents from.
      * @exception IOException on errors.
      */
diff --git a/base/util/src/netscape/security/x509/CertificateIssuerUniqueIdentity.java b/base/util/src/netscape/security/x509/CertificateIssuerUniqueIdentity.java
index 351116ffb..af9c92b49 100644
--- a/base/util/src/netscape/security/x509/CertificateIssuerUniqueIdentity.java
+++ b/base/util/src/netscape/security/x509/CertificateIssuerUniqueIdentity.java
@@ -30,7 +30,7 @@ import netscape.security.util.DerValue;
 /**
  * This class defines the subject/issuer unique identity attribute
  * for the Certificate.
- * 
+ *
  * @author Amit Kapoor
  * @author Hemma Prafullchandra
  * @version 1.6
@@ -52,7 +52,7 @@ public class CertificateIssuerUniqueIdentity implements CertAttrSet {
 
     /**
      * Default constructor for the certificate attribute.
-     * 
+     *
      * @param key the UniqueIdentity
      */
     public CertificateIssuerUniqueIdentity(UniqueIdentity id) {
@@ -61,7 +61,7 @@ public class CertificateIssuerUniqueIdentity implements CertAttrSet {
 
     /**
      * Create the object, decoding the values from the passed DER stream.
-     * 
+     *
      * @param in the DerInputStream to read the UniqueIdentity from.
      * @exception IOException on decoding errors.
      */
@@ -72,7 +72,7 @@ public class CertificateIssuerUniqueIdentity implements CertAttrSet {
 
     /**
      * Create the object, decoding the values from the passed stream.
-     * 
+     *
      * @param in the InputStream to read the UniqueIdentity from.
      * @exception IOException on decoding errors.
      */
@@ -84,7 +84,7 @@ public class CertificateIssuerUniqueIdentity implements CertAttrSet {
 
     /**
      * Create the object, decoding the values from the passed DER value.
-     * 
+     *
      * @param in the DerValue to read the UniqueIdentity from.
      * @exception IOException on decoding errors.
      */
@@ -104,7 +104,7 @@ public class CertificateIssuerUniqueIdentity implements CertAttrSet {
 
     /**
      * Decode the identity in DER form from the stream.
-     * 
+     *
      * @param in the InputStream to unmarshal the contents from.
      * @exception IOException on errors.
      */
@@ -115,7 +115,7 @@ public class CertificateIssuerUniqueIdentity implements CertAttrSet {
 
     /**
      * Encode the identity in DER form to the stream.
-     * 
+     *
      * @param out the DerOutputStream to marshal the contents to.
      * @exception IOException on errors.
      */
diff --git a/base/util/src/netscape/security/x509/CertificatePoliciesExtension.java b/base/util/src/netscape/security/x509/CertificatePoliciesExtension.java
index fedc15917..7fdd6ba02 100644
--- a/base/util/src/netscape/security/x509/CertificatePoliciesExtension.java
+++ b/base/util/src/netscape/security/x509/CertificatePoliciesExtension.java
@@ -34,7 +34,7 @@ import com.netscape.cmsutil.util.Utils;
 
 /**
  * This class defines the Certificate Policies Extension.
- * 
+ *
  * 

  * The certificate policies extension conatins a sequence of policy information terms, each of which consists of an
  * object identifier (OID) and optional qualifiers. These policy information terms indicate the policy under which the
@@ -42,11 +42,11 @@ import com.netscape.cmsutil.util.Utils;
  * requirements are expected to have a list of those policies which they will accept and to compare the policy OIDs in
  * the certificate to that list. If this extension is critical, the path validation software must be able to interpret
  * this extension, or must reject the certificate.
- * 
+ *
  * 
  * CertificatePolicies ::= SEQUENECE OF PolicyInformation
  * 

- * 
+ *
  * @author Christine Ho
  * @see Extension
  * @see CertAttrSet
@@ -69,7 +69,7 @@ public class CertificatePoliciesExtension extends Extension
     public static final String NAME = "CertificatePolicies";
     public static final String INFOS = "infos";
 
-    // Private data members 
+    // Private data members
     private Vector mInfos;
 
     // Encode this extension value
@@ -93,7 +93,7 @@ public class CertificatePoliciesExtension extends Extension
 
     /**
      * Create a CertificatePolicies with the Vector of CertificatePolicyInfo.
-     * 
+     *
      * @param infos the Vector of CertificatePolicyInfo.
      */
     public CertificatePoliciesExtension(Vector infos) throws IOException {
@@ -114,7 +114,7 @@ public class CertificatePoliciesExtension extends Extension
 
     /**
      * Create the extension from the passed DER encoded value.
-     * 
+     *
      * @param critical true if the extension is to be treated as critical.
      * @param value Array of DER encoded bytes of the actual value.
      * @exception IOException on error.
@@ -157,7 +157,7 @@ public class CertificatePoliciesExtension extends Extension
 
     /**
      * Write the extension to the OutputStream.
-     * 
+     *
      * @param out the OutputStream to write the extension to.
      * @exception IOException on encoding errors.
      */
@@ -174,7 +174,7 @@ public class CertificatePoliciesExtension extends Extension
 
     /**
      * Decode the extension from the InputStream.
-     * 
+     *
      * @param in the InputStream to unmarshal the contents from.
      * @exception IOException on decoding or validity errors.
      */
@@ -253,7 +253,7 @@ public class CertificatePoliciesExtension extends Extension
 
         /**
          * From ASN.1 dump
-         * 
+         *
          * 0 30 133: SEQUENCE {
          * 3 30 45: . SEQUENCE {
          * 5 06 3: . . OBJECT IDENTIFIER '1 2 3 5'
diff --git a/base/util/src/netscape/security/x509/CertificatePolicyId.java b/base/util/src/netscape/security/x509/CertificatePolicyId.java
index bfc93b0bb..d4af18c6a 100644
--- a/base/util/src/netscape/security/x509/CertificatePolicyId.java
+++ b/base/util/src/netscape/security/x509/CertificatePolicyId.java
@@ -25,7 +25,7 @@ import netscape.security.util.ObjectIdentifier;
 
 /**
  * Represent the CertificatePolicyId ASN.1 object.
- * 
+ *
  * @author Amit Kapoor
  * @author Hemma Prafullchandra
  * @version 1.5
@@ -39,7 +39,7 @@ public class CertificatePolicyId implements java.io.Serializable {
 
     /**
      * Create a CertificatePolicyId with the ObjectIdentifier.
-     * 
+     *
      * @param id the ObjectIdentifier for the policy id.
      */
     public CertificatePolicyId(ObjectIdentifier id) {
@@ -48,7 +48,7 @@ public class CertificatePolicyId implements java.io.Serializable {
 
     /**
      * Create the object from its Der encoded value.
-     * 
+     *
      * @param val the DER encoded value for the same.
      */
     public CertificatePolicyId(DerValue val) throws IOException {
@@ -75,7 +75,7 @@ public class CertificatePolicyId implements java.io.Serializable {
 
     /**
      * Write the CertificatePolicyId to the DerOutputStream.
-     * 
+     *
      * @param out the DerOutputStream to write the object to.
      * @exception IOException on errors.
      */
diff --git a/base/util/src/netscape/security/x509/CertificatePolicyInfo.java b/base/util/src/netscape/security/x509/CertificatePolicyInfo.java
index 33e541c65..375cfbe7c 100644
--- a/base/util/src/netscape/security/x509/CertificatePolicyInfo.java
+++ b/base/util/src/netscape/security/x509/CertificatePolicyInfo.java
@@ -24,7 +24,7 @@ import netscape.security.util.DerValue;
 
 /**
  * Represent the CertificatePolicyInformation ASN.1 object.
- * 
+ *
  * @author Christine Ho
  */
 public class CertificatePolicyInfo implements java.io.Serializable {
@@ -37,7 +37,7 @@ public class CertificatePolicyInfo implements java.io.Serializable {
 
     /**
      * Create a CertificatePolicyInfo with the passed CertificatePolicyId's.
-     * 
+     *
      * @param id the CertificatePolicyId.
      */
     public CertificatePolicyInfo(CertificatePolicyId id) {
@@ -52,7 +52,7 @@ public class CertificatePolicyInfo implements java.io.Serializable {
 
     /**
      * Create the CertificatePolicyInfo from the DER encoded value.
-     * 
+     *
      * @param val the DER encoded value of the same.
      */
     public CertificatePolicyInfo(DerValue val) throws IOException {
@@ -94,7 +94,7 @@ public class CertificatePolicyInfo implements java.io.Serializable {
 
     /**
      * Write the CertificatePolicyInfo to the DerOutputStream.
-     * 
+     *
      * @param out the DerOutputStream to write the object to.
      * @exception IOException on errors.
      */
diff --git a/base/util/src/netscape/security/x509/CertificatePolicyMap.java b/base/util/src/netscape/security/x509/CertificatePolicyMap.java
index 75ddf3314..aef43d387 100644
--- a/base/util/src/netscape/security/x509/CertificatePolicyMap.java
+++ b/base/util/src/netscape/security/x509/CertificatePolicyMap.java
@@ -24,7 +24,7 @@ import netscape.security.util.DerValue;
 
 /**
  * Represent the CertificatePolicyMap ASN.1 object.
- * 
+ *
  * @author Amit Kapoor
  * @author Hemma Prafullchandra
  * @version 1.5
@@ -35,7 +35,7 @@ public class CertificatePolicyMap {
 
     /**
      * Create a CertificatePolicyMap with the passed CertificatePolicyId's.
-     * 
+     *
      * @param issuer the CertificatePolicyId for the issuer CA.
      * @param subject the CertificatePolicyId for the subject CA.
      */
@@ -47,7 +47,7 @@ public class CertificatePolicyMap {
 
     /**
      * Create the CertificatePolicyMap from the DER encoded value.
-     * 
+     *
      * @param val the DER encoded value of the same.
      */
     public CertificatePolicyMap(DerValue val) throws IOException {
@@ -86,7 +86,7 @@ public class CertificatePolicyMap {
 
     /**
      * Write the CertificatePolicyMap to the DerOutputStream.
-     * 
+     *
      * @param out the DerOutputStream to write the object to.
      * @exception IOException on errors.
      */
diff --git a/base/util/src/netscape/security/x509/CertificatePolicySet.java b/base/util/src/netscape/security/x509/CertificatePolicySet.java
index 86d9c107f..68a5e3139 100644
--- a/base/util/src/netscape/security/x509/CertificatePolicySet.java
+++ b/base/util/src/netscape/security/x509/CertificatePolicySet.java
@@ -26,7 +26,7 @@ import netscape.security.util.DerValue;
 
 /**
  * This class defines the certificate policy set ASN.1 object.
- * 
+ *
  * @author Amit Kapoor
  * @author Hemma Prafullchandra
  * @version 1.4
@@ -36,7 +36,7 @@ public class CertificatePolicySet {
 
     /**
      * The default constructor for this class.
-     * 
+     *
      * @param ids the sequence of CertificatePolicyId's.
      */
     public CertificatePolicySet(Vector ids) {
@@ -45,7 +45,7 @@ public class CertificatePolicySet {
 
     /**
      * Create the object from the DerValue.
-     * 
+     *
      * @param in the passed DerInputStream.
      * @exception IOException on decoding errors.
      */
@@ -72,7 +72,7 @@ public class CertificatePolicySet {
 
     /**
      * Encode the policy set to the output stream.
-     * 
+     *
      * @param out the DerOutputStream to encode the data to.
      */
     public void encode(DerOutputStream out) throws IOException {
diff --git a/base/util/src/netscape/security/x509/CertificateSerialNumber.java b/base/util/src/netscape/security/x509/CertificateSerialNumber.java
index e9655178f..6dd353f16 100644
--- a/base/util/src/netscape/security/x509/CertificateSerialNumber.java
+++ b/base/util/src/netscape/security/x509/CertificateSerialNumber.java
@@ -30,7 +30,7 @@ import netscape.security.util.DerValue;
 
 /**
  * This class defines the SerialNumber attribute for the Certificate.
- * 
+ *
  * @author Amit Kapoor
  * @author Hemma Prafullchandra
  * @version 1.6
@@ -53,7 +53,7 @@ public class CertificateSerialNumber implements CertAttrSet {
 
     /**
      * Default constructor for the certificate attribute.
-     * 
+     *
      * @param serial the serial number for the certificate.
      */
     public CertificateSerialNumber(BigInteger num) {
@@ -62,7 +62,7 @@ public class CertificateSerialNumber implements CertAttrSet {
 
     /**
      * Default constructor for the certificate attribute.
-     * 
+     *
      * @param serial the serial number for the certificate.
      */
     public CertificateSerialNumber(int num) {
@@ -71,7 +71,7 @@ public class CertificateSerialNumber implements CertAttrSet {
 
     /**
      * Create the object, decoding the values from the passed DER stream.
-     * 
+     *
      * @param in the DerInputStream to read the serial number from.
      * @exception IOException on decoding errors.
      */
@@ -81,7 +81,7 @@ public class CertificateSerialNumber implements CertAttrSet {
 
     /**
      * Create the object, decoding the values from the passed stream.
-     * 
+     *
      * @param in the InputStream to read the serial number from.
      * @exception IOException on decoding errors.
      */
@@ -91,7 +91,7 @@ public class CertificateSerialNumber implements CertAttrSet {
 
     /**
      * Create the object, decoding the values from the passed DerValue.
-     * 
+     *
      * @param val the DER encoded value.
      * @exception IOException on decoding errors.
      */
@@ -110,7 +110,7 @@ public class CertificateSerialNumber implements CertAttrSet {
 
     /**
      * Encode the serial number in DER form to the stream.
-     * 
+     *
      * @param out the DerOutputStream to marshal the contents to.
      * @exception IOException on errors.
      */
@@ -123,7 +123,7 @@ public class CertificateSerialNumber implements CertAttrSet {
 
     /**
      * Decode the serial number in DER form from the stream.
-     * 
+     *
      * @param in the InputStream to marshal the contents from.
      * @exception IOException on errors.
      */
diff --git a/base/util/src/netscape/security/x509/CertificateSubjectName.java b/base/util/src/netscape/security/x509/CertificateSubjectName.java
index 6159638b9..0f4ed7d61 100644
--- a/base/util/src/netscape/security/x509/CertificateSubjectName.java
+++ b/base/util/src/netscape/security/x509/CertificateSubjectName.java
@@ -32,7 +32,7 @@ import netscape.security.util.DerValue;
 
 /**
  * This class defines the X500Name attribute for the Certificate.
- * 
+ *
  * @author Amit Kapoor
  * @author Hemma Prafullchandra
  * @version 1.6
@@ -59,7 +59,7 @@ public class CertificateSubjectName implements CertAttrSet, Serializable {
 
     /**
      * Default constructor for the certificate attribute.
-     * 
+     *
      * @param name the X500Name
      */
     public CertificateSubjectName(X500Name name) {
@@ -68,7 +68,7 @@ public class CertificateSubjectName implements CertAttrSet, Serializable {
 
     /**
      * Create the object, decoding the values from the passed DER stream.
-     * 
+     *
      * @param in the DerInputStream to read the X500Name from.
      * @exception IOException on decoding errors.
      */
@@ -78,7 +78,7 @@ public class CertificateSubjectName implements CertAttrSet, Serializable {
 
     /**
      * Create the object, decoding the values from the passed stream.
-     * 
+     *
      * @param in the InputStream to read the X500Name from.
      * @exception IOException on decoding errors.
      */
@@ -108,7 +108,7 @@ public class CertificateSubjectName implements CertAttrSet, Serializable {
 
     /**
      * Encode the name in DER form to the stream.
-     * 
+     *
      * @param out the DerOutputStream to marshal the contents to.
      * @exception IOException on errors.
      */
@@ -121,7 +121,7 @@ public class CertificateSubjectName implements CertAttrSet, Serializable {
 
     /**
      * Decode the name in DER form from the stream.
-     * 
+     *
      * @param in the InputStream to marshal the contents from.
      * @exception IOException on errors.
      */
@@ -134,7 +134,7 @@ public class CertificateSubjectName implements CertAttrSet, Serializable {
 
     /**
      * Decode the name in DER form from the stream.
-     * 
+     *
      * @param in the InputStream to marshal the contents from.
      * @exception IOException on errors.
      */
diff --git a/base/util/src/netscape/security/x509/CertificateSubjectUniqueIdentity.java b/base/util/src/netscape/security/x509/CertificateSubjectUniqueIdentity.java
index 51687e86d..9f9f9222c 100644
--- a/base/util/src/netscape/security/x509/CertificateSubjectUniqueIdentity.java
+++ b/base/util/src/netscape/security/x509/CertificateSubjectUniqueIdentity.java
@@ -30,7 +30,7 @@ import netscape.security.util.DerValue;
 /**
  * This class defines the subject/issuer unique identity attribute
  * for the Certificate.
- * 
+ *
  * @author Amit Kapoor
  * @author Hemma Prafullchandra
  * @version 1.6
@@ -52,7 +52,7 @@ public class CertificateSubjectUniqueIdentity implements CertAttrSet {
 
     /**
      * Default constructor for the certificate attribute.
-     * 
+     *
      * @param key the UniqueIdentity
      */
     public CertificateSubjectUniqueIdentity(UniqueIdentity id) {
@@ -61,7 +61,7 @@ public class CertificateSubjectUniqueIdentity implements CertAttrSet {
 
     /**
      * Create the object, decoding the values from the passed DER stream.
-     * 
+     *
      * @param in the DerInputStream to read the UniqueIdentity from.
      * @exception IOException on decoding errors.
      */
@@ -72,7 +72,7 @@ public class CertificateSubjectUniqueIdentity implements CertAttrSet {
 
     /**
      * Create the object, decoding the values from the passed stream.
-     * 
+     *
      * @param in the InputStream to read the UniqueIdentity from.
      * @exception IOException on decoding errors.
      */
@@ -84,7 +84,7 @@ public class CertificateSubjectUniqueIdentity implements CertAttrSet {
 
     /**
      * Create the object, decoding the values from the passed DER value.
-     * 
+     *
      * @param in the DerValue to read the UniqueIdentity from.
      * @exception IOException on decoding errors.
      */
@@ -104,7 +104,7 @@ public class CertificateSubjectUniqueIdentity implements CertAttrSet {
 
     /**
      * Decode the identity in DER form from the stream.
-     * 
+     *
      * @param in the InputStream to unmarshal the contents from.
      * @exception IOException on errors.
      */
@@ -115,7 +115,7 @@ public class CertificateSubjectUniqueIdentity implements CertAttrSet {
 
     /**
      * Encode the identity in DER form to the stream.
-     * 
+     *
      * @param out the DerOutputStream to marshal the contents to.
      * @exception IOException on errors.
      */
diff --git a/base/util/src/netscape/security/x509/CertificateValidity.java b/base/util/src/netscape/security/x509/CertificateValidity.java
index 0c2c841b0..511f1b1eb 100644
--- a/base/util/src/netscape/security/x509/CertificateValidity.java
+++ b/base/util/src/netscape/security/x509/CertificateValidity.java
@@ -35,7 +35,7 @@ import netscape.security.util.DerValue;
 
 /**
  * This class defines the interval for which the certificate is valid.
- * 
+ *
  * @author Amit Kapoor
  * @author Hemma Prafullchandra
  * @version 1.12
@@ -113,7 +113,7 @@ public class CertificateValidity implements CertAttrSet, Serializable {
 
     /**
      * The default constructor for this class for the specified interval.
-     * 
+     *
      * @param notBefore the date and time before which the certificate
      *            is not valid.
      * @param notAfter the date and time after which the certificate is
@@ -126,7 +126,7 @@ public class CertificateValidity implements CertAttrSet, Serializable {
 
     /**
      * Create the object, decoding the values from the passed DER stream.
-     * 
+     *
      * @param in the DerInputStream to read the CertificateValidity from.
      * @exception IOException on decoding errors.
      */
@@ -147,7 +147,7 @@ public class CertificateValidity implements CertAttrSet, Serializable {
 
     /**
      * Decode the CertificateValidity period from the InputStream.
-     * 
+     *
      * @param in the InputStream to unmarshal the contents from.
      * @exception IOException on errors.
      */
@@ -168,7 +168,7 @@ public class CertificateValidity implements CertAttrSet, Serializable {
 
     /**
      * Encode the CertificateValidity period in DER form to the stream.
-     * 
+     *
      * @param out the OutputStream to marshal the contents to.
      * @exception IOException on errors.
      */
@@ -264,7 +264,7 @@ public class CertificateValidity implements CertAttrSet, Serializable {
 
     /**
      * Verify that the current time is within the validity period.
-     * 
+     *
      * @exception CertificateExpiredException if the certificate has expired.
      * @exception CertificateNotYetValidException if the certificate is not
      *                yet valid.
@@ -277,15 +277,15 @@ public class CertificateValidity implements CertAttrSet, Serializable {
 
     /**
      * Verify that the passed time is within the validity period.
-     * 
+     *
      * @param now the Date against which to compare the validity
      *            period.
-     * 
+     *
      * @exception CertificateExpiredException if the certificate has expired
      *                with respect to the Date supplied.
      * @exception CertificateNotYetValidException if the certificate is not
      *                yet valid with respect to the Date supplied.
-     * 
+     *
      */
     public void valid(Date now)
             throws CertificateNotYetValidException, CertificateExpiredException {
diff --git a/base/util/src/netscape/security/x509/CertificateVersion.java b/base/util/src/netscape/security/x509/CertificateVersion.java
index d3659779f..5cc260d77 100644
--- a/base/util/src/netscape/security/x509/CertificateVersion.java
+++ b/base/util/src/netscape/security/x509/CertificateVersion.java
@@ -30,7 +30,7 @@ import netscape.security.util.DerValue;
 
 /**
  * This class defines the version of the X509 Certificate.
- * 
+ *
  * @author Amit Kapoor
  * @author Hemma Prafullchandra
  * @version 1.8
@@ -89,7 +89,7 @@ public class CertificateVersion implements CertAttrSet {
 
     /**
      * The constructor for this class for the required version.
-     * 
+     *
      * @param version the version for the certificate.
      * @exception IOException if the version is not valid.
      */
@@ -106,7 +106,7 @@ public class CertificateVersion implements CertAttrSet {
 
     /**
      * Create the object, decoding the values from the passed DER stream.
-     * 
+     *
      * @param in the DerInputStream to read the CertificateVersion from.
      * @exception IOException on decoding errors.
      */
@@ -119,7 +119,7 @@ public class CertificateVersion implements CertAttrSet {
 
     /**
      * Create the object, decoding the values from the passed stream.
-     * 
+     *
      * @param in the InputStream to read the CertificateVersion from.
      * @exception IOException on decoding errors.
      */
@@ -132,7 +132,7 @@ public class CertificateVersion implements CertAttrSet {
 
     /**
      * Create the object, decoding the values from the passed DerValue.
-     * 
+     *
      * @param val the Der encoded value.
      * @exception IOException on decoding errors.
      */
@@ -151,7 +151,7 @@ public class CertificateVersion implements CertAttrSet {
 
     /**
      * Encode the CertificateVersion period in DER form to the stream.
-     * 
+     *
      * @param out the OutputStream to marshal the contents to.
      * @exception IOException on errors.
      */
@@ -172,7 +172,7 @@ public class CertificateVersion implements CertAttrSet {
 
     /**
      * Decode the CertificateVersion period in DER form from the stream.
-     * 
+     *
      * @param in the InputStream to unmarshal the contents from.
      * @exception IOException on errors.
      */
diff --git a/base/util/src/netscape/security/x509/CertificateX509Key.java b/base/util/src/netscape/security/x509/CertificateX509Key.java
index c7003bb8e..a77a1e7dd 100644
--- a/base/util/src/netscape/security/x509/CertificateX509Key.java
+++ b/base/util/src/netscape/security/x509/CertificateX509Key.java
@@ -32,7 +32,7 @@ import netscape.security.util.DerValue;
 
 /**
  * This class defines the X509Key attribute for the Certificate.
- * 
+ *
  * @author Amit Kapoor
  * @author Hemma Prafullchandra
  * @version 1.5
@@ -59,7 +59,7 @@ public class CertificateX509Key implements CertAttrSet, Serializable {
 
     /**
      * Default constructor for the certificate attribute.
-     * 
+     *
      * @param key the X509Key
      */
     public CertificateX509Key(X509Key key) {
@@ -68,7 +68,7 @@ public class CertificateX509Key implements CertAttrSet, Serializable {
 
     /**
      * Create the object, decoding the values from the passed DER stream.
-     * 
+     *
      * @param in the DerInputStream to read the X509Key from.
      * @exception IOException on decoding errors.
      */
@@ -79,7 +79,7 @@ public class CertificateX509Key implements CertAttrSet, Serializable {
 
     /**
      * Create the object, decoding the values from the passed stream.
-     * 
+     *
      * @param in the InputStream to read the X509Key from.
      * @exception IOException on decoding errors.
      */
@@ -99,7 +99,7 @@ public class CertificateX509Key implements CertAttrSet, Serializable {
 
     /**
      * Decode the key in DER form from the stream.
-     * 
+     *
      * @param in the InputStream to unmarshal the contents from
      * @exception IOException on decoding or validity errors.
      */
@@ -120,7 +120,7 @@ public class CertificateX509Key implements CertAttrSet, Serializable {
 
     /**
      * Encode the key in DER form to the stream.
-     * 
+     *
      * @param out the OutputStream to marshal the contents to.
      * @exception IOException on errors.
      */
diff --git a/base/util/src/netscape/security/x509/DNSName.java b/base/util/src/netscape/security/x509/DNSName.java
index 831f51cc1..361c23571 100644
--- a/base/util/src/netscape/security/x509/DNSName.java
+++ b/base/util/src/netscape/security/x509/DNSName.java
@@ -25,7 +25,7 @@ import netscape.security.util.DerValue;
 /**
  * This class implements the DNSName as required by the GeneralNames
  * ASN.1 object.
- * 
+ *
  * @author Amit Kapoor
  * @author Hemma Prafullchandra
  * @version 1.4
@@ -39,7 +39,7 @@ public class DNSName implements GeneralNameInterface {
 
     /**
      * Create the DNSName object from the passed encoded Der value.
-     * 
+     *
      * @param derValue the encoded DER DNSName.
      * @exception IOException on error.
      */
@@ -49,7 +49,7 @@ public class DNSName implements GeneralNameInterface {
 
     /**
      * Create the DNSName object with the specified name.
-     * 
+     *
      * @param name the DNSName.
      */
     public DNSName(String name) {
@@ -65,7 +65,7 @@ public class DNSName implements GeneralNameInterface {
 
     /**
      * Encode the DNS name into the DerOutputStream.
-     * 
+     *
      * @param out the DER stream to encode the DNSName to.
      * @exception IOException on encoding errors.
      */
diff --git a/base/util/src/netscape/security/x509/DeltaCRLIndicatorExtension.java b/base/util/src/netscape/security/x509/DeltaCRLIndicatorExtension.java
index da870f4fd..4b64d59a9 100755
--- a/base/util/src/netscape/security/x509/DeltaCRLIndicatorExtension.java
+++ b/base/util/src/netscape/security/x509/DeltaCRLIndicatorExtension.java
@@ -32,12 +32,12 @@ import netscape.security.util.DerValue;
 
 /**
  * Represent the Delta CRL Indicator Extension.
- * 
+ *
  * 

  * The delta CRL indicator is a critical CRL extension that identifies a delta-CRL. The value of BaseCRLNumber
  * identifies the CRL number of the base CRL that was used as the starting point in the generation of this delta- CRL.
  * The delta-CRL contains the changes between the base CRL and the current CRL issued along with the delta-CRL.
- * 
+ *
  * @see Extension
  * @see CertAttrSet
  */
@@ -81,7 +81,7 @@ public class DeltaCRLIndicatorExtension extends Extension
     /**
      * Create a DeltaCRLIndicatorExtension with the integer value.
      * The criticality is set to true.
-     * 
+     *
      * @param baseCRLNum the value to be set for the extension.
      */
     public DeltaCRLIndicatorExtension(int baseCRLNum) throws IOException {
@@ -94,7 +94,7 @@ public class DeltaCRLIndicatorExtension extends Extension
     /**
      * Create a DeltaCRLIndicatorExtension with the BigInteger value.
      * The criticality is set to true.
-     * 
+     *
      * @param baseCRLNum the value to be set for the extension.
      */
     public DeltaCRLIndicatorExtension(BigInteger baseCRLNum) throws IOException {
@@ -106,7 +106,7 @@ public class DeltaCRLIndicatorExtension extends Extension
 
     /**
      * Create a DeltaCRLIndicatorExtension with the BigInteger value.
-     * 
+     *
      * @param critical true if the extension is to be treated as critical.
      * @param baseCRLNum the value to be set for the extension.
      */
@@ -120,7 +120,7 @@ public class DeltaCRLIndicatorExtension extends Extension
 
     /**
      * Create the extension from the passed DER encoded value of the same.
-     * 
+     *
      * @param critical true if the extension is to be treated as critical.
      * @param value Array of DER encoded bytes of the actual value.
      * @exception IOException on error.
@@ -194,7 +194,7 @@ public class DeltaCRLIndicatorExtension extends Extension
 
     /**
      * Decode the extension from the InputStream.
-     * 
+     *
      * @param in the InputStream to unmarshal the contents from.
      * @exception IOException on decoding or validity errors.
      */
@@ -204,7 +204,7 @@ public class DeltaCRLIndicatorExtension extends Extension
 
     /**
      * Write the extension to the DerOutputStream.
-     * 
+     *
      * @param out the DerOutputStream to write the extension to.
      * @exception IOException on encoding errors.
      */
diff --git a/base/util/src/netscape/security/x509/DirStrConverter.java b/base/util/src/netscape/security/x509/DirStrConverter.java
index 776344c0a..01d80bee4 100644
--- a/base/util/src/netscape/security/x509/DirStrConverter.java
+++ b/base/util/src/netscape/security/x509/DirStrConverter.java
@@ -30,17 +30,17 @@ import netscape.security.util.DerValue;
  * A DirStrConverter converts a string to a DerValue of ASN.1 Directory String,
  * which is a CHOICE of Printable (subset of ASCII), T.61 (Teletex) or
  * Universal String (UCS-4), and vice versa.
- * 
+ *
  * 

  * The string to DerValue conversion is done as follows. If the string has only PrintableString characters it is
  * converted to a ASN.1 Printable String using the PrintableString encoder from the global default ASN1CharStrConvMap.
  * If it has only characters covered in the PrintableString or T.61 character set it is converted to a ASN.1 T.61 string
  * using the T.61 encoder from the ASN1CharStrCovnMap. Otherwise it is converted to a ASN.1 UniversalString (UCS-4
  * character set) which covers all characters.
- * 
+ *
  * @see AVAValueConverter
  * @see ASN1CharStrConvMap
- * 
+ *
  * @author Lily Hsiao, Slava Galperin at Netscape Communications, Inc.
  */
 
@@ -59,11 +59,11 @@ public class DirStrConverter implements AVAValueConverter {
      * Converts a string to a DER encoded ASN1 Directory String, which is a
      * CHOICE of PrintableString, T.61String or UniversalString.
      * The string is taken as is i.e. should not be in Ldap DN string syntax.
-     * 
+     *
      * @param ds a string representing a directory string value.
-     * 
+     *
      * @return a DerValue
-     * 
+     *
      * @exception IOException if the string cannot be converted, such as
      *                when a UniversalString encoder
      *                isn't available and the string contains
@@ -121,13 +121,13 @@ public class DirStrConverter implements AVAValueConverter {
      * Creates a DerValue from a BER encoded value, obtained from for example
      * a attribute value in octothorpe form of a Ldap DN string.
      * Checks if the BER encoded value is legal for a DirectoryString.
-     * 
+     *
      * NOTE: currently only supports DER encoding for the BER encoded value.
-     * 
+     *
      * @param berStream Byte array of a BER encoded value.
-     * 
+     *
      * @return DerValue object.
-     * 
+     *
      * @exception IOException If the BER value cannot be converted to a
      *                valid Directory String DER value.
      */
@@ -148,7 +148,7 @@ public class DirStrConverter implements AVAValueConverter {
     /**
      * Converts a DerValue to a string.
      * The string is not in any syntax, such as RFC1779 string syntax.
-     * 
+     *
      * @param avaValue a DerValue
      * @return a string if the value can be converted.
      * @exception IOException if a decoder needed for the
diff --git a/base/util/src/netscape/security/x509/DisplayText.java b/base/util/src/netscape/security/x509/DisplayText.java
index a379617a7..1c43d4946 100644
--- a/base/util/src/netscape/security/x509/DisplayText.java
+++ b/base/util/src/netscape/security/x509/DisplayText.java
@@ -24,13 +24,13 @@ import netscape.security.util.DerValue;
 
 /**
  * Represent the DisplayText.
- * 
+ *
  * DisplayText ::= CHOICE {
  * visibleString VisibleString (SIZE (1..200)),
  * bmpString BMPString (SIZE (1..200)),
  * utf8String UTF8String (SIZE (1..200)),
  * }
- * 
+ *
  * @author Thomas Kwan
  */
 public class DisplayText {
@@ -56,7 +56,7 @@ public class DisplayText {
 
     /**
      * Write the DisplayText to the DerOutputStream.
-     * 
+     *
      * @param out the DerOutputStream to write the object to.
      * @exception IOException on errors.
      */
diff --git a/base/util/src/netscape/security/x509/EDIPartyName.java b/base/util/src/netscape/security/x509/EDIPartyName.java
index 0c69242cc..eac5c0953 100644
--- a/base/util/src/netscape/security/x509/EDIPartyName.java
+++ b/base/util/src/netscape/security/x509/EDIPartyName.java
@@ -26,13 +26,13 @@ import netscape.security.util.DerValue;
 /**
  * This class defines the EDIPartyName of the GeneralName choice.
  * The ASN.1 syntax for this is:
- * 
+ *
  * 
  * EDIPartyName ::= SEQUENCE {
  *     nameAssigner  [0]  DirectoryString OPTIONAL,
  *     partyName     [1]  DirectoryString }
  * 

- * 
+ *
  * @author Hemma Prafullchandra
  * @version 1.2
  * @see GeneralName
@@ -54,7 +54,7 @@ public class EDIPartyName implements GeneralNameInterface {
 
     /**
      * Create the EDIPartyName object from the specified names.
-     * 
+     *
      * @param assignerName the name of the assigner
      * @param partyName the name of the EDI party.
      */
@@ -65,7 +65,7 @@ public class EDIPartyName implements GeneralNameInterface {
 
     /**
      * Create the EDIPartyName object from the specified name.
-     * 
+     *
      * @param partyName the name of the EDI party.
      */
     public EDIPartyName(String partyName) {
@@ -74,7 +74,7 @@ public class EDIPartyName implements GeneralNameInterface {
 
     /**
      * Create the EDIPartyName object from the passed encoded Der value.
-     * 
+     *
      * @param derValue the encoded DER EDIPartyName.
      * @exception IOException on error.
      */
@@ -116,7 +116,7 @@ public class EDIPartyName implements GeneralNameInterface {
 
     /**
      * Encode the EDI party name into the DerOutputStream.
-     * 
+     *
      * @param out the DER stream to encode the EDIPartyName to.
      * @exception IOException on encoding errors.
      */
diff --git a/base/util/src/netscape/security/x509/Extension.java b/base/util/src/netscape/security/x509/Extension.java
index 7dc9e2890..8d575606a 100644
--- a/base/util/src/netscape/security/x509/Extension.java
+++ b/base/util/src/netscape/security/x509/Extension.java
@@ -27,16 +27,16 @@ import netscape.security.util.ObjectIdentifier;
 
 /**
  * Represent a X509 Extension Attribute.
- * 
+ *
  * 

  * Extensions are addiitonal attributes which can be inserted in a X509 v3 certificate. For example a
  * "Driving License Certificate" could have the driving license number as a extension.
- * 
+ *
  * 

  * Extensions are represented as a sequence of the extension identifier (Object Identifier), a boolean flag stating
  * whether the extension is to be treated as being critical and the extension value itself (this is again a DER encoding
  * of the extension value).
- * 
+ *
  * 
  * ASN.1 definition of Extension:
  * Extension ::= SEQUENCE {
@@ -45,7 +45,7 @@ import netscape.security.util.ObjectIdentifier;
  * extensionValue	OCTET STRING
  * }
  * 

- * 
+ *
  * @author Amit Kapoor
  * @author Hemma Prafullchandra
  * @version 1.9
@@ -92,7 +92,7 @@ public class Extension implements Serializable {
     /**
      * Constructs an Extension from individual components of ObjectIdentifier,
      * criticality and the DER encoded OctetString.
-     * 
+     *
      * @param extensionId the ObjectIdentifier of the extension
      * @param critical the boolean indicating if the extension is critical
      * @param extensionValue the DER encoded octet string of the value.
@@ -110,7 +110,7 @@ public class Extension implements Serializable {
     /**
      * Constructs an Extension from another extension. To be used for
      * creating decoded subclasses.
-     * 
+     *
      * @param ext the extension to create from.
      */
     public Extension(Extension ext) {
@@ -121,7 +121,7 @@ public class Extension implements Serializable {
 
     /**
      * Write the extension to the DerOutputStream.
-     * 
+     *
      * @param out the DerOutputStream to write the extension to.
      * @exception IOException on encoding errors
      */
diff --git a/base/util/src/netscape/security/x509/Extensions.java b/base/util/src/netscape/security/x509/Extensions.java
index 622367ab6..e0a7e1f60 100644
--- a/base/util/src/netscape/security/x509/Extensions.java
+++ b/base/util/src/netscape/security/x509/Extensions.java
@@ -34,7 +34,7 @@ import netscape.security.util.DerValue;
 
 /**
  * This class defines the Extensions attribute for the Certificate.
- * 
+ *
  * @author Amit Kapoor
  * @author Hemma Prafullchandra
  * @version 1.11
@@ -107,7 +107,7 @@ public class Extensions extends Vector
 
     /**
      * Create the object, decoding the values from the passed DER stream.
-     * 
+     *
      * @param in the DerInputStream to read the Extension from.
      * @exception IOException on decoding errors.
      */
@@ -125,7 +125,7 @@ public class Extensions extends Vector
 
     /**
      * Decode the extensions from the InputStream.
-     * 
+     *
      * @param in the InputStream to unmarshal the contents from.
      * @exception IOException on decoding or validity errors.
      */
@@ -144,7 +144,7 @@ public class Extensions extends Vector
 
     /**
      * Encode the extensions in DER form to the stream.
-     * 
+     *
      * @param out the DerOutputStream to marshal the contents to.
      * @exception CertificateException on encoding errors.
      * @exception IOException on errors.
@@ -170,7 +170,7 @@ public class Extensions extends Vector
 
     /**
      * Set the attribute value.
-     * 
+     *
      * @param name the extension name used in the cache.
      * @param obj the object to set.
      * @exception IOException if the object could not be cached.
@@ -182,7 +182,7 @@ public class Extensions extends Vector
 
     /**
      * Get the attribute value.
-     * 
+     *
      * @param name the extension name used in the lookup.
      * @exception IOException if named extension is not found.
      */
@@ -196,7 +196,7 @@ public class Extensions extends Vector
 
     /**
      * Delete the attribute value.
-     * 
+     *
      * @param name the extension name used in the lookup.
      * @exception IOException if named extension is not found.
      */
diff --git a/base/util/src/netscape/security/x509/FreshestCRLExtension.java b/base/util/src/netscape/security/x509/FreshestCRLExtension.java
index c749ae04e..8e32bed66 100644
--- a/base/util/src/netscape/security/x509/FreshestCRLExtension.java
+++ b/base/util/src/netscape/security/x509/FreshestCRLExtension.java
@@ -38,19 +38,19 @@ import org.mozilla.jss.asn1.SEQUENCE;
  * An extension that tells applications where to find
  * the latest (freshest) delta CRL for this certificate
  * or full CRL.
- * 
+ *
  * 
  * cRLDistributionPoints ::= SEQUENCE SIZE (1..MAX) OF DistributionPoint
- * 
+ *
  * DistributionPoint ::= SEQUENCE {
  *      distributionPoint       [0]     DistributionPointName OPTIONAL,
  *      reasons                 [1]     ReasonFlags OPTIONAL,
  *      cRLIssuer               [2]     GeneralNames OPTIONAL }
- * 
+ *
  * DistributionPointName ::= CHOICE {
  *      fullName                [0]     GeneralNames,
  *      nameRelativeToCRLIssuer [1]     RelativeDistinguishedName }
- * 
+ *
  * ReasonFlags ::= BIT STRING {
  *      unused                  (0),
  *      keyCompromise           (1),
@@ -339,7 +339,7 @@ public class FreshestCRLExtension extends Extension
         /**
          * Given a bit array representing reason flags, extracts the reasons
          * and returns them as an array.
-         * 
+         *
          * @param bitFlags A bit vector containing reason flags.
          * @return An array of reasons contained in the bit vector.
          *         May be zero-length but will not be null.
@@ -352,7 +352,7 @@ public class FreshestCRLExtension extends Extension
          * Given a bit array representing reason flags, extracts the reasons
          * and returns them as an array. Currently, only the first byte
          * of the bitflags are examined.
-         * 
+         *
          * @param bitFlags A bit vector containing reason flags. The format
          *            is big-endian (MSB first). Only the first byte is examined.
          * @return An array of reasons contained in the bit vector.
diff --git a/base/util/src/netscape/security/x509/GeneralName.java b/base/util/src/netscape/security/x509/GeneralName.java
index 5ed98d830..a90ac7bf2 100644
--- a/base/util/src/netscape/security/x509/GeneralName.java
+++ b/base/util/src/netscape/security/x509/GeneralName.java
@@ -26,7 +26,7 @@ import netscape.security.util.DerValue;
  * This class implements the ASN.1 GeneralName object class.
  * 

  * The ASN.1 syntax for this is:
- * 
+ *
  * 
  * GeneralName ::= CHOICE {
  *    otherName                       [0]     OtherName,
@@ -40,7 +40,7 @@ import netscape.security.util.DerValue;
  *    registeredID                    [8]     OBJECT IDENTIFIER
  * }
  * 

- * 
+ *
  * @author Amit Kapoor
  * @author Hemma Prafullchandra
  * @version 1.7
@@ -56,7 +56,7 @@ public class GeneralName implements GeneralNameInterface {
 
     /**
      * Default constructor for the class.
-     * 
+     *
      * @param name the selected CHOICE from the list.
      */
     public GeneralName(GeneralNameInterface name) {
@@ -65,15 +65,15 @@ public class GeneralName implements GeneralNameInterface {
 
     /**
      * Create the object from its DER encoded value.
-     * 
+     *
      * @param encName the DER encoded GeneralName.
      */
     public GeneralName(DerValue encName) throws IOException {
         short tag = (byte) (encName.tag & 0x1f);
 
-        // NB. this is always encoded with the IMPLICIT tag 
-        // The checks only make sense if we assume implicit tagging, 
-        // with explicit tagging the form is always constructed. 
+        // NB. this is always encoded with the IMPLICIT tag
+        // The checks only make sense if we assume implicit tagging,
+        // with explicit tagging the form is always constructed.
         switch (tag) {
         case GeneralNameInterface.NAME_RFC822:
             if (encName.isContextSpecific() && !encName.isConstructed()) {
@@ -167,7 +167,7 @@ public class GeneralName implements GeneralNameInterface {
 
     /**
      * Encode the name to the specified DerOutputStream.
-     * 
+     *
      * @param out the DerOutputStream to encode the the GeneralName to.
      * @exception IOException on encoding errors.
      */
diff --git a/base/util/src/netscape/security/x509/GeneralNameInterface.java b/base/util/src/netscape/security/x509/GeneralNameInterface.java
index 4a9673663..7225ccc04 100644
--- a/base/util/src/netscape/security/x509/GeneralNameInterface.java
+++ b/base/util/src/netscape/security/x509/GeneralNameInterface.java
@@ -24,7 +24,7 @@ import netscape.security.util.DerOutputStream;
 /**
  * This interface specifies the abstract methods which have to be
  * implemented by all the members of the GeneralNames ASN.1 object.
- * 
+ *
  * @author Amit Kapoor
  * @author Hemma Prafullchandra
  * @version 1.6
@@ -51,7 +51,7 @@ public interface GeneralNameInterface extends java.io.Serializable {
 
     /**
      * Encode the name to the specified DerOutputStream.
-     * 
+     *
      * @param out the DerOutputStream to encode the GeneralName to.
      * @exception IOException thrown if the GeneralName could not be
      *                encoded.
diff --git a/base/util/src/netscape/security/x509/GeneralNames.java b/base/util/src/netscape/security/x509/GeneralNames.java
index 9e06db5ac..08084764a 100644
--- a/base/util/src/netscape/security/x509/GeneralNames.java
+++ b/base/util/src/netscape/security/x509/GeneralNames.java
@@ -29,11 +29,11 @@ import netscape.security.util.DerValue;
  * X509 certificates.
  * 

  * The ASN.1 syntax for this is:
- * 
+ *
  * 
  * GeneralNames ::= SEQUENCE SIZE (1..MAX) OF GeneralName
  * 

- * 
+ *
  * @author Amit Kapoor
  * @author Hemma Prafullchandra
  * @version 1.7
@@ -46,11 +46,11 @@ public class GeneralNames extends Vector {
 
     /**
      * Create the GeneralNames, decoding from the passed DerValue.
-     * 
+     *
      * Caution when using this constructor. It may be broken!
      * Better to call addElement(gni) directly where gni is
      * a GeneralNameInterface object 
-     * 
+     *
      * @param derVal the DerValue to construct the GeneralNames from.
      * @exception GeneralNamesException on decoding error.
      * @exception IOException on error.
@@ -75,7 +75,7 @@ public class GeneralNames extends Vector {
 
     /**
      * Create the GeneralNames
-     * 
+     *
      * @param names a non-empty array of names to put into the
      *            generalNames
      */
@@ -99,7 +99,7 @@ public class GeneralNames extends Vector {
 
     /**
      * Write the extension to the DerOutputStream.
-     * 
+     *
      * @param out the DerOutputStream to write the extension to.
      * @exception GeneralNamesException on encoding error.
      * @exception IOException on error.
diff --git a/base/util/src/netscape/security/x509/GeneralNamesException.java b/base/util/src/netscape/security/x509/GeneralNamesException.java
index 6309ed114..11c763fda 100644
--- a/base/util/src/netscape/security/x509/GeneralNamesException.java
+++ b/base/util/src/netscape/security/x509/GeneralNamesException.java
@@ -21,7 +21,7 @@ import java.security.GeneralSecurityException;
 
 /**
  * Generic General Names Exception.
- * 
+ *
  * @author Amit Kapoor
  * @author Hemma Prafullchandra
  * @version 1.4
@@ -41,7 +41,7 @@ public class GeneralNamesException extends GeneralSecurityException {
 
     /**
      * Constructs the exception with the specified error message.
-     * 
+     *
      * @param message the requisite error message.
      */
     public GeneralNamesException(String message) {
diff --git a/base/util/src/netscape/security/x509/GeneralSubtree.java b/base/util/src/netscape/security/x509/GeneralSubtree.java
index 635427e0b..6a5cdc540 100644
--- a/base/util/src/netscape/security/x509/GeneralSubtree.java
+++ b/base/util/src/netscape/security/x509/GeneralSubtree.java
@@ -26,7 +26,7 @@ import netscape.security.util.PrettyPrintFormat;
 
 /**
  * Represent the GeneralSubtree ASN.1 object, whose syntax is:
- * 
+ *
  * 
  * GeneralSubtree ::= SEQUENCE {
  *    base             GeneralName,
@@ -35,7 +35,7 @@ import netscape.security.util.PrettyPrintFormat;
  * }
  * BaseDistance ::= INTEGER (0..MAX)
  * 

- * 
+ *
  * @version 1.5
  * @author Amit Kapoor
  * @author Hemma Prafullchandra
@@ -53,7 +53,7 @@ public class GeneralSubtree {
 
     /**
      * The default constructor for the class.
-     * 
+     *
      * @param name the GeneralName
      * @param min the minimum BaseDistance
      * @param max the maximum BaseDistance
@@ -66,7 +66,7 @@ public class GeneralSubtree {
 
     /**
      * Create the object from its DER encoded form.
-     * 
+     *
      * @param val the DER encoded from of the same.
      */
     public GeneralSubtree(DerValue val) throws IOException {
@@ -122,7 +122,7 @@ public class GeneralSubtree {
 
     /**
      * Encode the GeneralSubtree.
-     * 
+     *
      * @param out the DerOutputStream to encode this object to.
      */
     public void encode(DerOutputStream out) throws IOException {
diff --git a/base/util/src/netscape/security/x509/GeneralSubtrees.java b/base/util/src/netscape/security/x509/GeneralSubtrees.java
index 37097ca71..0c3c64cb2 100644
--- a/base/util/src/netscape/security/x509/GeneralSubtrees.java
+++ b/base/util/src/netscape/security/x509/GeneralSubtrees.java
@@ -27,9 +27,9 @@ import netscape.security.util.PrettyPrintFormat;
 
 /**
  * Represent the GeneralSubtrees ASN.1 object.
- * 
+ *
  * @version 1.4
- * 
+ *
  * @author Amit Kapoor
  * @author Hemma Prafullchandra
  */
@@ -39,7 +39,7 @@ public class GeneralSubtrees {
 
     /**
      * The default constructor for the class.
-     * 
+     *
      * @param trees the sequence of GeneralSubtree.
      */
     public GeneralSubtrees(Vector trees) {
@@ -48,7 +48,7 @@ public class GeneralSubtrees {
 
     /**
      * Create the object from the passed DER encoded form.
-     * 
+     *
      * @param val the DER encoded form of the same.
      */
     public GeneralSubtrees(DerValue val) throws IOException {
@@ -88,7 +88,7 @@ public class GeneralSubtrees {
 
     /**
      * Encode the GeneralSubtrees.
-     * 
+     *
      * @param out the DerOutputStrean to encode this object to.
      */
     public void encode(DerOutputStream out) throws IOException {
diff --git a/base/util/src/netscape/security/x509/GenericValueConverter.java b/base/util/src/netscape/security/x509/GenericValueConverter.java
index 73bc1979c..f08ebcca5 100644
--- a/base/util/src/netscape/security/x509/GenericValueConverter.java
+++ b/base/util/src/netscape/security/x509/GenericValueConverter.java
@@ -31,16 +31,16 @@ import netscape.security.util.DerValue;
  * a particular attribute to a DER encoded ASN.1 character string type.
  * Currently supports PrintableString, IA5String, BMPString T.61String and
  * Universal String.
- * 
+ *
  * 

  * The conversion is done as follows. An encoder is obtained for the all the character sets from the global default
  * ASN1CharStrConvMap. The encoders are then used to convert the string to the smallest character set first --
  * printableString. If the string contains characters outside of that character set, it is converted to the next
  * character set -- IA5String character set. If that is not enough it is converted to a BMPString, then Universal String
  * which contains all characters.
- * 
+ *
  * @author Lily Hsiao, Slava Galperin at Netscape Communications, Inc.
- * 
+ *
  */
 
 public class GenericValueConverter implements AVAValueConverter {
@@ -51,16 +51,16 @@ public class GenericValueConverter implements AVAValueConverter {
      * Converts a string to a DER encoded ASN.1 primtable string, defined here
      * as a PrintableString, IA5String, T.61String, BMPString or
      * UniversalString. The string is not expected to be encoded in any form.
-     * 
+     *
      * 

      * If an encoder is not available for a character set that is needed to convert the string, the string cannot be
      * converted and an IOException is thrown. For example, if the string contains characters outside the
      * PrintableString character and only a PrintableString encoder is available then an IOException is thrown.
-     * 
+     *
      * @param s A string representing a generic attribute string value.
-     * 
+     *
      * @return The DER value of the attribute.
-     * 
+     *
      * @exception IOException if the string cannot be converted, such as
      *                when an encoder needed is
      *                unavailable.
@@ -99,13 +99,13 @@ public class GenericValueConverter implements AVAValueConverter {
 
     /**
      * Creates a DerValue from the byte array of BER encoded value.
-     * 
+     *
      * NOTE: currently only supports DER encoding (a form of BER) on input .
-     * 
+     *
      * @param berStream Byte array of a BER encoded value.
-     * 
+     *
      * @return DerValue object.
-     * 
+     *
      * @exception IOException If the BER value cannot be converted to a
      *                valid Directory String DER value.
      */
@@ -119,7 +119,7 @@ public class GenericValueConverter implements AVAValueConverter {
     /**
      * Converts a DerValue of ASN1 Character string type to a java string
      * (the string is not encoded in any form).
-     * 
+     *
      * @param avaValue A DerValue
      * @return A string representing the attribute value.
      * @exception IOException if a decoder needed for the
diff --git a/base/util/src/netscape/security/x509/HoldInstructionExtension.java b/base/util/src/netscape/security/x509/HoldInstructionExtension.java
index b42bb6ac9..82e8475af 100644
--- a/base/util/src/netscape/security/x509/HoldInstructionExtension.java
+++ b/base/util/src/netscape/security/x509/HoldInstructionExtension.java
@@ -32,11 +32,11 @@ import netscape.security.util.ObjectIdentifier;
 
 /**
  * Represent the CRL Hold Instruction Code Extension.
- * 
+ *
  * 

  * The hold instruction code is a non-critical CRL entry extension that provides a registered instruction identifier
  * which indicates the action to be taken after encountering a certificate that has been placed on hold.
- * 
+ *
  * @see Extension
  * @see CertAttrSet
  */
@@ -121,7 +121,7 @@ public class HoldInstructionExtension extends Extension
     /**
      * Create a HoldInstructionExtension with the date.
      * The criticality is set to false.
-     * 
+     *
      * @param code the value to be set for the extension.
      */
     public HoldInstructionExtension(int code)
@@ -137,7 +137,7 @@ public class HoldInstructionExtension extends Extension
     /**
      * Create a HoldInstructionExtension with the date.
      * The criticality is set to false.
-     * 
+     *
      * @param oidStr the value to be set for the extension.
      */
     public HoldInstructionExtension(String oidStr)
@@ -154,7 +154,7 @@ public class HoldInstructionExtension extends Extension
     /**
      * Create a HoldInstructionExtension with the date.
      * The criticality is set to false.
-     * 
+     *
      * @param oid the value to be set for the extension.
      */
     public HoldInstructionExtension(ObjectIdentifier oid)
@@ -170,7 +170,7 @@ public class HoldInstructionExtension extends Extension
     /**
      * Create a HoldInstructionExtension with the date.
      * The criticality is set to false.
-     * 
+     *
      * @param critical true if the extension is to be treated as critical.
      * @param code the value to be set for the extension.
      */
@@ -187,7 +187,7 @@ public class HoldInstructionExtension extends Extension
     /**
      * Create a HoldInstructionExtension with the date.
      * The criticality is set to false.
-     * 
+     *
      * @param critical true if the extension is to be treated as critical.
      * @param oidStr the value to be set for the extension.
      */
@@ -205,7 +205,7 @@ public class HoldInstructionExtension extends Extension
     /**
      * Create a HoldInstructionExtension with the date.
      * The criticality is set to false.
-     * 
+     *
      * @param critical true if the extension is to be treated as critical.
      * @param oid the value to be set for the extension.
      */
@@ -221,7 +221,7 @@ public class HoldInstructionExtension extends Extension
 
     /**
      * Create the extension from the passed DER encoded value of the same.
-     * 
+     *
      * @param critical true if the extension is to be treated as critical.
      * @param value Array of DER encoded bytes of the actual value.
      * @exception IOException on error.
@@ -309,7 +309,7 @@ public class HoldInstructionExtension extends Extension
 
     /**
      * Decode the extension from the InputStream.
-     * 
+     *
      * @param in the InputStream to unmarshal the contents from.
      * @exception IOException on decoding or validity errors.
      */
@@ -319,7 +319,7 @@ public class HoldInstructionExtension extends Extension
 
     /**
      * Write the extension to the DerOutputStream.
-     * 
+     *
      * @param out the DerOutputStream to write the extension to.
      * @exception IOException on encoding errors.
      */
diff --git a/base/util/src/netscape/security/x509/IA5StringConverter.java b/base/util/src/netscape/security/x509/IA5StringConverter.java
index eced75a58..f01d090d1 100644
--- a/base/util/src/netscape/security/x509/IA5StringConverter.java
+++ b/base/util/src/netscape/security/x509/IA5StringConverter.java
@@ -29,16 +29,16 @@ import netscape.security.util.DerValue;
 /**
  * A AVAValueConverter that converts a IA5String attribute to a DerValue
  * and vice versa. An example an attribute that is a IA5String string is "E".
- * 
+ *
  * @see AVAValueConverter
- * 
+ *
  * @author Lily Hsiao, Slava Galperin at Netscape Communications, Inc.
  */
 
 public class IA5StringConverter implements AVAValueConverter {
-    // public constructors 
+    // public constructors
 
-    /* 
+    /*
      * Contructs a IA5String Converter.
      */
     public IA5StringConverter() {
@@ -46,11 +46,11 @@ public class IA5StringConverter implements AVAValueConverter {
 
     /*
      * Converts a string with ASN.1 IA5String characters to a DerValue.
-     * 
+     *
      * @param valueString 	a string with IA5String characters.
-     * 
-     * @return			a DerValue. 
-     * 
+     *
+     * @return			a DerValue.
+     *
      * @exception IOException	if a IA5String encoder is not
      *				available for the conversion.
      */
@@ -81,11 +81,11 @@ public class IA5StringConverter implements AVAValueConverter {
      * Checks if the BER encoded value is a IA5String.
      * NOTE only DER encoding is currently supported on for the BER
      * encoded value.
-     * 
+     *
      * @param berStream 	a byte array of the BER encoded value.
-     * 
-     * @return 			a DerValue. 
-     * 
+     *
+     * @return 			a DerValue.
+     *
      * @exception IOException   if the BER value cannot be converted
      *				to a IA5String DER value.
      */
@@ -100,9 +100,9 @@ public class IA5StringConverter implements AVAValueConverter {
     }
 
     /*
-     * Converts a DerValue of IA5String to a java string with IA5String 
-     * characters. 
-     * 
+     * Converts a DerValue of IA5String to a java string with IA5String
+     * characters.
+     *
      * @param avaValue 	a DerValue.
      *
      * @return 		a string with IA5String characters.
diff --git a/base/util/src/netscape/security/x509/IPAddressName.java b/base/util/src/netscape/security/x509/IPAddressName.java
index 75b5bc564..1270f910d 100644
--- a/base/util/src/netscape/security/x509/IPAddressName.java
+++ b/base/util/src/netscape/security/x509/IPAddressName.java
@@ -26,13 +26,13 @@ import netscape.security.util.DerValue;
 /**
  * This class implements the IPAddressName as required by the GeneralNames
  * ASN.1 object.
- * 
+ *
  * @see GeneralName
  * @see GeneralNameInterface
  * @see GeneralNames
- * 
+ *
  * @version 1.2
- * 
+ *
  * @author Amit Kapoor
  * @author Hemma Prafullchandra
  */
@@ -45,7 +45,7 @@ public class IPAddressName implements GeneralNameInterface {
 
     /**
      * Create the IPAddressName object from the passed encoded Der value.
-     * 
+     *
      * @param derValue the encoded DER IPAddressName.
      * @exception IOException on error.
      */
@@ -55,7 +55,7 @@ public class IPAddressName implements GeneralNameInterface {
 
     /**
      * Create the IPAddressName object with the specified name.
-     * 
+     *
      * @param name the IPAddressName.
      */
     public IPAddressName(byte[] address) {
@@ -72,7 +72,7 @@ public class IPAddressName implements GeneralNameInterface {
      * ip address and a string representing the netmask, with encoding
      * having ip address encoding followed by the netmask encoding.
      * This form is needed for name constraints extension.
-     * 
+     *
      * @param s the ip address in the format: n.n.n.n or x:x:x:x:x:x:x:x (RFC 1884)
      * @param netmask the netmask address in the format: n.n.n.n or x:x:x:x:x:x:x:x (RFC 1884)
      */
@@ -101,7 +101,7 @@ public class IPAddressName implements GeneralNameInterface {
     /**
      * Create the IPAddressName object with a string representing the
      * ip address.
-     * 
+     *
      * @param s the ip address in the format: n.n.n.n or x:x:x:x:x:x:x:x
      */
     public IPAddressName(String s) {
@@ -125,7 +125,7 @@ public class IPAddressName implements GeneralNameInterface {
 
     /**
      * Encode the IPAddress name into the DerOutputStream.
-     * 
+     *
      * @param out the DER stream to encode the IPAddressName to.
      * @exception IOException on encoding errors.
      */
diff --git a/base/util/src/netscape/security/x509/InvalidityDateExtension.java b/base/util/src/netscape/security/x509/InvalidityDateExtension.java
index 44c76275f..8a9730385 100755
--- a/base/util/src/netscape/security/x509/InvalidityDateExtension.java
+++ b/base/util/src/netscape/security/x509/InvalidityDateExtension.java
@@ -32,12 +32,12 @@ import netscape.security.util.DerValue;
 
 /**
  * Represent the CRL Invalidity Date Extension.
- * 
+ *
  * 

  * This CRL entry extension, if present, provides the date on which it is known or suspected that the private key was
  * compromised or that the certificate otherwise became invalid. Invalidity date may be earlier than the revocation
  * date.
- * 
+ *
  * @see Extension
  * @see CertAttrSet
  */
@@ -82,7 +82,7 @@ public class InvalidityDateExtension extends Extension
     /**
      * Create a InvalidityDateExtension with the date.
      * The criticality is set to false.
-     * 
+     *
      * @param dateOfInvalidity the value to be set for the extension.
      */
     public InvalidityDateExtension(Date dateOfInvalidity)
@@ -96,7 +96,7 @@ public class InvalidityDateExtension extends Extension
     /**
      * Create a InvalidityDateExtension with the date.
      * The criticality is set to false.
-     * 
+     *
      * @param critical true if the extension is to be treated as critical.
      * @param dateOfInvalidity the value to be set for the extension.
      */
@@ -110,7 +110,7 @@ public class InvalidityDateExtension extends Extension
 
     /**
      * Create the extension from the passed DER encoded value of the same.
-     * 
+     *
      * @param critical true if the extension is to be treated as critical.
      * @param value Array of DER encoded bytes of the actual value.
      * @exception IOException on error.
@@ -196,7 +196,7 @@ public class InvalidityDateExtension extends Extension
 
     /**
      * Decode the extension from the InputStream.
-     * 
+     *
      * @param in the InputStream to unmarshal the contents from.
      * @exception IOException on decoding or validity errors.
      */
@@ -206,7 +206,7 @@ public class InvalidityDateExtension extends Extension
 
     /**
      * Write the extension to the DerOutputStream.
-     * 
+     *
      * @param out the DerOutputStream to write the extension to.
      * @exception IOException on encoding errors.
      */
diff --git a/base/util/src/netscape/security/x509/IssuerAlternativeNameExtension.java b/base/util/src/netscape/security/x509/IssuerAlternativeNameExtension.java
index df0289f9e..62b3ecf94 100644
--- a/base/util/src/netscape/security/x509/IssuerAlternativeNameExtension.java
+++ b/base/util/src/netscape/security/x509/IssuerAlternativeNameExtension.java
@@ -29,15 +29,15 @@ import netscape.security.util.DerValue;
 
 /**
  * This represents the Issuer Alternative Name Extension.
- * 
+ *
  * This extension, if present, allows the issuer to specify multiple
  * alternative names.
- * 
+ *
  * 

  * Extensions are represented as a sequence of the extension identifier (Object Identifier), a boolean flag stating
  * whether the extension is to be treated as being critical and the extension value itself (this is again a DER encoding
  * of the extension value).
- * 
+ *
  * @author Amit Kapoor
  * @author Hemma Prafullchandra
  * @version 1.7
@@ -78,7 +78,7 @@ public class IssuerAlternativeNameExtension
 
     /**
      * Create a IssuerAlternativeNameExtension with the passed GeneralNames.
-     * 
+     *
      * @param critical true if the extension is to be treated as critical.
      * @param names the GeneralNames for the issuer.
      * @exception IOException on error.
@@ -93,7 +93,7 @@ public class IssuerAlternativeNameExtension
 
     /**
      * Create a IssuerAlternativeNameExtension with the passed GeneralNames.
-     * 
+     *
      * @param names the GeneralNames for the issuer.
      * @exception IOException on error.
      */
@@ -116,7 +116,7 @@ public class IssuerAlternativeNameExtension
 
     /**
      * Create the extension from the passed DER encoded value.
-     * 
+     *
      * @param critical true if the extension is to be treated as critical.
      * @param value Array of DER encoded bytes of the actual value.
      * @exception IOException on error.
@@ -154,7 +154,7 @@ public class IssuerAlternativeNameExtension
 
     /**
      * Decode the extension from the InputStream.
-     * 
+     *
      * @param in the InputStream to unmarshal the contents from.
      * @exception IOException on decoding or validity errors.
      */
@@ -164,7 +164,7 @@ public class IssuerAlternativeNameExtension
 
     /**
      * Write the extension to the OutputStream.
-     * 
+     *
      * @param out the OutputStream to write the extension to.
      * @exception IOException on encoding error.
      */
diff --git a/base/util/src/netscape/security/x509/IssuingDistributionPoint.java b/base/util/src/netscape/security/x509/IssuingDistributionPoint.java
index 0f0747f84..504587bf4 100644
--- a/base/util/src/netscape/security/x509/IssuingDistributionPoint.java
+++ b/base/util/src/netscape/security/x509/IssuingDistributionPoint.java
@@ -42,11 +42,11 @@ import org.mozilla.jss.asn1.Tag;
  *         onlyContainsCACerts     [2] BOOLEAN DEFAULT FALSE,
  *         onlySomeReasons         [3] ReasonFlags OPTIONAL,
  *         indirectCRL             [4] BOOLEAN DEFAULT FALSE }
- * 
+ *
  * DistributionPointName ::= CHOICE {
  *         fullName                [0]     GeneralNames,
  *         nameRelativeToCRLIssuer [1]     RelativeDistinguishedName }
- * 
+ *
  * ReasonFlags ::= BIT STRING {
  *         unused                  (0),
  *         keyCompromise           (1),
@@ -55,9 +55,9 @@ import org.mozilla.jss.asn1.Tag;
  *         superseded              (4),
  *         cessationOfOperation    (5),
  *         certificateHold         (6) }
- * 
+ *
  * GeneralNames ::= SEQUENCE SIZE (1..MAX) OF GeneralName
- * 
+ *
  * GeneralName ::= CHOICE {
  *         otherName                       [0]     OtherName,
  *         rfc822Name                      [1]     IA5String,
@@ -68,27 +68,27 @@ import org.mozilla.jss.asn1.Tag;
  *         uniformResourceIdentifier       [6]     IA5String,
  *         iPAddress                       [7]     OCTET STRING,
  *         registeredID                    [8]     OBJECT IDENTIFIER}
- * 
+ *
  * OtherName ::= SEQUENCE {
  *         type-id    OBJECT IDENTIFIER,
  *         value      [0] EXPLICIT ANY DEFINED BY type-id }
- * 
+ *
  * EDIPartyName ::= SEQUENCE {
  *         nameAssigner            [0]     DirectoryString OPTIONAL,
  *         partyName               [1]     DirectoryString }
- * 
+ *
  * RelativeDistinguishedName ::=
  *         SET OF AttributeTypeAndValue
- * 
+ *
  * AttributeTypeAndValue ::= SEQUENCE {
  *         type     AttributeType,
  *         value    AttributeValue }
- * 
+ *
  * AttributeType ::= OBJECT IDENTIFIER
- * 
+ *
  * AttributeValue ::= ANY DEFINED BY AttributeType
  * 

- * 
+ *
  * See the documentation in CRLDistributionPoint for
  * the DistributionPointName and ReasonFlags ASN.1 types.
  */
@@ -126,7 +126,7 @@ public class IssuingDistributionPoint implements ASN1Value {
      * If it is set to a non-null value, relativeName will be
      * set to null, because at most one of these two attributes
      * can be specified at a time.
-     * 
+     *
      * @exception GeneralNamesException If an error occurs encoding the
      *                name.
      */
diff --git a/base/util/src/netscape/security/x509/IssuingDistributionPointExtension.java b/base/util/src/netscape/security/x509/IssuingDistributionPointExtension.java
index d5f5100bf..bcbaa2e3d 100644
--- a/base/util/src/netscape/security/x509/IssuingDistributionPointExtension.java
+++ b/base/util/src/netscape/security/x509/IssuingDistributionPointExtension.java
@@ -35,7 +35,7 @@ import org.mozilla.jss.asn1.ASN1Util;
 /**
  * A critical CRL extension that identifies the CRL distribution point
  * for a particular CRL
- * 
+ *
  * 
  * issuingDistributionPoint ::= SEQUENCE {
  *         distributionPoint       [0] DistributionPointName OPTIONAL,
@@ -43,11 +43,11 @@ import org.mozilla.jss.asn1.ASN1Util;
  *         onlyContainsCACerts     [2] BOOLEAN DEFAULT FALSE,
  *         onlySomeReasons         [3] ReasonFlags OPTIONAL,
  *         indirectCRL             [4] BOOLEAN DEFAULT FALSE }
- * 
+ *
  * DistributionPointName ::= CHOICE {
  *         fullName                [0]     GeneralNames,
  *         nameRelativeToCRLIssuer [1]     RelativeDistinguishedName }
- * 
+ *
  * ReasonFlags ::= BIT STRING {
  *         unused                  (0),
  *         keyCompromise           (1),
@@ -56,9 +56,9 @@ import org.mozilla.jss.asn1.ASN1Util;
  *         superseded              (4),
  *         cessationOfOperation    (5),
  *         certificateHold         (6) }
- * 
+ *
  * GeneralNames ::= SEQUENCE SIZE (1..MAX) OF GeneralName
- * 
+ *
  * GeneralName ::= CHOICE {
  *         otherName                       [0]     OtherName,
  *         rfc822Name                      [1]     IA5String,
@@ -69,24 +69,24 @@ import org.mozilla.jss.asn1.ASN1Util;
  *         uniformResourceIdentifier       [6]     IA5String,
  *         iPAddress                       [7]     OCTET STRING,
  *         registeredID                    [8]     OBJECT IDENTIFIER}
- * 
+ *
  * OtherName ::= SEQUENCE {
  *         type-id    OBJECT IDENTIFIER,
  *         value      [0] EXPLICIT ANY DEFINED BY type-id }
- * 
+ *
  * EDIPartyName ::= SEQUENCE {
  *         nameAssigner            [0]     DirectoryString OPTIONAL,
  *         partyName               [1]     DirectoryString }
- * 
+ *
  * RelativeDistinguishedName ::=
  *         SET OF AttributeTypeAndValue
- * 
+ *
  * AttributeTypeAndValue ::= SEQUENCE {
  *         type     AttributeType,
  *         value    AttributeValue }
- * 
+ *
  * AttributeType ::= OBJECT IDENTIFIER
- * 
+ *
  * AttributeValue ::= ANY DEFINED BY AttributeType
  * 

  */
diff --git a/base/util/src/netscape/security/x509/KeyIdentifier.java b/base/util/src/netscape/security/x509/KeyIdentifier.java
index 631f6fd65..c3d16030e 100644
--- a/base/util/src/netscape/security/x509/KeyIdentifier.java
+++ b/base/util/src/netscape/security/x509/KeyIdentifier.java
@@ -24,7 +24,7 @@ import netscape.security.util.DerValue;
 
 /**
  * Represent the Key Identifier ASN.1 object.
- * 
+ *
  * @author Amit Kapoor
  * @author Hemma Prafullchandra
  * @version 1.4
@@ -38,7 +38,7 @@ public class KeyIdentifier implements java.io.Serializable {
 
     /**
      * Create a KeyIdentifier with the passed bit settings.
-     * 
+     *
      * @param octetString the octet string identifying the key identifier.
      */
     public KeyIdentifier(byte[] octetString) {
@@ -47,7 +47,7 @@ public class KeyIdentifier implements java.io.Serializable {
 
     /**
      * Create a KeyIdentifier from the DER encoded value.
-     * 
+     *
      * @param val the DerValue
      */
     public KeyIdentifier(DerValue val) throws IOException {
@@ -77,7 +77,7 @@ public class KeyIdentifier implements java.io.Serializable {
 
     /**
      * Write the KeyIdentifier to the DerOutputStream.
-     * 
+     *
      * @param out the DerOutputStream to write the object to.
      * @exception IOException
      */
diff --git a/base/util/src/netscape/security/x509/KeyUsageExtension.java b/base/util/src/netscape/security/x509/KeyUsageExtension.java
index 56084dbcf..52cac0265 100644
--- a/base/util/src/netscape/security/x509/KeyUsageExtension.java
+++ b/base/util/src/netscape/security/x509/KeyUsageExtension.java
@@ -30,12 +30,12 @@ import netscape.security.util.DerValue;
 
 /**
  * Represent the Key Usage Extension.
- * 
+ *
  * 

  * This extension, if present, defines the purpose (e.g., encipherment, signature, certificate signing) of the key
  * contained in the certificate. The usage restriction might be employed when a multipurpose key is to be restricted
  * (e.g., when an RSA key should be used only for signing or only for key encipherment).
- * 
+ *
  * @author Amit Kapoor
  * @author Hemma Prafullchandra
  * @version 1.9
@@ -106,7 +106,7 @@ public class KeyUsageExtension extends Extension
 
     /**
      * Check if bit is set.
-     * 
+     *
      * @param position the position in the bit string to check.
      */
     private boolean isSet(int position) {
@@ -131,7 +131,7 @@ public class KeyUsageExtension extends Extension
     /**
      * Create a KeyUsageExtension with the passed bit settings. The criticality
      * is set to true.
-     * 
+     *
      * @param bitString the bits to be set for the extension.
      */
     public KeyUsageExtension(boolean critical, byte[] bitString) throws IOException {
@@ -153,7 +153,7 @@ public class KeyUsageExtension extends Extension
     /**
      * Create a KeyUsageExtension with the passed bit settings. The criticality
      * is set to true.
-     * 
+     *
      * @param bitString the bits to be set for the extension.
      */
     public KeyUsageExtension(boolean critical, boolean[] bitString) throws IOException {
@@ -173,7 +173,7 @@ public class KeyUsageExtension extends Extension
     /**
      * Create a KeyUsageExtension with the passed bit settings. The criticality
      * is set to true.
-     * 
+     *
      * @param bitString the bits to be set for the extension.
      */
     public KeyUsageExtension(BitArray bitString) throws IOException {
@@ -185,7 +185,7 @@ public class KeyUsageExtension extends Extension
 
     /**
      * Create the extension from the passed DER encoded value of the same.
-     * 
+     *
      * @param critical true if the extension is to be treated as critical.
      * @param value Array of DER encoded bytes of the actual value.
      * @exception IOException on error.
@@ -356,7 +356,7 @@ public class KeyUsageExtension extends Extension
 
     /**
      * Decode the extension from the InputStream.
-     * 
+     *
      * @param in the InputStream to unmarshal the contents from.
      * @exception IOException on decoding or validity errors.
      */
@@ -366,7 +366,7 @@ public class KeyUsageExtension extends Extension
 
     /**
      * Write the extension to the DerOutputStream.
-     * 
+     *
      * @param out the DerOutputStream to write the extension to.
      * @exception IOException on encoding errors.
      */
diff --git a/base/util/src/netscape/security/x509/LdapDNStrConverter.java b/base/util/src/netscape/security/x509/LdapDNStrConverter.java
index a8cb87813..b42ed6183 100644
--- a/base/util/src/netscape/security/x509/LdapDNStrConverter.java
+++ b/base/util/src/netscape/security/x509/LdapDNStrConverter.java
@@ -22,20 +22,20 @@ import java.io.IOException;
 /**
  * Abstract class that converts a Ldap DN String to an X500Name, RDN or AVA
  * and vice versa, except the string is a java string in unicode.
- * 
+ *
  * @author Lily Hsiao, Slava Galperin at Netscape Communications, Inc.
  */
 
 public abstract class LdapDNStrConverter {
-    // 
+    //
     // public parsing methods.
     //
 
     /**
      * Converts a Ldap DN string to a X500Name object.
-     * 
+     *
      * @param dn a Ldap DN String.
-     * 
+     *
      * @return an X500Name object for the Ldap DN String.
      */
     public abstract X500Name parseDN(String dn)
@@ -49,9 +49,9 @@ public abstract class LdapDNStrConverter {
 
     /**
      * Converts a Ldap DN string to a RDN object.
-     * 
+     *
      * @param rdn a Ldap DN String
-     * 
+     *
      * @return an RDN object.
      */
     public abstract RDN parseRDN(String rdn)
@@ -65,7 +65,7 @@ public abstract class LdapDNStrConverter {
 
     /**
      * Converts a Ldap DN string to a AVA object.
-     * 
+     *
      * @param ava a Ldap DN string.
      * @return an AVA object.
      */
@@ -84,7 +84,7 @@ public abstract class LdapDNStrConverter {
 
     /**
      * Converts a X500Name object to a Ldap dn string.
-     * 
+     *
      * @param dn an X500Name object.
      * @return a Ldap DN String.
      */
@@ -92,7 +92,7 @@ public abstract class LdapDNStrConverter {
 
     /**
      * Converts an RDN object to a Ldap dn string.
-     * 
+     *
      * @param rdn an RDN object.
      * @return a Ldap dn string.
      */
@@ -100,7 +100,7 @@ public abstract class LdapDNStrConverter {
 
     /**
      * Converts an AVA object to a Ldap dn string.
-     * 
+     *
      * @param ava An AVA object.
      * @return A Ldap dn string.
      */
@@ -114,9 +114,9 @@ public abstract class LdapDNStrConverter {
      * Gets a global default Ldap DN String converter.
      * Currently it is LdapV3DNStrConverter object using the default
      * X500NameAttrMap and accepts unknown OIDs.
-     * 
+     *
      * @see netscape.security.x509.LdapV3DNStrConverter
-     * 
+     *
      * @return The global default LdapDNStrConverter instance.
      */
     public static LdapDNStrConverter getDefault() {
@@ -125,7 +125,7 @@ public abstract class LdapDNStrConverter {
 
     /**
      * Set the global default LdapDNStrConverter object.
-     * 
+     *
      * @param defConverter A LdapDNStrConverter object to become
      *            the global default.
      */
diff --git a/base/util/src/netscape/security/x509/LdapV3DNStrConverter.java b/base/util/src/netscape/security/x509/LdapV3DNStrConverter.java
index 1245cc6bd..f01da74ec 100644
--- a/base/util/src/netscape/security/x509/LdapV3DNStrConverter.java
+++ b/base/util/src/netscape/security/x509/LdapV3DNStrConverter.java
@@ -39,13 +39,13 @@ import netscape.security.util.ObjectIdentifier;
  * A converter that converts Ldap v3 DN strings as specified in
  * draft-ietf-asid-ldapv3-dn-03.txt to a X500Name, RDN or AVA and
  * vice versa.
- * 
+ *
  * @see LdapDNStrConverter
  * @see X500Name
  * @see RDN
  * @see AVA
  * @see X500NameAttrMap
- * 
+ *
  * @author Lily Hsiao, Slava Galperin at Netscape Communications, Inc.
  */
 
@@ -57,7 +57,7 @@ public class LdapV3DNStrConverter extends LdapDNStrConverter {
     /**
      * Constructs a LdapV3DNStrConverter using the global default
      * X500NameAttrMap and accept OIDs not in the default X500NameAttrMap.
-     * 
+     *
      * @see X500NameAttrMap
      */
     public LdapV3DNStrConverter() {
@@ -70,7 +70,7 @@ public class LdapV3DNStrConverter extends LdapDNStrConverter {
      * Constructs a LdapV3DNStrConverter using the specified X500NameAttrMap
      * and a boolean indicating whether to accept OIDs not listed in the
      * X500NameAttrMap.
-     * 
+     *
      * @param attributeMap a X500NameAttrMap
      * @param doAcceptUnknownOids whether to convert unregistered OIDs
      *            (oids not in the X500NameAttrMap)
@@ -90,7 +90,7 @@ public class LdapV3DNStrConverter extends LdapDNStrConverter {
 
     /**
      * Parse a Ldap v3 DN string to a X500Name.
-     * 
+     *
      * @param dn a LDAP v3 DN String
      * @return a X500Name
      * @exception IOException if an error occurs during the conversion.
@@ -114,7 +114,7 @@ public class LdapV3DNStrConverter extends LdapDNStrConverter {
 
     /**
      * Parse a Ldap v3 DN string with a RDN component to a RDN
-     * 
+     *
      * @param rdn a LDAP v3 DN String
      * @return a RDN
      * @exception IOException if an error occurs during the conversion.
@@ -138,7 +138,7 @@ public class LdapV3DNStrConverter extends LdapDNStrConverter {
 
     /**
      * Parse a Ldap v3 DN string with a AVA component to a AVA.
-     * 
+     *
      * @param ava a LDAP v3 DN string
      * @return a AVA
      */
@@ -165,12 +165,12 @@ public class LdapV3DNStrConverter extends LdapDNStrConverter {
 
     /**
      * Parses a Ldap DN string in a string reader to a X500Name.
-     * 
+     *
      * @param in Pushback string reader for a Ldap DN string.
      *            The pushback reader must have a pushback buffer size > 2.
-     * 
+     *
      * @return a X500Name
-     * 
+     *
      * @exception IOException if any reading or parsing error occurs.
      */
     public X500Name parseDN(PushbackReader in)
@@ -206,13 +206,13 @@ public class LdapV3DNStrConverter extends LdapDNStrConverter {
      * Parses Ldap DN string with a rdn component
      * from a string reader to a RDN. The string reader will point
      * to the separator after the rdn component or -1 if at end of string.
-     * 
+     *
      * @param in Pushback string reader containing a Ldap DN string with
      *            at least one rdn component.
      *            The pushback reader must have a pushback buffer size > 2.
-     * 
+     *
      * @return RDN object of the first rdn component in the Ldap DN string.
-     * 
+     *
      * @exception IOException if any read or parse error occurs.
      */
     public RDN parseRDN(PushbackReader in)
@@ -250,11 +250,11 @@ public class LdapV3DNStrConverter extends LdapDNStrConverter {
      * Parses a Ldap DN string with a AVA component
      * from a string reader to an AVA. The string reader will point
      * to the AVA separator after the ava string or -1 if end of string.
-     * 
+     *
      * @param in a Pushback reader containg a Ldap string with
      *            at least one AVA component.
      *            The Pushback reader must have a pushback buffer size > 2.
-     * 
+     *
      * @return AVA object of the first AVA component in the Ldap DN string.
      */
     public AVA parseAVA(PushbackReader in)
@@ -415,9 +415,9 @@ public class LdapV3DNStrConverter extends LdapDNStrConverter {
      * from the attribute map or, if this keyword is an OID not
      * in the attribute map, create a new ObjectIdentifier for the keyword
      * if acceptUnknownOids is true.
-     * 
+     *
      * @param avaKeyword AVA keyword from a Ldap DN string.
-     * 
+     *
      * @return a ObjectIdentifier object
      * @exception IOException if the keyword is an OID not in the attribute
      *                map and acceptUnknownOids is false, or
@@ -462,12 +462,12 @@ public class LdapV3DNStrConverter extends LdapDNStrConverter {
      * to a DerValue of ASN.1 type PrintableString, T61String or
      * UniversalString. A Directory String is a ASN.1 CHOICE of Printable,
      * T.61 or Universal string.
-     * 
+     *
      * @param avaValueString a attribute value from a Ldap DN string.
      * @param oid OID of the attribute.
-     * 
+     *
      * @return DerValue for the value.
-     * 
+     *
      * @exception IOException if an error occurs during conversion.
      * @see AVAValueConverter
      */
@@ -501,10 +501,10 @@ public class LdapV3DNStrConverter extends LdapDNStrConverter {
      * is a legal value for the attribute.
      * 

      * NOTE: only DER encoded values are supported for the BER encoded value.
-     * 
+     *
      * @param berValue a value in BER encoding
      * @param oid ObjectIdentifier of the attribute.
-     * 
+     *
      * @return DerValue for the BER encoded value
      * @exception IOException if an error occurs during conversion.
      */
@@ -526,11 +526,11 @@ public class LdapV3DNStrConverter extends LdapDNStrConverter {
 
     /**
      * Converts a X500Name object to a Ldap v3 DN string (except in unicode).
-     * 
+     *
      * @param x500name a X500Name
-     * 
+     *
      * @return a Ldap v3 DN String (except in unicode).
-     * 
+     *
      * @exception IOException if an error is encountered during conversion.
      */
     public String encodeDN(X500Name x500name)
@@ -555,11 +555,11 @@ public class LdapV3DNStrConverter extends LdapDNStrConverter {
 
     /**
      * Converts a RDN to a Ldap v3 DN string (except in unicode).
-     * 
+     *
      * @param rdn a RDN
-     * 
+     *
      * @return a LDAP v3 DN string (except in unicode).
-     * 
+     *
      * @exception IOException if an error is encountered during conversion.
      */
     public String encodeRDN(RDN rdn)
@@ -582,11 +582,11 @@ public class LdapV3DNStrConverter extends LdapDNStrConverter {
 
     /**
      * Converts a AVA to a Ldap v3 DN String (except in unicode).
-     * 
+     *
      * @param ava an AVA
-     * 
+     *
      * @return a Ldap v3 DN string (except in unicode).
-     * 
+     *
      * @exception IOException If an error is encountered during exception.
      */
     public String encodeAVA(AVA ava)
@@ -609,11 +609,11 @@ public class LdapV3DNStrConverter extends LdapDNStrConverter {
     /**
      * Converts an OID to a attribute keyword in a Ldap v3 DN string
      * - either a keyword if known or a string of "1.2.3.4" syntax.
-     * 
+     *
      * @param oid a ObjectIdentifier
-     * 
+     *
      * @return a keyword to use in a Ldap V3 DN string.
-     * 
+     *
      * @exception IOException if an error is encountered during conversion.
      */
     public String encodeOID(ObjectIdentifier oid)
@@ -632,7 +632,7 @@ public class LdapV3DNStrConverter extends LdapDNStrConverter {
      * Converts a value as a DerValue to a string in a Ldap V3 DN String.
      * If the value cannot be converted to a string it will be encoded in
      * octothorpe form.
-     * 
+     *
      * @param attrValue a value as a DerValue.
      * @param oid OID for the attribute.
      * @return a string for the value in a LDAP v3 DN String
@@ -692,7 +692,7 @@ public class LdapV3DNStrConverter extends LdapDNStrConverter {
 
     /**
      * converts a raw value string to a string in Ldap V3 DN string format.
-     * 
+     *
      * @param valueStr a 'raw' value string.
      * @return a attribute value string in Ldap V3 DN string format.
      */
@@ -748,7 +748,7 @@ public class LdapV3DNStrConverter extends LdapDNStrConverter {
 
     /**
      * gets the X500NameAttrMap used by the converter.
-     * 
+     *
      * @return X500NameAttrMap used by this converter.
      */
     public X500NameAttrMap getAttrMap() {
@@ -758,7 +758,7 @@ public class LdapV3DNStrConverter extends LdapDNStrConverter {
     /**
      * returns true if the converter accepts unregistered attributes i.e.
      * OIDS not in the X500NameAttrMap.
-     * 
+     *
      * @return true if converter converts attributes not in the
      *         X500NameAttrMap.
      */
diff --git a/base/util/src/netscape/security/x509/NSCCommentExtension.java b/base/util/src/netscape/security/x509/NSCCommentExtension.java
index 0912d5b0c..8bf1d6882 100644
--- a/base/util/src/netscape/security/x509/NSCCommentExtension.java
+++ b/base/util/src/netscape/security/x509/NSCCommentExtension.java
@@ -31,7 +31,7 @@ import netscape.security.util.PrettyPrintFormat;
 
 /**
  * This class defines the NSCCommentExtension
- * 
+ *
  * @author asondhi
  * @see Extension
  * @see CertAttrSet
@@ -57,7 +57,7 @@ public class NSCCommentExtension extends Extension
             new ObjectIdentifier("2.16.840.1.113730.1.13");
     public String mComment = null;
 
-    // Private data members 
+    // Private data members
     private Vector mInfos;
 
     private PrettyPrintFormat pp = new PrettyPrintFormat(":");
@@ -74,7 +74,7 @@ public class NSCCommentExtension extends Extension
 
     /**
      * Create a NSCCommentExtension with the Vector of CertificatePolicyInfo.
-     * 
+     *
      * @param infos the Vector of CertificatePolicyInfo.
      */
     public NSCCommentExtension(boolean critical, String comment) throws IOException {
@@ -95,7 +95,7 @@ public class NSCCommentExtension extends Extension
 
     /**
      * Create the extension from the passed DER encoded value.
-     * 
+     *
      * @param critical true if the extension is to be treated as critical.
      * @param value Array of DER encoded bytes of the actual value.
      * @exception IOException on error.
@@ -139,7 +139,7 @@ public class NSCCommentExtension extends Extension
 
     /**
      * Write the extension to the OutputStream.
-     * 
+     *
      * @param out the OutputStream to write the extension to.
      * @exception IOException on encoding errors.
      */
@@ -156,7 +156,7 @@ public class NSCCommentExtension extends Extension
 
     /**
      * Decode the extension from the InputStream.
-     * 
+     *
      * @param in the InputStream to unmarshal the contents from.
      * @exception IOException on decoding or validity errors.
      */
diff --git a/base/util/src/netscape/security/x509/NameConstraintsExtension.java b/base/util/src/netscape/security/x509/NameConstraintsExtension.java
index 948d0d8c9..018dd5074 100644
--- a/base/util/src/netscape/security/x509/NameConstraintsExtension.java
+++ b/base/util/src/netscape/security/x509/NameConstraintsExtension.java
@@ -37,7 +37,7 @@ import netscape.security.util.PrettyPrintFormat;
  * information appearing in the permitted subtrees.
  * 

  * The ASN.1 syntax for this is:
- * 
+ *
  * 
  * NameConstraints ::= SEQUENCE {
  *    permittedSubtrees [0]  GeneralSubtrees OPTIONAL,
@@ -50,7 +50,7 @@ import netscape.security.util.PrettyPrintFormat;
  *    maximum           [1]  BaseDistance OPTIONAL }
  * BaseDistance ::== INTEGER (0..MAX)
  * 

- * 
+ *
  * @author Amit Kapoor
  * @author Hemma Prafullchandra
  * @version 1.10
@@ -113,7 +113,7 @@ public class NameConstraintsExtension extends Extension
      * The default constructor for this class. Either parameter
      * can be set to null to indicate it is omitted but both
      * cannot be null.
-     * 
+     *
      * @param permitted the permitted GeneralSubtrees (null for optional).
      * @param excluded the excluded GeneralSubtrees (null for optional).
      */
@@ -145,7 +145,7 @@ public class NameConstraintsExtension extends Extension
 
     /**
      * Create the extension from the passed DER encoded value.
-     * 
+     *
      * @param critical true if the extension is to be treated as critical.
      * @param value Array of DER encoded bytes of the actual value.
      * @exception IOException on error.
@@ -219,7 +219,7 @@ public class NameConstraintsExtension extends Extension
 
     /**
      * Decode the extension from the InputStream.
-     * 
+     *
      * @param in the InputStream to unmarshal the contents from.
      * @exception IOException on decoding or validity errors.
      */
@@ -229,7 +229,7 @@ public class NameConstraintsExtension extends Extension
 
     /**
      * Write the extension to the OutputStream.
-     * 
+     *
      * @param out the OutputStream to write the extension to.
      * @exception IOException on encoding errors.
      */
diff --git a/base/util/src/netscape/security/x509/NoticeReference.java b/base/util/src/netscape/security/x509/NoticeReference.java
index 150b34f40..d4703b200 100644
--- a/base/util/src/netscape/security/x509/NoticeReference.java
+++ b/base/util/src/netscape/security/x509/NoticeReference.java
@@ -26,12 +26,12 @@ import netscape.security.util.DerValue;
 
 /**
  * Represent the NoticeReference.
- * 
+ *
  * NoticeReference ::= SEQUENCE {
  * organization DisplayText,
  * noticeNumbers SEQUENCE OF INTEGER
  * }
- * 
+ *
  * @author Thomas Kwan
  */
 public class NoticeReference {
@@ -77,7 +77,7 @@ public class NoticeReference {
 
     /**
      * Write the NoticeReference to the DerOutputStream.
-     * 
+     *
      * @param out the DerOutputStream to write the object to.
      * @exception IOException on errors.
      */
diff --git a/base/util/src/netscape/security/x509/OIDMap.java b/base/util/src/netscape/security/x509/OIDMap.java
index 9c732d938..41c1fa289 100644
--- a/base/util/src/netscape/security/x509/OIDMap.java
+++ b/base/util/src/netscape/security/x509/OIDMap.java
@@ -31,7 +31,7 @@ import netscape.security.util.ObjectIdentifier;
  * This class defines the mapping from OID & name to classes and vice
  * versa. Used by CertificateExtensions & PKCS10 to get the java
  * classes associated with a particular OID/name.
- * 
+ *
  * @author Amit Kapoor
  * @author Hemma Prafullchandra
  * @version 1.12
@@ -212,7 +212,7 @@ public class OIDMap {
 
     /**
      * Add a name to lookup table.
-     * 
+     *
      * @param className the name of the fully qualified class implementing
      *            the asn object.
      * @param oid the string representation of the object identifier for
@@ -239,7 +239,7 @@ public class OIDMap {
 
     /**
      * Return user friendly name associated with the OID.
-     * 
+     *
      * @param oid the name of the object identifier to be returned.
      * @return the user friendly name or null if no name
      *         is registered for this oid.
@@ -250,7 +250,7 @@ public class OIDMap {
 
     /**
      * Return Object identifier for user friendly name.
-     * 
+     *
      * @param name the user friendly name.
      * @return the Object Identifier or null if no oid
      *         is registered for this name.
@@ -261,7 +261,7 @@ public class OIDMap {
 
     /**
      * Return the java class object associated with the user friendly name.
-     * 
+     *
      * @param name the user friendly name.
      * @exception CertificateException if class cannot be instantiated.
      */
@@ -280,7 +280,7 @@ public class OIDMap {
 
     /**
      * Return the java class object associated with the object identifier..
-     * 
+     *
      * @param oid the name of the object identifier to be returned.
      * @exception CertificateException if class cannot be instatiated.
      */
diff --git a/base/util/src/netscape/security/x509/OIDName.java b/base/util/src/netscape/security/x509/OIDName.java
index e5c1b7ac3..38ebff87d 100644
--- a/base/util/src/netscape/security/x509/OIDName.java
+++ b/base/util/src/netscape/security/x509/OIDName.java
@@ -26,7 +26,7 @@ import netscape.security.util.ObjectIdentifier;
 /**
  * This class implements the OIDName as required by the GeneralNames
  * ASN.1 object.
- * 
+ *
  * @author Amit Kapoor
  * @author Hemma Prafullchandra
  * @version 1.3
@@ -43,7 +43,7 @@ public class OIDName implements GeneralNameInterface {
 
     /**
      * Create the OIDName object from the passed encoded Der value.
-     * 
+     *
      * @param derValue the encoded DER OIDName.
      * @exception IOException on error.
      */
@@ -53,7 +53,7 @@ public class OIDName implements GeneralNameInterface {
 
     /**
      * Create the OIDName object with the specified name.
-     * 
+     *
      * @param name the OIDName.
      */
     public OIDName(ObjectIdentifier oid) {
@@ -73,7 +73,7 @@ public class OIDName implements GeneralNameInterface {
 
     /**
      * Encode the OID name into the DerOutputStream.
-     * 
+     *
      * @param out the DER stream to encode the OIDName to.
      * @exception IOException on encoding errors.
      */
diff --git a/base/util/src/netscape/security/x509/OtherName.java b/base/util/src/netscape/security/x509/OtherName.java
index 38d3a0af3..b2533ecbb 100644
--- a/base/util/src/netscape/security/x509/OtherName.java
+++ b/base/util/src/netscape/security/x509/OtherName.java
@@ -27,18 +27,18 @@ import netscape.security.util.ObjectIdentifier;
 /**
  * This class implements the OtherName as required by the GeneralNames
  * ASN.1 object.
- * 
+ *
  * OtherName ::= SEQUENCE {
  * type-id OBJECT IDENTIFIER,
  * value [0] EXPLICIT ANY DEFINED BY type-id
  * }
- * 
+ *
  * @see GeneralName
  * @see GeneralNameInterface
  * @see GeneralNames
- * 
+ *
  * @version 1.2
- * 
+ *
  * @author Amit Kapoor
  * @author Hemma Prafullchandra
  */
@@ -52,7 +52,7 @@ public class OtherName implements GeneralNameInterface {
 
     /**
      * Create the IPAddressName object from the passed encoded Der value.
-     * 
+     *
      * @param derValue the encoded DER IPAddressName.
      * @exception IOException on error.
      */
@@ -103,7 +103,7 @@ public class OtherName implements GeneralNameInterface {
 
     /**
      * Create the IPAddressName object with the specified name.
-     * 
+     *
      * @param name the IPAddressName.
      */
     public OtherName(byte[] data) {
@@ -126,7 +126,7 @@ public class OtherName implements GeneralNameInterface {
 
     /**
      * Encode the IPAddress name into the DerOutputStream.
-     * 
+     *
      * @param out the DER stream to encode the IPAddressName to.
      * @exception IOException on encoding errors.
      */
@@ -157,9 +157,9 @@ public class OtherName implements GeneralNameInterface {
 
         // Decode all the Attributes
         mOID = derVal.data.getOID();
-        // skip tag 
+        // skip tag
         DerValue tag = derVal.data.getDerValue();
-        // read data 
+        // read data
         DerValue data = tag.data.getDerValue();
         mData = data.toByteArray();
     }
diff --git a/base/util/src/netscape/security/x509/PKIXExtensions.java b/base/util/src/netscape/security/x509/PKIXExtensions.java
index 9946a5c57..2e35544bf 100644
--- a/base/util/src/netscape/security/x509/PKIXExtensions.java
+++ b/base/util/src/netscape/security/x509/PKIXExtensions.java
@@ -21,20 +21,20 @@ import netscape.security.util.ObjectIdentifier;
 
 /**
  * Lists all the object identifiers of the X509 extensions of the PKIX profile.
- * 
+ *
  * 

  * Extensions are addiitonal attributes which can be inserted in a X509 v3 certificate. For example a
  * "Driving License Certificate" could have the driving license number as a extension.
- * 
+ *
  * 

  * Extensions are represented as a sequence of the extension identifier (Object Identifier), a boolean flag stating
  * whether the extension is to be treated as being critical and the extension value itself (this is again a DER encoding
  * of the extension value).
- * 
+ *
  * @see Extension
- * 
+ *
  * @version 1.4
- * 
+ *
  * @author Amit Kapoor
  * @author Hemma Prafullchandra
  */
diff --git a/base/util/src/netscape/security/x509/PolicyConstraint.java b/base/util/src/netscape/security/x509/PolicyConstraint.java
index 22f9cebed..6ceecc665 100644
--- a/base/util/src/netscape/security/x509/PolicyConstraint.java
+++ b/base/util/src/netscape/security/x509/PolicyConstraint.java
@@ -26,7 +26,7 @@ import netscape.security.util.DerValue;
 
 /**
  * This class defines the PolicyConstraint ASN.1 object.
- * 
+ *
  * @author Amit Kapoor
  * @author Hemma Prafullchandra
  * @version 1.4
@@ -42,7 +42,7 @@ public class PolicyConstraint {
 
     /**
      * The default constructor for this object
-     * 
+     *
      * @param set the CertificatePolicySet (null for optional).
      * @param require require explicit policy (-1 for optional).
      * @param inhibit inhibit policy mapping (-1 for optional).
@@ -55,7 +55,7 @@ public class PolicyConstraint {
 
     /**
      * Create the PolicyConstraint from the DerValue.
-     * 
+     *
      * @param val the DerValue of the PolicyConstraint.
      * @exception IOException on decoding errors.
      */
@@ -107,7 +107,7 @@ public class PolicyConstraint {
 
     /**
      * Encode the object to the output stream.
-     * 
+     *
      * @param out the DerOutputStream to encode the object to.
      */
     public void encode(DerOutputStream out) throws IOException {
diff --git a/base/util/src/netscape/security/x509/PolicyConstraintsExtension.java b/base/util/src/netscape/security/x509/PolicyConstraintsExtension.java
index 7d98b21ba..abf46e428 100644
--- a/base/util/src/netscape/security/x509/PolicyConstraintsExtension.java
+++ b/base/util/src/netscape/security/x509/PolicyConstraintsExtension.java
@@ -38,7 +38,7 @@ import netscape.security.util.DerValue;
  * a path contain an acceptable policy identifier.
  * 

  * The ASN.1 syntax for this is (IMPLICIT tagging is defined in the module definition):
- * 
+ *
  * 
  * PolicyConstraints ::= SEQUENCE {
  *     requireExplicitPolicy [0] SkipCerts OPTIONAL,
@@ -46,7 +46,7 @@ import netscape.security.util.DerValue;
  * }
  * SkipCerts ::= INTEGER (0..MAX)
  * 

- * 
+ *
  * @author Amit Kapoor
  * @author Hemma Prafullchandra
  * @version 1.9
@@ -101,7 +101,7 @@ public class PolicyConstraintsExtension extends Extension
     /**
      * Create a PolicyConstraintsExtension object with criticality and
      * both require explicit policy and inhibit policy mapping.
-     * 
+     *
      * @param critical whether this extension should be critical
      * @param require require explicit policy (-1 for optional).
      * @param inhibit inhibit policy mapping (-1 for optional).
@@ -114,7 +114,7 @@ public class PolicyConstraintsExtension extends Extension
     /**
      * Create a PolicyConstraintsExtension object with both
      * require explicit policy and inhibit policy mapping.
-     * 
+     *
      * @param require require explicit policy (-1 for optional).
      * @param inhibit inhibit policy mapping (-1 for optional).
      */
@@ -134,7 +134,7 @@ public class PolicyConstraintsExtension extends Extension
 
     /**
      * Create the extension from its DER encoded value and criticality.
-     * 
+     *
      * @param critical true if the extension is to be treated as critical.
      * @param value Array of DER encoded bytes of the actual value.
      * @exception IOException on error.
@@ -200,7 +200,7 @@ public class PolicyConstraintsExtension extends Extension
 
     /**
      * Decode the extension from the InputStream.
-     * 
+     *
      * @param in the InputStream to unmarshal the contents from.
      * @exception IOException on decoding or validity errors.
      */
@@ -210,7 +210,7 @@ public class PolicyConstraintsExtension extends Extension
 
     /**
      * Write the extension to the DerOutputStream.
-     * 
+     *
      * @param out the DerOutputStream to write the extension to.
      * @exception IOException on encoding errors.
      */
diff --git a/base/util/src/netscape/security/x509/PolicyMappingsExtension.java b/base/util/src/netscape/security/x509/PolicyMappingsExtension.java
index 9bdfb611b..bb782ea52 100644
--- a/base/util/src/netscape/security/x509/PolicyMappingsExtension.java
+++ b/base/util/src/netscape/security/x509/PolicyMappingsExtension.java
@@ -29,18 +29,18 @@ import netscape.security.util.DerValue;
 
 /**
  * Represent the Policy Mappings Extension.
- * 
+ *
  * This extension, if present, identifies the certificate policies considered
  * identical between the issuing and the subject CA.
  * 

  * Extensions are addiitonal attributes which can be inserted in a X509 v3 certificate. For example a
  * "Driving License Certificate" could have the driving license number as a extension.
- * 
+ *
  * 

  * Extensions are represented as a sequence of the extension identifier (Object Identifier), a boolean flag stating
  * whether the extension is to be treated as being critical and the extension value itself (this is again a DER encoding
  * of the extension value).
- * 
+ *
  * @author Amit Kapoor
  * @author Hemma Prafullchandra
  * @version 1.7
@@ -81,7 +81,7 @@ public class PolicyMappingsExtension extends Extension
 
     /**
      * Create a PolicyMappings with the Vector of CertificatePolicyMap.
-     * 
+     *
      * @param maps the Vector of CertificatePolicyMap.
      */
     public PolicyMappingsExtension(Vector map) throws IOException {
@@ -90,7 +90,7 @@ public class PolicyMappingsExtension extends Extension
 
     /**
      * Create a PolicyMappings with the Vector of CertificatePolicyMap.
-     * 
+     *
      * @param maps the Vector of CertificatePolicyMap.
      */
     public PolicyMappingsExtension(boolean critical, Vector map)
@@ -119,7 +119,7 @@ public class PolicyMappingsExtension extends Extension
 
     /**
      * Create the extension from the passed DER encoded value.
-     * 
+     *
      * @param critical true if the extension is to be treated as critical.
      * @param value Array of DER encoded bytes of the actual value.
      * @exception IOException on error.
@@ -162,7 +162,7 @@ public class PolicyMappingsExtension extends Extension
 
     /**
      * Write the extension to the OutputStream.
-     * 
+     *
      * @param out the OutputStream to write the extension to.
      * @exception IOException on encoding errors.
      */
@@ -179,7 +179,7 @@ public class PolicyMappingsExtension extends Extension
 
     /**
      * Decode the extension from the InputStream.
-     * 
+     *
      * @param in the InputStream to unmarshal the contents from.
      * @exception IOException on decoding or validity errors.
      */
diff --git a/base/util/src/netscape/security/x509/PolicyQualifierInfo.java b/base/util/src/netscape/security/x509/PolicyQualifierInfo.java
index 56d3e32c0..a676e8f62 100644
--- a/base/util/src/netscape/security/x509/PolicyQualifierInfo.java
+++ b/base/util/src/netscape/security/x509/PolicyQualifierInfo.java
@@ -25,12 +25,12 @@ import netscape.security.util.ObjectIdentifier;
 
 /**
  * Represent the PolicyQualifierInfo.
- * 
+ *
  * policyQualifierInfo ::= SEQUENCE {
  * policyQualifierId PolicyQualifierId
  * qualifier ANY DEFINED BY policyQualifierId
  * }
- * 
+ *
  * @author Thomas Kwan
  */
 public class PolicyQualifierInfo implements java.io.Serializable {
@@ -52,7 +52,7 @@ public class PolicyQualifierInfo implements java.io.Serializable {
 
     /**
      * Create a PolicyQualifierInfo
-     * 
+     *
      * @param id the ObjectIdentifier for the policy id.
      */
     public PolicyQualifierInfo(ObjectIdentifier id, Qualifier qualifier) {
@@ -62,7 +62,7 @@ public class PolicyQualifierInfo implements java.io.Serializable {
 
     /**
      * Create the object from its Der encoded value.
-     * 
+     *
      * @param val the DER encoded value for the same.
      */
     public PolicyQualifierInfo(DerValue val) throws IOException {
@@ -105,7 +105,7 @@ public class PolicyQualifierInfo implements java.io.Serializable {
 
     /**
      * Write the PolicyQualifier to the DerOutputStream.
-     * 
+     *
      * @param out the DerOutputStream to write the object to.
      * @exception IOException on errors.
      */
diff --git a/base/util/src/netscape/security/x509/PolicyQualifiers.java b/base/util/src/netscape/security/x509/PolicyQualifiers.java
index ee756f50a..632dc89de 100644
--- a/base/util/src/netscape/security/x509/PolicyQualifiers.java
+++ b/base/util/src/netscape/security/x509/PolicyQualifiers.java
@@ -25,9 +25,9 @@ import netscape.security.util.DerValue;
 
 /**
  * Represent the PolicyQualifiers.
- * 
+ *
  * policyQualifiers ::= SEQUENCE SIZE (1..MAX) OF PolicyQualifierInfo
- * 
+ *
  * @author Thomas Kwan
  */
 public class PolicyQualifiers implements java.io.Serializable {
@@ -40,7 +40,7 @@ public class PolicyQualifiers implements java.io.Serializable {
 
     /**
      * Create a PolicyQualifiers with the ObjectIdentifier.
-     * 
+     *
      * @param id the ObjectIdentifier for the policy id.
      */
     public PolicyQualifiers() {
@@ -48,7 +48,7 @@ public class PolicyQualifiers implements java.io.Serializable {
 
     /**
      * Create the object from its Der encoded value.
-     * 
+     *
      * @param val the DER encoded value for the same.
      */
     public PolicyQualifiers(DerValue val) throws IOException {
@@ -90,7 +90,7 @@ public class PolicyQualifiers implements java.io.Serializable {
 
     /**
      * Write the PolicyQualifiers to the DerOutputStream.
-     * 
+     *
      * @param out the DerOutputStream to write the object to.
      * @exception IOException on errors.
      */
diff --git a/base/util/src/netscape/security/x509/PrintableConverter.java b/base/util/src/netscape/security/x509/PrintableConverter.java
index d63696d8f..27e6ad4d2 100644
--- a/base/util/src/netscape/security/x509/PrintableConverter.java
+++ b/base/util/src/netscape/security/x509/PrintableConverter.java
@@ -29,10 +29,10 @@ import netscape.security.util.DerValue;
 /**
  * A AVAValueConverter that converts a Printable String attribute to a DerValue
  * and vice versa. An example an attribute that is a printable string is "C".
- * 
+ *
  * @see ASN1CharStrConvMap
  * @see AVAValueConverter
- * 
+ *
  * @author Lily Hsiao, Slava Galperin at Netscape Communications, Inc.
  */
 
@@ -44,11 +44,11 @@ public class PrintableConverter implements AVAValueConverter {
 
     /**
      * Converts a string with ASN.1 Printable characters to a DerValue.
-     * 
+     *
      * @param valueString a string with Printable characters.
-     * 
+     *
      * @return a DerValue.
-     * 
+     *
      * @exception IOException if a Printable encoder is not
      *                available for the conversion.
      */
@@ -78,11 +78,11 @@ public class PrintableConverter implements AVAValueConverter {
      * Converts a BER encoded value of PrintableString to a DER encoded value.
      * Checks if the BER encoded value is a PrintableString.
      * NOTE only DER encoded values are currently accepted on input.
-     * 
+     *
      * @param berStream A byte array of the BER encoded value.
-     * 
+     *
      * @return A DerValue.
-     * 
+     *
      * @exception IOException if the BER value cannot be converted to a
      *                PrintableString DER value.
      */
@@ -97,11 +97,11 @@ public class PrintableConverter implements AVAValueConverter {
     /**
      * Converts a DerValue of PrintableString to a java string with
      * PrintableString characters.
-     * 
+     *
      * @param avaValue a DerValue.
-     * 
+     *
      * @return a string with PrintableString characters.
-     * 
+     *
      * @exception IOException if the DerValue is not a PrintableString i.e.
      *                The DerValue cannot be converted to a string
      *                with PrintableString characters.
diff --git a/base/util/src/netscape/security/x509/PrivateKeyUsageExtension.java b/base/util/src/netscape/security/x509/PrivateKeyUsageExtension.java
index e3ecdb33d..5544fdb75 100644
--- a/base/util/src/netscape/security/x509/PrivateKeyUsageExtension.java
+++ b/base/util/src/netscape/security/x509/PrivateKeyUsageExtension.java
@@ -35,19 +35,19 @@ import netscape.security.util.DerValue;
 
 /**
  * This class defines the Private Key Usage Extension.
- * 
+ *
  * 

  * The Private Key Usage Period extension allows the certificate issuer to specify a different validity period for the
  * private key than the certificate. This extension is intended for use with digital signature keys. This extension
  * consists of two optional components notBefore and notAfter. The private key associated with the certificate should
  * not be used to sign objects before or after the times specified by the two components, respectively.
- * 
+ *
  * 
  * PrivateKeyUsagePeriod ::= SEQUENCE {
  *     notBefore  [0]  GeneralizedTime OPTIONAL,
  *     notAfter   [1]  GeneralizedTime OPTIONAL }
  * 

- * 
+ *
  * @author Amit Kapoor
  * @author Hemma Prafullchandra
  * @version 1.12
@@ -102,7 +102,7 @@ public class PrivateKeyUsageExtension extends Extension
 
     /**
      * The default constructor for PrivateKeyUsageExtension.
-     * 
+     *
      * @param notBefore the date/time before which the private key
      *            should not be used.
      * @param notAfter the date/time after which the private key
@@ -120,10 +120,10 @@ public class PrivateKeyUsageExtension extends Extension
 
     /**
      * Create the extension from the passed DER encoded value.
-     * 
+     *
      * @param critical true if the extension is to be treated as critical.
      * @param value Array of DER encoded bytes of the actual value.
-     * 
+     *
      * @exception CertificateException on certificate parsing errors.
      * @exception IOException on error.
      */
@@ -143,9 +143,9 @@ public class PrivateKeyUsageExtension extends Extension
         DerInputStream str = new DerInputStream(extValue);
         DerValue[] seq = str.getSequence(2);
 
-        // NB. this is always encoded with the IMPLICIT tag 
-        // The checks only make sense if we assume implicit tagging, 
-        // with explicit tagging the form is always constructed. 
+        // NB. this is always encoded with the IMPLICIT tag
+        // The checks only make sense if we assume implicit tagging,
+        // with explicit tagging the form is always constructed.
         for (int i = 0; i < seq.length; i++) {
             DerValue opt = seq[i];
 
@@ -201,7 +201,7 @@ public class PrivateKeyUsageExtension extends Extension
 
     /**
      * Verify that that the current time is within the validity period.
-     * 
+     *
      * @exception CertificateExpiredException if the certificate has expired.
      * @exception CertificateNotYetValidException if the certificate is not
      *                yet valid.
@@ -214,12 +214,12 @@ public class PrivateKeyUsageExtension extends Extension
 
     /**
      * Verify that that the passed time is within the validity period.
-     * 
+     *
      * @exception CertificateExpiredException if the certificate has expired
      *                with respect to the Date supplied.
      * @exception CertificateNotYetValidException if the certificate is not
      *                yet valid with respect to the Date supplied.
-     * 
+     *
      */
     public void valid(Date now)
             throws CertificateNotYetValidException, CertificateExpiredException {
@@ -240,7 +240,7 @@ public class PrivateKeyUsageExtension extends Extension
 
     /**
      * Write the extension to the OutputStream.
-     * 
+     *
      * @param out the OutputStream to write the extension to.
      * @exception IOException on encoding errors.
      */
@@ -257,7 +257,7 @@ public class PrivateKeyUsageExtension extends Extension
 
     /**
      * Decode the extension from the InputStream.
-     * 
+     *
      * @param in the InputStream to unmarshal the contents from.
      * @exception CertificateException on decoding errors.
      */
@@ -267,7 +267,7 @@ public class PrivateKeyUsageExtension extends Extension
 
     /**
      * Set the attribute value.
-     * 
+     *
      * @exception CertificateException on attribute handling errors.
      */
     public void set(String name, Object obj)
@@ -288,7 +288,7 @@ public class PrivateKeyUsageExtension extends Extension
 
     /**
      * Get the attribute value.
-     * 
+     *
      * @exception CertificateException on attribute handling errors.
      */
     public Object get(String name) throws CertificateException {
@@ -304,7 +304,7 @@ public class PrivateKeyUsageExtension extends Extension
 
     /**
      * Delete the attribute value.
-     * 
+     *
      * @exception CertificateException on attribute handling errors.
      */
     public void delete(String name) throws CertificateException {
diff --git a/base/util/src/netscape/security/x509/Qualifier.java b/base/util/src/netscape/security/x509/Qualifier.java
index 7c0c7edfe..86e0e3708 100644
--- a/base/util/src/netscape/security/x509/Qualifier.java
+++ b/base/util/src/netscape/security/x509/Qualifier.java
@@ -24,12 +24,12 @@ import netscape.security.util.DerValue;
 
 /**
  * Represent the Qualifier.
- * 
+ *
  * Qualifier ::= CHOICE {
  * cPRuri CPSuri,
  * userNotice UserNotice
  * }
- * 
+ *
  * @author Thomas Kwan
  */
 public class Qualifier implements java.io.Serializable {
@@ -41,7 +41,7 @@ public class Qualifier implements java.io.Serializable {
 
     /**
      * Create a PolicyQualifierInfo
-     * 
+     *
      * @param id the ObjectIdentifier for the policy id.
      */
     public Qualifier() {
@@ -53,7 +53,7 @@ public class Qualifier implements java.io.Serializable {
 
     /**
      * Write the PolicyQualifier to the DerOutputStream.
-     * 
+     *
      * @param out the DerOutputStream to write the object to.
      * @exception IOException on errors.
      */
diff --git a/base/util/src/netscape/security/x509/RDN.java b/base/util/src/netscape/security/x509/RDN.java
index c5e8765a0..6a4e7e1a9 100644
--- a/base/util/src/netscape/security/x509/RDN.java
+++ b/base/util/src/netscape/security/x509/RDN.java
@@ -30,26 +30,26 @@ import netscape.security.util.ObjectIdentifier;
  * RDNs are a set of {attribute = value} assertions. Some of those
  * attributes are "distinguished" (unique w/in context). Order is
  * never relevant.
- * 
+ *
  * Some X.500 names include only a single distinguished attribute
  * per RDN. This style is currently common.
- * 
+ *
  * Note that DER-encoded RDNs sort AVAs by assertion OID ... so that
  * when we parse this data we don't have to worry about canonicalizing
  * it, but we'll need to sort them when we expose the RDN class more.
- * 
+ *
  * @see X500Name
  * @see AVA
  * @see LdapDNStrConverter
  */
 
 public class RDN {
-    // public constructors 
+    // public constructors
 
     /**
      * Constructs a RDN from a Ldap DN String with one RDN component
      * using the global default LdapDNStrConverter.
-     * 
+     *
      * @see LdapDNStrConverter
      * @param rdnString a Ldap DN string with one RDN component, e.g. as
      *            defined in RFC1779.
@@ -76,7 +76,7 @@ public class RDN {
      * using the specified Ldap DN Str converter.
      * For example, RFC1779StrConverter can be passed to parse a Ldap
      * DN string in RFC1779 format.
-     * 
+     *
      * @see LdapDNStrConverter
      * @param rdnString Ldap DN string.
      * @param ldapDNStrConverter a LdapDNStrConverter.
@@ -89,7 +89,7 @@ public class RDN {
 
     /**
      * Constructs a RDN from a DerValue.
-     * 
+     *
      * @param set Der value of a set of AVAs.
      */
     public RDN(DerValue set) throws IOException {
@@ -129,7 +129,7 @@ public class RDN {
 
     /**
      * Constructs a RDN from a Der Input Stream.
-     * 
+     *
      * @param in a Der Input Stream.
      */
     public RDN(DerInputStream in) throws IOException {
@@ -143,7 +143,7 @@ public class RDN {
 
     /**
      * Constructs a RDN from an array of AVA.
-     * 
+     *
      * @param avas a AVA Array.
      */
     public RDN(AVA avas[]) {
@@ -163,7 +163,7 @@ public class RDN {
 
     /**
      * returns an array of AVA in the RDN.
-     * 
+     *
      * @return array of AVA in this RDN.
      */
     public AVA[] getAssertion() {
@@ -172,7 +172,7 @@ public class RDN {
 
     /**
      * returns the number of AVAs in the RDN.
-     * 
+     *
      * @return number of AVAs in this RDN.
      */
     public int getAssertionLength() {
@@ -204,7 +204,7 @@ public class RDN {
     /**
      * Checks if this RDN is the same as another by comparing the AVAs
      * in the RDNs.
-     * 
+     *
      * @param other the other RDN.
      * @return true iff the other RDN is the same.
      */
@@ -234,7 +234,7 @@ public class RDN {
 
     /**
      * Encodes this RDN to a Der output stream.
-     * 
+     *
      * @param out the Der Output Stream.
      */
     public void encode(DerOutputStream out) throws IOException {
@@ -248,7 +248,7 @@ public class RDN {
 
     /**
      * returns an enumeration of AVAs that make up this RDN.
-     * 
+     *
      * @return an enumeration of AVAs that make up this RDN.
      */
     public Enumeration getAVAs() {
@@ -258,7 +258,7 @@ public class RDN {
     /**
      * Returns a Ldap DN string with one RDN component using the
      * global default LdapDNStrConverter.
-     * 
+     *
      * @see LdapDNStrConverter
      * @return the Ldap DN String of this RDN.
      * @exception IOException if an error occurs during the conversion.
@@ -271,7 +271,7 @@ public class RDN {
     /**
      * Returns a Ldap DN String with this RDN component using the specified
      * LdapDNStrConverter.
-     * 
+     *
      * @see LdapDNStrConverter
      * @param ldapDNStrConverter a LdapDNStrConverter.
      * @return a Ldap DN String.
@@ -285,7 +285,7 @@ public class RDN {
     /**
      * Returns a Ldap DN string with this RDN component using the global
      * default LdapDNStrConverter.
-     * 
+     *
      * @see LdapDNStrConverter
      * @return the Ldap DN String with this RDN component, null if an error
      *         occurs in the conversion.
diff --git a/base/util/src/netscape/security/x509/RFC1779StrConverter.java b/base/util/src/netscape/security/x509/RFC1779StrConverter.java
index 6527d0fff..e7411801c 100644
--- a/base/util/src/netscape/security/x509/RFC1779StrConverter.java
+++ b/base/util/src/netscape/security/x509/RFC1779StrConverter.java
@@ -24,17 +24,17 @@ import netscape.security.util.ObjectIdentifier;
 
 /**
  * Converts a RFC 1779 string to a X500Name, RDN or AVA object and vice versa.
- * 
+ *
  * @see LdapDNStrConverter
  * @see LdapV3DNStrConverter
- * 
+ *
  * @author Lily Hsiao, Slava Galperin at Netscape Communications, Inc.
  */
 
 public class RFC1779StrConverter extends LdapV3DNStrConverter {
     //
     // Constructors.
-    // 
+    //
 
     /**
      * Constructs a RFC1779StrConverter using the global default
@@ -47,7 +47,7 @@ public class RFC1779StrConverter extends LdapV3DNStrConverter {
     /**
      * Constructs a RFC1779StrConverter using the specified X500NameAttrMap
      * and boolean for whether to accept OIDs not in the X500NameAttrMap.
-     * 
+     *
      * @param attributeMap A X500NameAttrMap to use for this converter.
      * @param doAcceptUnknownOids Accept unregistered attributes, i.e. OIDs
      *            not in the map).
@@ -64,11 +64,11 @@ public class RFC1779StrConverter extends LdapV3DNStrConverter {
     /**
      * Converts a OID to a attribute keyword in a Ldap DN string or
      * to a "OID.1.2.3.4" string syntax as defined in RFC1779.
-     * 
+     *
      * @param oid an ObjectIdentifier.
-     * 
+     *
      * @return a attribute keyword or "OID.1.2.3.4" string.
-     * 
+     *
      * @exception IOException if an error occurs during the conversion.
      */
     public String encodeOID(ObjectIdentifier oid)
@@ -85,7 +85,7 @@ public class RFC1779StrConverter extends LdapV3DNStrConverter {
     /**
      * Converts a attribute value as a DerValue to a string in a
      * RFC1779 Ldap DN string.
-     * 
+     *
      * @param attrValue an attribute value.
      * @param oid ObjectIdentifier for the attribute.
      * @return a string in RFC1779 syntax.
diff --git a/base/util/src/netscape/security/x509/RFC822Name.java b/base/util/src/netscape/security/x509/RFC822Name.java
index 257b5c51d..8509b3766 100644
--- a/base/util/src/netscape/security/x509/RFC822Name.java
+++ b/base/util/src/netscape/security/x509/RFC822Name.java
@@ -25,7 +25,7 @@ import netscape.security.util.DerValue;
 /**
  * This class implements the RFC822Name as required by the GeneralNames
  * ASN.1 object.
- * 
+ *
  * @author Amit Kapoor
  * @author Hemma Prafullchandra
  * @version 1.3
@@ -42,7 +42,7 @@ public class RFC822Name implements GeneralNameInterface {
 
     /**
      * Create the RFC822Name object from the passed encoded Der value.
-     * 
+     *
      * @param derValue the encoded DER RFC822Name.
      * @exception IOException on error.
      */
@@ -52,7 +52,7 @@ public class RFC822Name implements GeneralNameInterface {
 
     /**
      * Create the RFC822Name object with the specified name.
-     * 
+     *
      * @param name the RFC822Name.
      */
     public RFC822Name(String name) {
@@ -68,7 +68,7 @@ public class RFC822Name implements GeneralNameInterface {
 
     /**
      * Encode the RFC822 name into the DerOutputStream.
-     * 
+     *
      * @param out the DER stream to encode the RFC822Name to.
      * @exception IOException on encoding errors.
      */
diff --git a/base/util/src/netscape/security/x509/ReasonFlags.java b/base/util/src/netscape/security/x509/ReasonFlags.java
index e43c7022c..b5153e108 100755
--- a/base/util/src/netscape/security/x509/ReasonFlags.java
+++ b/base/util/src/netscape/security/x509/ReasonFlags.java
@@ -28,10 +28,10 @@ import netscape.security.util.DerValue;
 
 /**
  * Represent the CRL Reason Flags.
- * 
+ *
  * 

  * This extension, if present, defines the identifies the reason for the certificate revocation.
- * 
+ *
  * @author Hemma Prafullchandra
  * @version 1.3
  * @see Extension
@@ -57,7 +57,7 @@ public class ReasonFlags {
 
     /**
      * Check if bit is set.
-     * 
+     *
      * @param position the position in the bit string to check.
      */
     private boolean isSet(int position) {
@@ -79,7 +79,7 @@ public class ReasonFlags {
 
     /**
      * Create a ReasonFlags with the passed bit settings.
-     * 
+     *
      * @param reasons the bits to be set for the ReasonFlags.
      */
     public ReasonFlags(byte[] reasons) {
@@ -88,7 +88,7 @@ public class ReasonFlags {
 
     /**
      * Create a ReasonFlags with the passed bit settings.
-     * 
+     *
      * @param reasons the bits to be set for the ReasonFlags.
      */
     public ReasonFlags(boolean[] reasons) {
@@ -97,7 +97,7 @@ public class ReasonFlags {
 
     /**
      * Create a ReasonFlags with the passed bit settings.
-     * 
+     *
      * @param reasons the bits to be set for the ReasonFlags.
      */
     public ReasonFlags(BitArray reasons) {
@@ -106,7 +106,7 @@ public class ReasonFlags {
 
     /**
      * Create the object from the passed DER encoded value.
-     * 
+     *
      * @param in the DerInputStream to read the ReasonFlags from.
      * @exception IOException on decoding errors.
      */
@@ -117,7 +117,7 @@ public class ReasonFlags {
 
     /**
      * Create the object from the passed DER encoded value.
-     * 
+     *
      * @param derVal the DerValue decoded from the stream.
      * @exception IOException on decoding errors.
      */
@@ -254,7 +254,7 @@ public class ReasonFlags {
 
     /**
      * Write the extension to the DerOutputStream.
-     * 
+     *
      * @param out the DerOutputStream to write the extension to.
      * @exception IOException on encoding errors.
      */
diff --git a/base/util/src/netscape/security/x509/RevocationReason.java b/base/util/src/netscape/security/x509/RevocationReason.java
index 419eb1772..cbd7fe73d 100644
--- a/base/util/src/netscape/security/x509/RevocationReason.java
+++ b/base/util/src/netscape/security/x509/RevocationReason.java
@@ -19,8 +19,8 @@ package netscape.security.x509;
 
 /**
  * Represent the enumerated type used in CRLReason Extension of CRL entry.
- * 
- * 
+ *
+ *
  * @author galperin
  * @version $Revision$, $Date$
  */
@@ -45,7 +45,7 @@ public final class RevocationReason {
 
     /**
      * Create a RevocationReason with the passed integer value.
-     * 
+     *
      * @param reason integer value of the enumeration alternative.
      */
     private RevocationReason(int reason) {
diff --git a/base/util/src/netscape/security/x509/RevokedCertImpl.java b/base/util/src/netscape/security/x509/RevokedCertImpl.java
index 345694fb1..45aa78920 100755
--- a/base/util/src/netscape/security/x509/RevokedCertImpl.java
+++ b/base/util/src/netscape/security/x509/RevokedCertImpl.java
@@ -39,7 +39,7 @@ import netscape.security.util.ObjectIdentifier;
  * 

  * Abstract class for a revoked certificate in a CRL. This class is for each entry in the
  * revokedCertificates, so it deals with the inner SEQUENCE. The ASN.1 definition for this is:
- * 
+ *
  * 
  * revokedCertificates    SEQUENCE OF SEQUENCE  {
  *     userCertificate    CertificateSerialNumber,
@@ -47,11 +47,11 @@ import netscape.security.util.ObjectIdentifier;
  *     crlEntryExtensions Extensions OPTIONAL
  *                        -- if present, must be v2
  * }  OPTIONAL
- * 
+ *
  * CertificateSerialNumber  ::=  INTEGER
- * 
+ *
  * Extensions  ::=  SEQUENCE SIZE (1..MAX) OF Extension
- * 
+ *
  * Extension  ::=  SEQUENCE  {
  *     extnId        OBJECT IDENTIFIER,
  *     critical      BOOLEAN DEFAULT FALSE,
@@ -61,7 +61,7 @@ import netscape.security.util.ObjectIdentifier;
  *                   -- the extnId object identifier value
  * }
  * 

- * 
+ *
  * @author Hemma Prafullchandra
  * @version 1.6 97/12/10
  */
@@ -88,7 +88,7 @@ public class RevokedCertImpl extends RevokedCertificate implements Serializable
     /**
      * Constructs a revoked certificate entry using the serial number and
      * revocation date.
-     * 
+     *
      * @param num
      *            the serial number of the revoked certificate.
      * @param date
@@ -102,7 +102,7 @@ public class RevokedCertImpl extends RevokedCertificate implements Serializable
     /**
      * Constructs a revoked certificate entry using the serial number,
      * revocation date and the entry extensions.
-     * 
+     *
      * @param num
      *            the serial number of the revoked certificate.
      * @param date
@@ -137,7 +137,7 @@ public class RevokedCertImpl extends RevokedCertificate implements Serializable
 
     /**
      * Sets extensions for this impl.
-     * 
+     *
      * @param crlEntryExts
      *            CRLExtensions
      */
@@ -147,7 +147,7 @@ public class RevokedCertImpl extends RevokedCertificate implements Serializable
 
     /**
      * Unmarshals a revoked certificate from its encoded form.
-     * 
+     *
      * @param revokedCert
      *            the encoded bytes.
      * @exception CRLException
@@ -167,7 +167,7 @@ public class RevokedCertImpl extends RevokedCertificate implements Serializable
 
     /**
      * Unmarshals a revoked certificate from its encoded form.
-     * 
+     *
      * @param derValue
      *            the DER value containing the revoked certificate.
      * @exception CRLException
@@ -183,7 +183,7 @@ public class RevokedCertImpl extends RevokedCertificate implements Serializable
     /**
      * Returns true if this revoked certificate entry has extensions, otherwise
      * false.
-     * 
+     *
      * @return true if this CRL entry has extensions, otherwise false.
      */
     public boolean hasExtensions() {
@@ -195,7 +195,7 @@ public class RevokedCertImpl extends RevokedCertificate implements Serializable
 
     /**
      * Decode a revoked certificate from an input stream.
-     * 
+     *
      * @param inStrm
      *            an input stream holding at least one revoked certificate
      * @exception CRLException
@@ -215,7 +215,7 @@ public class RevokedCertImpl extends RevokedCertificate implements Serializable
 
     /**
      * Encodes the revoked certificate to an output stream.
-     * 
+     *
      * @param outStrm
      *            an output stream to which the encoded revoked certificate is
      *            written.
@@ -251,7 +251,7 @@ public class RevokedCertImpl extends RevokedCertificate implements Serializable
 
     /**
      * Gets the serial number for this RevokedCertificate, the userCertificate.
-     * 
+     *
      * @return the serial number.
      */
     public BigInteger getSerialNumber() {
@@ -260,7 +260,7 @@ public class RevokedCertImpl extends RevokedCertificate implements Serializable
 
     /**
      * Gets the revocation date for this RevokedCertificate, the revocationDate.
-     * 
+     *
      * @return the revocation date.
      */
     public Date getRevocationDate() {
@@ -269,7 +269,7 @@ public class RevokedCertImpl extends RevokedCertificate implements Serializable
 
     /**
      * Returns extensions for this impl.
-     * 
+     *
      * @return the CRLExtensions
      */
     public CRLExtensions getExtensions() {
@@ -278,7 +278,7 @@ public class RevokedCertImpl extends RevokedCertificate implements Serializable
 
     /**
      * Returns a printable string of this revoked certificate.
-     * 
+     *
      * @return value of this revoked certificate in a printable form.
      */
     public String toString() {
@@ -299,7 +299,7 @@ public class RevokedCertImpl extends RevokedCertificate implements Serializable
     /**
      * Gets a Set of the extension(s) marked CRITICAL in the
      * RevokedCertificate by OID strings.
-     * 
+     *
      * @return a set of the extension oid strings in the
      *         Object that are marked critical.
      */
@@ -319,7 +319,7 @@ public class RevokedCertImpl extends RevokedCertificate implements Serializable
     /**
      * Gets a Set of the extension(s) marked NON-CRITICAL in the
      * RevokedCertificate by OID strings.
-     * 
+     *
      * @return a set of the extension oid strings in the
      *         Object that are marked critical.
      */
@@ -344,7 +344,7 @@ public class RevokedCertImpl extends RevokedCertificate implements Serializable
      * by ".", that means,

      * <positive whole number>.<positive whole number>.<positive
      * whole number>.<...>
-     * 
+     *
      * @param oid the Object Identifier value for the extension.
      * @return the DER encoded octet string of the extension value.
      */
diff --git a/base/util/src/netscape/security/x509/RevokedCertificate.java b/base/util/src/netscape/security/x509/RevokedCertificate.java
index 2087d064a..a4f6e9cab 100644
--- a/base/util/src/netscape/security/x509/RevokedCertificate.java
+++ b/base/util/src/netscape/security/x509/RevokedCertificate.java
@@ -25,9 +25,9 @@ import java.util.Date;
 /**
  * 

  * Abstract class for a revoked certificate in a CRL (Certificate Revocation List).
- * 
+ *
  * The ASN.1 definition for revokedCertificates is:
- * 
+ *
  * 
  *  revokedCertificates    SEQUENCE OF SEQUENCE  {
  *      userCertificate    CertificateSerialNumber,
@@ -49,9 +49,9 @@ import java.util.Date;
  *                    -- the extnId object identifier value
  *  }
  * 

- * 
+ *
  * @see X509CRL
- * 
+ *
  * @author Hemma Prafullchandra
  * @version 1.4 97/12/10
  */
@@ -62,7 +62,7 @@ public abstract class RevokedCertificate extends X509CRLEntry {
     /**
      * Gets the serial number for this RevokedCertificate,
      * the userCertificate.
-     * 
+     *
      * @return the serial number.
      */
     public abstract BigInteger getSerialNumber();
@@ -70,7 +70,7 @@ public abstract class RevokedCertificate extends X509CRLEntry {
     /**
      * Gets the revocation date for this RevokedCertificate,
      * the revocationDate.
-     * 
+     *
      * @return the revocation date.
      */
     public abstract Date getRevocationDate();
@@ -78,14 +78,14 @@ public abstract class RevokedCertificate extends X509CRLEntry {
     /**
      * Returns true if this revoked certificate entry has
      * extensions.
-     * 
+     *
      * @return true if this entry has extensions, false otherwise.
      */
     public abstract boolean hasExtensions();
 
     /**
      * Returns a string representation of this revoked certificate.
-     * 
+     *
      * @return a string representation of this revoked certificate.
      */
     public abstract String toString();
diff --git a/base/util/src/netscape/security/x509/SerialNumber.java b/base/util/src/netscape/security/x509/SerialNumber.java
index a2d7109c0..eee2f8169 100644
--- a/base/util/src/netscape/security/x509/SerialNumber.java
+++ b/base/util/src/netscape/security/x509/SerialNumber.java
@@ -28,7 +28,7 @@ import netscape.security.util.DerValue;
 
 /**
  * This class defines the SerialNumber class used by certificates.
- * 
+ *
  * @author Amit Kapoor
  * @author Hemma Prafullchandra
  * @version 1.5
@@ -46,7 +46,7 @@ public class SerialNumber {
 
     /**
      * The default constructor for this class using BigInteger.
-     * 
+     *
      * @param num the BigInteger number used to create the serial number.
      */
     public SerialNumber(BigInteger num) {
@@ -59,7 +59,7 @@ public class SerialNumber {
 
     /**
      * The default constructor for this class using int.
-     * 
+     *
      * @param num the BigInteger number used to create the serial number.
      */
     public SerialNumber(int num) {
@@ -68,7 +68,7 @@ public class SerialNumber {
 
     /**
      * Create the object, decoding the values from the passed DER stream.
-     * 
+     *
      * @param in the DerInputStream to read the SerialNumber from.
      * @exception IOException on decoding errors.
      */
@@ -79,7 +79,7 @@ public class SerialNumber {
 
     /**
      * Create the object, decoding the values from the passed DerValue.
-     * 
+     *
      * @param val the DerValue to read the SerialNumber from.
      * @exception IOException on decoding errors.
      */
@@ -89,7 +89,7 @@ public class SerialNumber {
 
     /**
      * Create the object, decoding the values from the passed stream.
-     * 
+     *
      * @param in the InputStream to read the SerialNumber from.
      * @exception IOException on decoding errors.
      */
@@ -107,7 +107,7 @@ public class SerialNumber {
 
     /**
      * Encode the SerialNumber in DER form to the stream.
-     * 
+     *
      * @param out the DerOutputStream to marshal the contents to.
      * @exception IOException on errors.
      */
diff --git a/base/util/src/netscape/security/x509/SubjectAlternativeNameExtension.java b/base/util/src/netscape/security/x509/SubjectAlternativeNameExtension.java
index c30ae1576..cdeff8f65 100644
--- a/base/util/src/netscape/security/x509/SubjectAlternativeNameExtension.java
+++ b/base/util/src/netscape/security/x509/SubjectAlternativeNameExtension.java
@@ -29,22 +29,22 @@ import netscape.security.util.DerValue;
 
 /**
  * This represents the Subject Alternative Name Extension.
- * 
+ *
  * This extension, if present, allows the subject to specify multiple
  * alternative names.
- * 
+ *
  * 

  * Extensions are represented as a sequence of the extension identifier (Object Identifier), a boolean flag stating
  * whether the extension is to be treated as being critical and the extension value itself (this is again a DER encoding
  * of the extension value).
  * 

  * The ASN.1 syntax for this is:
- * 
+ *
  * 
  * SubjectAltName ::= GeneralNames
  * GeneralNames ::= SEQUENCE SIZE (1..MAX) OF GeneralName
  * 

- * 
+ *
  * @author Amit Kapoor
  * @author Hemma Prafullchandra
  * @version 1.9
@@ -85,7 +85,7 @@ public class SubjectAlternativeNameExtension extends Extension
 
     /**
      * Create a SubjectAlternativeNameExtension with the passed GeneralNames.
-     * 
+     *
      * @param names the GeneralNames for the subject.
      * @exception IOException on error.
      */
@@ -116,7 +116,7 @@ public class SubjectAlternativeNameExtension extends Extension
 
     /**
      * Create the extension from the passed DER encoded value.
-     * 
+     *
      * @param critical true if the extension is to be treated as critical.
      * @param value Array of DER encoded bytes of the actual value.
      * @exception IOException on error.
@@ -156,7 +156,7 @@ public class SubjectAlternativeNameExtension extends Extension
 
     /**
      * Decode the extension from the InputStream.
-     * 
+     *
      * @param in the InputStream to unmarshal the contents from.
      * @exception IOException on decoding or validity errors.
      */
@@ -166,7 +166,7 @@ public class SubjectAlternativeNameExtension extends Extension
 
     /**
      * Write the extension to the OutputStream.
-     * 
+     *
      * @param out the OutputStream to write the extension to.
      * @exception IOException on encoding errors.
      */
diff --git a/base/util/src/netscape/security/x509/SubjectDirAttributesExtension.java b/base/util/src/netscape/security/x509/SubjectDirAttributesExtension.java
index b249ef600..3414b81c6 100644
--- a/base/util/src/netscape/security/x509/SubjectDirAttributesExtension.java
+++ b/base/util/src/netscape/security/x509/SubjectDirAttributesExtension.java
@@ -29,30 +29,30 @@ import netscape.security.util.DerValue;
 
 /**
  * This class represents the Subject Directory Attributes Extension.
- * 
+ *
  * 

  * The subject directory attributes extension is not recommended as an essential part of this profile, but it may be
  * used in local environments. This extension MUST be non-critical.
- * 
+ *
  * 
  * The ASN.1 syntax for this extension is:
- * 
+ *
  *    SubjectDirectoryAttributes ::= SEQUENCE (1..MAX) OF Attribute
- * 
+ *
  *    Attribute	::= SEQUENCE {
  * type		AttributeType,
  * 	value		SET OF AttributeValue
  *              	-- at least one value is required --}
- * 
+ *
  *    AttributeType	::= OBJECT IDENTIFIER
- * 
+ *
  *    AttributeValue	::= ANY
- * 
+ *
  * 

- * 
+ *
  * @author Christine Ho
  * @version 1.7
- * 
+ *
  * @see CertAttrSet
  * @see Extension
  */
@@ -118,7 +118,7 @@ public class SubjectDirAttributesExtension extends Extension
 
     /**
      * Default constructor for this object.
-     * 
+     *
      * @param derVal Der encoded value of this extension
      */
     public SubjectDirAttributesExtension(DerValue derVal) throws IOException {
@@ -130,7 +130,7 @@ public class SubjectDirAttributesExtension extends Extension
 
     /**
      * Default constructor for this object.
-     * 
+     *
      * @param list Attribute object list
      */
     public SubjectDirAttributesExtension(Attribute[] list) throws IOException {
@@ -151,7 +151,7 @@ public class SubjectDirAttributesExtension extends Extension
 
     /**
      * Constructor from parsing extension
-     * 
+     *
      * @param list Attribute object list
      */
     public SubjectDirAttributesExtension(Boolean crit, Object value)
@@ -172,7 +172,7 @@ public class SubjectDirAttributesExtension extends Extension
 
     /**
      * Constructor for this object.
-     * 
+     *
      * @param list Attribute object list
      * @param critical The criticality
      */
@@ -210,7 +210,7 @@ public class SubjectDirAttributesExtension extends Extension
 
     /**
      * Decode the extension from the InputStream.
-     * 
+     *
      * @param in the InputStream to unmarshal the contents from.
      * @exception IOException on decoding or validity errors.
      */
@@ -221,7 +221,7 @@ public class SubjectDirAttributesExtension extends Extension
 
     /**
      * Encode this extension value to the output stream.
-     * 
+     *
      * @param out the DerOutputStream to encode the extension to.
      */
     public void encode(OutputStream out) throws IOException {
diff --git a/base/util/src/netscape/security/x509/SubjectKeyIdentifierExtension.java b/base/util/src/netscape/security/x509/SubjectKeyIdentifierExtension.java
index ea0ebae82..68ff9555f 100644
--- a/base/util/src/netscape/security/x509/SubjectKeyIdentifierExtension.java
+++ b/base/util/src/netscape/security/x509/SubjectKeyIdentifierExtension.java
@@ -29,20 +29,20 @@ import netscape.security.util.DerValue;
 
 /**
  * Represent the Subject Key Identifier Extension.
- * 
+ *
  * This extension, if present, provides a means of identifying the particular
  * public key used in an application. This extension by default is marked
  * non-critical.
- * 
+ *
  * 

  * Extensions are addiitonal attributes which can be inserted in a X509 v3 certificate. For example a
  * "Driving License Certificate" could have the driving license number as a extension.
- * 
+ *
  * 

  * Extensions are represented as a sequence of the extension identifier (Object Identifier), a boolean flag stating
  * whether the extension is to be treated as being critical and the extension value itself (this is again a DER encoding
  * of the extension value).
- * 
+ *
  * @author Amit Kapoor
  * @author Hemma Prafullchandra
  * @version 1.7
@@ -80,7 +80,7 @@ public class SubjectKeyIdentifierExtension extends Extension
     /**
      * Create a SubjectKeyIdentifierExtension with the passed octet string.
      * The criticality is set to False.
-     * 
+     *
      * @param octetString the octet string identifying the key identifier.
      */
     public SubjectKeyIdentifierExtension(boolean critical, byte[] octetString)
@@ -103,7 +103,7 @@ public class SubjectKeyIdentifierExtension extends Extension
 
     /**
      * Create the extension from the passed DER encoded value.
-     * 
+     *
      * @param critical true if the extension is to be treated as critical.
      * @param value Array of DER encoded bytes of the actual value.
      * @exception IOException on error.
@@ -136,7 +136,7 @@ public class SubjectKeyIdentifierExtension extends Extension
 
     /**
      * Write the extension to the OutputStream.
-     * 
+     *
      * @param out the OutputStream to write the extension to.
      * @exception IOException on encoding errors.
      */
@@ -153,7 +153,7 @@ public class SubjectKeyIdentifierExtension extends Extension
 
     /**
      * Decode the extension from the InputStream.
-     * 
+     *
      * @param in the InputStream to unmarshal the contents from.
      * @exception IOException on decoding or validity errors.
      */
diff --git a/base/util/src/netscape/security/x509/URIName.java b/base/util/src/netscape/security/x509/URIName.java
index cc321a3b3..539ad249c 100644
--- a/base/util/src/netscape/security/x509/URIName.java
+++ b/base/util/src/netscape/security/x509/URIName.java
@@ -25,7 +25,7 @@ import netscape.security.util.DerValue;
 /**
  * This class implements the URIName as required by the GeneralNames
  * ASN.1 object.
- * 
+ *
  * @author Amit Kapoor
  * @author Hemma Prafullchandra
  * @version 1.3
@@ -42,7 +42,7 @@ public class URIName implements GeneralNameInterface {
 
     /**
      * Create the URIName object from the passed encoded Der value.
-     * 
+     *
      * @param derValue the encoded DER URIName.
      * @exception IOException on error.
      */
@@ -52,7 +52,7 @@ public class URIName implements GeneralNameInterface {
 
     /**
      * Create the URIName object with the specified name.
-     * 
+     *
      * @param name the URIName.
      */
     public URIName(String name) {
@@ -68,7 +68,7 @@ public class URIName implements GeneralNameInterface {
 
     /**
      * Encode the URI name into the DerOutputStream.
-     * 
+     *
      * @param out the DER stream to encode the URIName to.
      * @exception IOException on encoding errors.
      */
diff --git a/base/util/src/netscape/security/x509/UniqueIdentity.java b/base/util/src/netscape/security/x509/UniqueIdentity.java
index 5113efeaf..c5a0e1d00 100644
--- a/base/util/src/netscape/security/x509/UniqueIdentity.java
+++ b/base/util/src/netscape/security/x509/UniqueIdentity.java
@@ -26,7 +26,7 @@ import netscape.security.util.DerValue;
 
 /**
  * This class defines the UniqueIdentity class used by certificates.
- * 
+ *
  * @author Amit Kapoor
  * @author Hemma Prafullchandra
  * @version 1.6
@@ -37,7 +37,7 @@ public class UniqueIdentity {
 
     /**
      * The default constructor for this class.
-     * 
+     *
      * @param id the byte array containing the unique identifier.
      */
     public UniqueIdentity(BitArray id) {
@@ -46,7 +46,7 @@ public class UniqueIdentity {
 
     /**
      * The default constructor for this class.
-     * 
+     *
      * @param id the byte array containing the unique identifier.
      */
     public UniqueIdentity(byte[] id) {
@@ -55,7 +55,7 @@ public class UniqueIdentity {
 
     /**
      * Create the object, decoding the values from the passed DER stream.
-     * 
+     *
      * @param in the DerInputStream to read the UniqueIdentity from.
      * @exception IOException on decoding errors.
      */
@@ -66,7 +66,7 @@ public class UniqueIdentity {
 
     /**
      * Create the object, decoding the values from the passed DER stream.
-     * 
+     *
      * @param derVal the DerValue decoded from the stream.
      * @param tag the tag the value is encoded under.
      * @exception IOException on decoding errors.
@@ -84,7 +84,7 @@ public class UniqueIdentity {
 
     /**
      * Encode the UniqueIdentity in DER form to the stream.
-     * 
+     *
      * @param out the DerOutputStream to marshal the contents to.
      * @param tag enocode it under the following tag.
      * @exception IOException on errors.
diff --git a/base/util/src/netscape/security/x509/UserNotice.java b/base/util/src/netscape/security/x509/UserNotice.java
index dc2e1d535..9be215b94 100644
--- a/base/util/src/netscape/security/x509/UserNotice.java
+++ b/base/util/src/netscape/security/x509/UserNotice.java
@@ -24,12 +24,12 @@ import netscape.security.util.DerValue;
 
 /**
  * Represent the UserNotice Qualifier.
- * 
+ *
  * UserNotice ::= SEQUENCE {
  * noticeRef NoticeReference OPTIONAL,
  * explicitText DisplayText OPTIONAL
  * }
- * 
+ *
  * @author Thomas Kwan
  */
 public class UserNotice extends Qualifier {
@@ -76,7 +76,7 @@ public class UserNotice extends Qualifier {
 
     /**
      * Write the UserNotice to the DerOutputStream.
-     * 
+     *
      * @param out the DerOutputStream to write the object to.
      * @exception IOException on errors.
      */
diff --git a/base/util/src/netscape/security/x509/X500Name.java b/base/util/src/netscape/security/x509/X500Name.java
index d44003baa..abffbe7b1 100644
--- a/base/util/src/netscape/security/x509/X500Name.java
+++ b/base/util/src/netscape/security/x509/X500Name.java
@@ -32,14 +32,14 @@ import netscape.security.util.ObjectIdentifier;
  * identified by X.509 certificates. They are world-wide, hierarchical,
  * and descriptive. Entities can be identified by attributes, and in
  * some systems can be searched for according to those attributes.
- * 
+ *
  * 

  * This class exposes only partial X.500 name functionality.  Most
  * notably, it works best if Relative Distinguished Names only have one
  * (unique) attribute each, and if only the most common attributes need
  * to be visible to applications.  This limitation, and others, will
  * be lifted over time.
- * 
+ *
  * @author David Brownell
  * @author Amit Kapoor
  * @author Hemma Prafullchandra
@@ -63,7 +63,7 @@ public class X500Name implements Principal, GeneralNameInterface {
      * as &lb;CN=Dave, OU=JavaSoft, O=Sun Microsystems, C=US&rb;. The
      * older "/C=US/O=Sun Microsystems, Inc/OU=JavaSoft/CN=Dave" syntax
      * is not currently supported. (The former is RFC 1779 style.)
-     * 
+     *
      * @param ldapDNString a Ldap DN String e.g. as defined in RFC1779
      */
     public X500Name(String ldapDNString)
@@ -81,9 +81,9 @@ public class X500Name implements Principal, GeneralNameInterface {
     /**
      * Constructs a X500Name from a Ldap DN String using the specified
      * LdapDNStrConverter. Also use the input tags.
-     * 
+     *
      * @see LdapDNStrConverter
-     * 
+     *
      * @param ldapDNString a Ldap DN String e.g. as defined in RFC1779.
      * @param ldapDNStrConverter A LdapDNStrConverter
      */
@@ -114,9 +114,9 @@ public class X500Name implements Principal, GeneralNameInterface {
     /**
      * Constructs a X500Name from a Ldap DN String using the specified
      * LdapDNStrConverter.
-     * 
+     *
      * @see LdapDNStrConverter
-     * 
+     *
      * @param ldapDNString a Ldap DN String e.g. as defined in RFC1779.
      * @param ldapDNStrConverter A LdapDNStrConverter
      */
@@ -135,7 +135,7 @@ public class X500Name implements Principal, GeneralNameInterface {
     /**
      * Constructs a X500Name from fields common in enterprise application
      * environments.
-     * 
+     *
      * @param commonName common name of a person, e.g. "Vivette Davis"
      * @param organizationUnit small organization name, e.g. "Purchasing"
      * @param organizationName large organization name, e.g. "Onizuka, Inc."
@@ -176,7 +176,7 @@ public class X500Name implements Principal, GeneralNameInterface {
     /**
      * Constructs a X500Name from fields common in Internet application
      * environments.
-     * 
+     *
      * @param commonName common name of a person, e.g. "Vivette Davis"
      * @param organizationUnit small organization name, e.g. "Purchasing"
      * @param organizationName large organization name, e.g. "Onizuka, Inc."
@@ -229,7 +229,7 @@ public class X500Name implements Principal, GeneralNameInterface {
     /**
      * Constructs a name from an ASN.1 encoded value. The encoding
      * of the name in the stream uses DER (a BER/1 subset).
-     * 
+     *
      * @param value a DER-encoded value holding an X.500 name.
      */
     public X500Name(DerValue value) throws IOException {
@@ -240,7 +240,7 @@ public class X500Name implements Principal, GeneralNameInterface {
     /**
      * Constructs a name from an ASN.1 encoded input stream. The encoding
      * of the name in the stream uses DER (a BER/1 subset).
-     * 
+     *
      * @param in DER-encoded data holding an X.500 name.
      */
     public X500Name(DerInputStream in)
@@ -250,7 +250,7 @@ public class X500Name implements Principal, GeneralNameInterface {
 
     /**
      * Constructs a name from an ASN.1 encoded byte array.
-     * 
+     *
      * @param name DER-encoded byte array holding an X.500 name.
      */
     public X500Name(byte[] name)
@@ -263,7 +263,7 @@ public class X500Name implements Principal, GeneralNameInterface {
     /**
      * Constructs a X500Name from array of RDN. The RDNs are expected to
      * be in big endian order i.e. most significant first.
-     * 
+     *
      * @param rdns an array of RDN.
      */
     public X500Name(RDN[] rdns)
@@ -273,7 +273,7 @@ public class X500Name implements Principal, GeneralNameInterface {
 
     /**
      * convenience method.
-     * 
+     *
      * @param rdns a vector of rdns.
      */
     public X500Name(Vector rdnVector)
@@ -287,7 +287,7 @@ public class X500Name implements Principal, GeneralNameInterface {
 
     /**
      * Compares this name with another, for equality.
-     * 
+     *
      * @return true iff the names are identical.
      */
     synchronized public boolean equals(X500Name other) {
@@ -339,7 +339,7 @@ public class X500Name implements Principal, GeneralNameInterface {
     /**
      * Returns a "Country" name component. If more than one
      * such attribute exists, the topmost one is returned.
-     * 
+     *
      * @return "C=" component of the name, if any.
      */
     public String getCountry() throws IOException {
@@ -351,7 +351,7 @@ public class X500Name implements Principal, GeneralNameInterface {
     /**
      * Returns an "Organization" name component. If more than
      * one such attribute exists, the topmost one is returned.
-     * 
+     *
      * @return "O=" component of the name, if any.
      */
     public String getOrganization() throws IOException {
@@ -363,7 +363,7 @@ public class X500Name implements Principal, GeneralNameInterface {
     /**
      * Returns an "Organizational Unit" name component. If more
      * than one such attribute exists, the topmost one is returned.
-     * 
+     *
      * @return "OU=" component of the name, if any.
      */
     public String getOrganizationalUnit() throws IOException {
@@ -375,7 +375,7 @@ public class X500Name implements Principal, GeneralNameInterface {
     /**
      * Returns a "Common Name" component. If more than one such
      * attribute exists, the topmost one is returned.
-     * 
+     *
      * @return "CN=" component of the name, if any.
      */
     public String getCommonName() throws IOException {
@@ -387,7 +387,7 @@ public class X500Name implements Principal, GeneralNameInterface {
     /**
      * Returns a "UID" component. If more than one such
      * attribute exists, the topmost one is returned.
-     * 
+     *
      * @return "UID=" component of the name, if any.
      */
     public String getUserID() throws IOException {
@@ -399,7 +399,7 @@ public class X500Name implements Principal, GeneralNameInterface {
     /**
      * Returns a "Locality" name component. If more than one
      * such component exists, the topmost one is returned.
-     * 
+     *
      * @return "L=" component of the name, if any.
      */
     public String getLocality() throws IOException {
@@ -411,7 +411,7 @@ public class X500Name implements Principal, GeneralNameInterface {
     /**
      * Returns a "State" name component. If more than one
      * such component exists, the topmost one is returned.
-     * 
+     *
      * @return "S=" component of the name, if any.
      */
     public String getState() throws IOException {
@@ -423,7 +423,7 @@ public class X500Name implements Principal, GeneralNameInterface {
     /**
      * Returns a "Email" name component. If more than one
      * such component exists, the topmost one is returned.
-     * 
+     *
      * @return "E=" component of the name, if any.
      */
     public String getEmail() throws IOException {
@@ -436,7 +436,7 @@ public class X500Name implements Principal, GeneralNameInterface {
     /**
      * Returns a Ldap DN String from the X500Name using the global default
      * LdapDNStrConverter
-     * 
+     *
      * @see LdapDNStrConverter
      * @return Ldap DN string of this X500Name using the default converter.
      */
@@ -452,7 +452,7 @@ public class X500Name implements Principal, GeneralNameInterface {
      * using the specified LdapDNStrconverter.
      * For example, RFC1779String converter can be passed to convert the
      * DN to RFC1779 string syntax.
-     * 
+     *
      * @see LdapDNStrConverter
      * @param ldapDNStrConverter a LdapDNStrConverter
      * @return Ldap DN string of the X500Name
@@ -512,7 +512,7 @@ public class X500Name implements Principal, GeneralNameInterface {
 
     /**
      * Returns an enumerator of RDNs in the X500Name.
-     * 
+     *
      * @return enumeration of rdns in this X500Name.
      */
     public Enumeration getRDNs() {
@@ -521,7 +521,7 @@ public class X500Name implements Principal, GeneralNameInterface {
 
     /**
      * Returns an array of RDN in the X500Name.
-     * 
+     *
      * @return array of RDN in this X500name.
      */
     public RDN[] getNames() {
@@ -530,7 +530,7 @@ public class X500Name implements Principal, GeneralNameInterface {
 
     /**
      * Returns the number of RDNs in the X500Name.
-     * 
+     *
      * @return number of RDNs in this X500Name.
      */
     public int getNamesLength() {
@@ -560,7 +560,7 @@ public class X500Name implements Principal, GeneralNameInterface {
 
     /**
      * Encodes the name in DER-encoded form.
-     * 
+     *
      * @param out where to put the DER-encoded X.500 name
      */
     public void encode(DerOutputStream out) throws IOException {
@@ -583,7 +583,7 @@ public class X500Name implements Principal, GeneralNameInterface {
 
     /**
      * Gets the name in DER-encoded form.
-     * 
+     *
      * @return the DER encoded byte array of this name,
      *         null if no names are present.
      */
diff --git a/base/util/src/netscape/security/x509/X500NameAttrMap.java b/base/util/src/netscape/security/x509/X500NameAttrMap.java
index 1c87c79b8..8821c5e71 100644
--- a/base/util/src/netscape/security/x509/X500NameAttrMap.java
+++ b/base/util/src/netscape/security/x509/X500NameAttrMap.java
@@ -29,9 +29,9 @@ import netscape.security.util.ObjectIdentifier;
  * 2.5.4.3 and the Directory String Converter. The Directory String
  * Converter converts from a string to a DerValue with tag Printable, T.61 or
  * UniversalString.
- * 
+ *
  * @author Lily Hsiao, Slava Galperin at Netscape Communications, Inc.
- * 
+ *
  */
 
 public class X500NameAttrMap {
@@ -51,9 +51,9 @@ public class X500NameAttrMap {
 
     /**
      * Get the attribute name (keyword) of the specified OID.
-     * 
+     *
      * @param oid An ObjectIdentifier
-     * 
+     *
      * @return An attribute name (keyword string) for the OID.
      */
     public String getName(ObjectIdentifier oid) {
@@ -63,9 +63,9 @@ public class X500NameAttrMap {
 
     /**
      * Get the ObjectIdentifier of the attribute name.
-     * 
+     *
      * @param name An attribute name (string of ascii characters)
-     * 
+     *
      * @return An ObjectIdentifier for the attribute.
      */
     public ObjectIdentifier getOid(String name) {
@@ -75,9 +75,9 @@ public class X500NameAttrMap {
 
     /**
      * Get the Attribute Value Converter for the specified attribute name.
-     * 
+     *
      * @param name An attribute name
-     * 
+     *
      * @return An attribute value converter for the attribute name
      */
     public AVAValueConverter getValueConverter(String name) {
@@ -90,9 +90,9 @@ public class X500NameAttrMap {
 
     /**
      * Get the Attribute Value Converter for the specified ObjectIdentifier.
-     * 
+     *
      * @param oid An ObjectIdentifier
-     * 
+     *
      * @return An AVAValueConverter for the OID.
      */
     public AVAValueConverter getValueConverter(ObjectIdentifier oid) {
@@ -101,7 +101,7 @@ public class X500NameAttrMap {
 
     /**
      * Get an Enumeration of all attribute names in this map.
-     * 
+     *
      * @return An Enumeration of all attribute names.
      */
     public Enumeration getAllNames() {
@@ -110,7 +110,7 @@ public class X500NameAttrMap {
 
     /**
      * Get an Enumeration of all ObjectIdentifiers in this map.
-     * 
+     *
      * @return An Enumeration of all OIDs in this map.
      */
     public Enumeration getAllOIDs() {
@@ -119,7 +119,7 @@ public class X500NameAttrMap {
 
     /**
      * Get the ObjectIdentifier object in the map for the specified OID.
-     * 
+     *
      * @param oid An ObjectIdentifier.
      * @return The ObjectIdentifier object in this map for the OID.
      */
@@ -131,13 +131,13 @@ public class X500NameAttrMap {
     }
 
     //
-    // public add methods. 
+    // public add methods.
     //
 
     /**
      * Adds a attribute name, ObjectIdentifier, AVAValueConverter entry
      * to the map.
-     * 
+     *
      * @param name An attribute name (string of ascii chars)
      * @param oid The ObjectIdentifier for the attribute.
      * @param valueConverter An AVAValueConverter object for converting
@@ -168,11 +168,11 @@ public class X500NameAttrMap {
 
     //
     // public static methods.
-    // 
+    //
 
     /**
      * Get the global default X500NameAttrMap.
-     * 
+     *
      * @return The global default X500NameAttrMap.
      */
     public static X500NameAttrMap getDefault() {
@@ -181,7 +181,7 @@ public class X500NameAttrMap {
 
     /**
      * Get the global default X500NamAttrMap using the DirStrConverter.
-     * 
+     *
      * @return The global default X500NameAttrMap using the DirStrConverter.
      */
 
@@ -192,7 +192,7 @@ public class X500NameAttrMap {
 
     /**
      * Set the global default X500NameAttrMap.
-     * 
+     *
      * @param newDefault The new default X500NameAttrMap.
      */
     public static void setDefault(X500NameAttrMap newDefault) {
@@ -217,8 +217,8 @@ public class X500NameAttrMap {
 
     private static X500NameAttrMap defDirMap;
 
-    /* 
-     * Create the default maps on initialization. 
+    /*
+     * Create the default maps on initialization.
      */
     static {
         defMap = new X500NameAttrMap();
@@ -251,7 +251,7 @@ public class X500NameAttrMap {
         defMap.addNameOID("TITLE",
                 new ObjectIdentifier("2.5.4.12"),
                 directoryStr);
-        // RFC 1274 UserId, rfc822MailBox 
+        // RFC 1274 UserId, rfc822MailBox
         defMap.addNameOID("UID",
                 new ObjectIdentifier("0.9.2342.19200300.100.1.1"),
                 directoryStr);
diff --git a/base/util/src/netscape/security/x509/X509AttributeName.java b/base/util/src/netscape/security/x509/X509AttributeName.java
index 2f6c46cb1..2616ddb8e 100644
--- a/base/util/src/netscape/security/x509/X509AttributeName.java
+++ b/base/util/src/netscape/security/x509/X509AttributeName.java
@@ -19,7 +19,7 @@ package netscape.security.x509;
 
 /**
  * This class is used to parse attribute names like "x509.info.extensions".
- * 
+ *
  * @author Amit Kapoor
  * @author Hemma Prafullchandra
  * @version 1.4
@@ -35,7 +35,7 @@ public class X509AttributeName {
     /**
      * Default constructor for the class. Name is of the form
      * "x509.info.extensions".
-     * 
+     *
      * @param name the attribute name.
      */
     public X509AttributeName(String name) {
diff --git a/base/util/src/netscape/security/x509/X509CRLImpl.java b/base/util/src/netscape/security/x509/X509CRLImpl.java
index 8c69b6aa0..05afe2653 100755
--- a/base/util/src/netscape/security/x509/X509CRLImpl.java
+++ b/base/util/src/netscape/security/x509/X509CRLImpl.java
@@ -51,7 +51,7 @@ import netscape.security.util.ObjectIdentifier;
  * An implmentation for X509 CRL (Certificate Revocation List).
  * 

  * The X.509 v2 CRL format is described below in ASN.1:
- * 
+ *
  * 
  * 

  * 

@@ -62,7 +62,7 @@ import netscape.security.util.ObjectIdentifier;
  * <draft-ietf-pkix-ipki-part1-06.txt>.
  * 

  * The ASN.1 definition of tbsCertList is:
- * 
+ *
  * 
  * TBSCertList  ::=  SEQUENCE  {
  *     version                 Version OPTIONAL,
@@ -81,7 +81,7 @@ import netscape.security.util.ObjectIdentifier;
  *                                  -- if present, must be v2
  *     }
  * 

- * 
+ *
  * @author Hemma Prafullchandra
  * @version 1.8
  * @see X509CRL
@@ -115,7 +115,7 @@ public class X509CRLImpl extends X509CRL {
      * need to examine and use CRL contents. Note that the buffer
      * must include only one CRL, and no "garbage" may be left at
      * the end.
-     * 
+     *
      * @param crlData the encoded bytes, with no trailing padding.
      * @exception CRLException on parsing errors.
      * @exception X509ExtensionException on extension handling errors.
@@ -148,7 +148,7 @@ public class X509CRLImpl extends X509CRL {
     /**
      * Unmarshals an X.509 CRL from an input stream. Only one CRL
      * is expected at the end of the input stream.
-     * 
+     *
      * @param inStrm an input stream holding at least one CRL
      * @exception CRLException on parsing errors.
      * @exception X509ExtensionException on extension handling errors.
@@ -167,7 +167,7 @@ public class X509CRLImpl extends X509CRL {
 
     /**
      * Initial CRL constructor, no revoked certs, and no extensions.
-     * 
+     *
      * @param issuer the name of the CA issuing this CRL.
      * @param thisUpdate the Date of this issue.
      * @param nextUpdate the Date of the next CRL.
@@ -180,12 +180,12 @@ public class X509CRLImpl extends X509CRL {
 
     /**
      * CRL constructor, revoked certs, no extensions.
-     * 
+     *
      * @param issuer the name of the CA issuing this CRL.
      * @param thisUpdate the Date of this issue.
      * @param nextUpdate the Date of the next CRL.
      * @param badCerts the array of revoked certificates.
-     * 
+     *
      * @exception CRLException on parsing/construction errors.
      * @exception X509ExtensionException on extension handling errors.
      */
@@ -204,13 +204,13 @@ public class X509CRLImpl extends X509CRL {
 
     /**
      * CRL constructor, revoked certs and extensions.
-     * 
+     *
      * @param issuer the name of the CA issuing this CRL.
      * @param thisUpdate the Date of this issue.
      * @param nextUpdate the Date of the next CRL.
      * @param badCerts the array of revoked certificates.
      * @param crlExts the CRL extensions.
-     * 
+     *
      * @exception CRLException on parsing/construction errors.
      * @exception X509ExtensionException on extension handling errors.
      */
@@ -241,7 +241,7 @@ public class X509CRLImpl extends X509CRL {
      * This will be used by code that constructs CRL and uses
      * encodeInfo() in order to sign it using external means
      * (other than sign() method)
-     * 
+     *
      * @param issuer the name of the CA issuing this CRL.
      * @param sigAlg signing algorithm id
      * @param thisUpdate the Date of this issue.
@@ -258,14 +258,14 @@ public class X509CRLImpl extends X509CRL {
 
     /**
      * CRL constructor, revoked certs and extensions.
-     * 
+     *
      * @param issuer the name of the CA issuing this CRL.
      * @param sigAlg signing algorithm id
      * @param thisUpdate the Date of this issue.
      * @param nextUpdate the Date of the next CRL.
      * @param badCerts the hashtable of revoked certificates.
      * @param crlExts the CRL extensions.
-     * 
+     *
      * @exception CRLException on parsing/construction errors.
      * @exception X509ExtensionException on extension handling errors.
      */
@@ -286,7 +286,7 @@ public class X509CRLImpl extends X509CRL {
 
     /**
      * Returns the ASN.1 DER encoded form of this CRL.
-     * 
+     *
      * @exception CRLException if an encoding error occurs.
      */
     public byte[] getEncoded() throws CRLException {
@@ -299,7 +299,7 @@ public class X509CRLImpl extends X509CRL {
 
     /**
      * Returns true if signedCRL was set.
-     * 
+     *
      * @param byte array of containing signed CRL.
      */
     public boolean setSignedCRL(byte[] crl) {
@@ -319,7 +319,7 @@ public class X509CRLImpl extends X509CRL {
 
     /**
      * Encodes the "to-be-signed" CRL to the OutputStream.
-     * 
+     *
      * @param out the OutputStream to write to.
      * @exception CRLException on encoding errors.
      * @exception X509ExtensionException on extension encoding errors.
@@ -363,9 +363,9 @@ public class X509CRLImpl extends X509CRL {
     /**
      * Verifies that this CRL was signed using the
      * private key that corresponds to the specified public key.
-     * 
+     *
      * @param key the PublicKey used to carry out the verification.
-     * 
+     *
      * @exception NoSuchAlgorithmException on unsupported signature
      *                algorithms.
      * @exception InvalidKeyException on incorrect key.
@@ -384,10 +384,10 @@ public class X509CRLImpl extends X509CRL {
      * private key that corresponds to the specified public key,
      * and that the signature verification was computed by
      * the given provider.
-     * 
+     *
      * @param key the PublicKey used to carry out the verification.
      * @param sigProvider the name of the signature provider.
-     * 
+     *
      * @exception NoSuchAlgorithmException on unsupported signature
      *                algorithms.
      * @exception InvalidKeyException on incorrect key.
@@ -431,10 +431,10 @@ public class X509CRLImpl extends X509CRL {
     /**
      * Encodes an X.509 CRL, and signs it using the key
      * passed.
-     * 
+     *
      * @param key the private key used for signing.
      * @param algorithm the name of the signature algorithm used.
-     * 
+     *
      * @exception NoSuchAlgorithmException on unsupported signature
      *                algorithms.
      * @exception InvalidKeyException on incorrect key.
@@ -452,11 +452,11 @@ public class X509CRLImpl extends X509CRL {
     /**
      * Encodes an X.509 CRL, and signs it using the key
      * passed.
-     * 
+     *
      * @param key the private key used for signing.
      * @param algorithm the name of the signature algorithm used.
      * @param provider the name of the provider.
-     * 
+     *
      * @exception NoSuchAlgorithmException on unsupported signature
      *                algorithms.
      * @exception InvalidKeyException on incorrect key.
@@ -510,7 +510,7 @@ public class X509CRLImpl extends X509CRL {
 
     /**
      * Returns a printable string of this CRL.
-     * 
+     *
      * @return value of this CRL in a printable form.
      */
     public String toString() {
@@ -545,7 +545,7 @@ public class X509CRLImpl extends X509CRL {
 
     /**
      * Checks whether the given serial number is on this CRL.
-     * 
+     *
      * @param serialNumber the number to check for.
      * @return true if the given serial number is on this CRL,
      *         false otherwise.
@@ -569,13 +569,13 @@ public class X509CRLImpl extends X509CRL {
     /**
      * Gets the version number from the CRL.
      * The ASN.1 definition for this is:
-     * 
+     *
      * 
      * Version  ::=  INTEGER  {  v1(0), v2(1), v3(2)  }
      *             -- v3 does not apply to CRLs but appears for consistency
      *             -- with definition of Version for certs
      * 

-     * 
+     *
      * @return the version number.
      */
     public int getVersion() {
@@ -588,29 +588,29 @@ public class X509CRLImpl extends X509CRL {
      * issued the CRL). The issuer name field contains an
      * X.500 distinguished name (DN).
      * The ASN.1 definition for this is:
-     * 
+     *
      * 
      * issuer    Name
-     * 
+     *
      * Name ::= CHOICE { RDNSequence }
      * RDNSequence ::= SEQUENCE OF RelativeDistinguishedName
      * RelativeDistinguishedName ::=
      *     SET OF AttributeValueAssertion
-     * 
+     *
      * AttributeValueAssertion ::= SEQUENCE {
      *                               AttributeType,
      *                               AttributeValue }
      * AttributeType ::= OBJECT IDENTIFIER
      * AttributeValue ::= ANY
      * 

-     * 
+     *
      * The Name describes a hierarchical name composed of attributes,
      * such as country name, and corresponding values, such as US.
      * The type of the component AttributeValue is determined by the
      * AttributeType; in general it will be a directoryString.
      * A directoryString is usually one of PrintableString,
      * TeletexString or UniversalString.
-     * 
+     *
      * @return the issuer name.
      */
     public Principal getIssuerDN() {
@@ -620,7 +620,7 @@ public class X509CRLImpl extends X509CRL {
     /**
      * Gets the thisUpdate date from the CRL.
      * The ASN.1 definition for this is:
-     * 
+     *
      * @return the thisUpdate date from the CRL.
      */
     public Date getThisUpdate() {
@@ -629,7 +629,7 @@ public class X509CRLImpl extends X509CRL {
 
     /**
      * Gets the nextUpdate date from the CRL.
-     * 
+     *
      * @return the nextUpdate date from the CRL, or null if
      *         not present.
      */
@@ -642,7 +642,7 @@ public class X509CRLImpl extends X509CRL {
     /**
      * Get the revoked certificate from the CRL by the serial
      * number provided.
-     * 
+     *
      * @return the revoked certificate or null if there is
      *         no entry in the CRL marked with the provided serial number.
      * @see RevokedCertificate
@@ -658,7 +658,7 @@ public class X509CRLImpl extends X509CRL {
     /**
      * Gets all the revoked certificates from the CRL.
      * A Set of RevokedCertificate.
-     * 
+     *
      * @return all the revoked certificates or null if there are
      *         none.
      * @see RevokedCertificate
@@ -691,7 +691,7 @@ public class X509CRLImpl extends X509CRL {
     /**
      * Gets the DER encoded CRL information, the tbsCertList from this CRL.
      * This can be used to verify the signature independently.
-     * 
+     *
      * @return the DER encoded CRL information.
      * @exception CRLException on parsing errors.
      * @exception X509ExtensionException on extension parsing errors.
@@ -707,7 +707,7 @@ public class X509CRLImpl extends X509CRL {
 
     /**
      * Gets the raw Signature bits from the CRL.
-     * 
+     *
      * @return the signature.
      */
     public byte[] getSignature() {
@@ -720,7 +720,7 @@ public class X509CRLImpl extends X509CRL {
 
     /**
      * Returns true if signature was set.
-     * 
+     *
      * @param byte array of containing CRL signature.
      */
     public boolean setSignature(byte[] crlSignature) {
@@ -737,7 +737,7 @@ public class X509CRLImpl extends X509CRL {
      * Gets the signature algorithm name for the CRL
      * signature algorithm. For example, the string "SHA1withDSA".
      * The ASN.1 definition for this is:
-     * 
+     *
      * 
      * AlgorithmIdentifier  ::=  SEQUENCE  {
      *     algorithm               OBJECT IDENTIFIER,
@@ -746,7 +746,7 @@ public class X509CRLImpl extends X509CRL {
      *                             -- registered for use with the
      *                             -- algorithm object identifier value
      * 

-     * 
+     *
      * @return the signature algorithm name.
      */
     public String getSigAlgName() {
@@ -762,7 +762,7 @@ public class X509CRLImpl extends X509CRL {
      * <positive whole number>.<positive whole number>.<...>
      * For example, the string "1.2.840.10040.4.3" identifies the SHA-1
      * with DSA signature algorithm, as per the PKIX part I.
-     * 
+     *
      * @return the signature algorithm oid string.
      */
     public String getSigAlgOID() {
@@ -777,7 +777,7 @@ public class X509CRLImpl extends X509CRL {
      * CRL's signature algorithm. In most cases, the signature
      * algorithm parameters are null, the parameters are usually
      * supplied with the Public Key.
-     * 
+     *
      * @return the DER encoded signature algorithm parameters, or
      *         null if no parameters are present.
      */
@@ -794,7 +794,7 @@ public class X509CRLImpl extends X509CRL {
     /**
      * Gets a Set of the extension(s) marked CRITICAL in the
      * CRL by OID strings.
-     * 
+     *
      * @return a set of the extension oid strings in the
      *         CRL that are marked critical.
      */
@@ -815,7 +815,7 @@ public class X509CRLImpl extends X509CRL {
     /**
      * Gets a Set of the extension(s) marked NON-CRITICAL in the
      * CRL by OID strings.
-     * 
+     *
      * @return a set of the extension oid strings in the
      *         CRL that are NOT marked critical.
      */
@@ -839,7 +839,7 @@ public class X509CRLImpl extends X509CRL {
      * represented by a set of positive whole number separated
      * by ".", that means,

      * <positive whole number>.<positive whole number>.<...>
-     * 
+     *
      * @param oid the Object Identifier value for the extension.
      * @return the der encoded octet string of the extension value.
      */
@@ -932,7 +932,7 @@ public class X509CRLImpl extends X509CRL {
 
     /**
      * Returns extensions for this impl.
-     * 
+     *
      * @param extn CRLExtensions
      */
     public CRLExtensions getExtensions() {
diff --git a/base/util/src/netscape/security/x509/X509Cert.java b/base/util/src/netscape/security/x509/X509Cert.java
index 9ab7ba754..5b6036049 100644
--- a/base/util/src/netscape/security/x509/X509Cert.java
+++ b/base/util/src/netscape/security/x509/X509Cert.java
@@ -41,7 +41,7 @@ import netscape.security.util.DerValue;
 /**
  * @author David Brownell
  * @version 1.5
- * 
+ *
  * @see CertAndKeyGen
  * @deprecated Use the new X509Certificate class.
  *             This class is only restored for backwards compatibility.
@@ -71,7 +71,7 @@ public class X509Cert implements Certificate, Serializable {
      * must include only a certificate, and no "garbage" may be left at
      * the end. If you need to ignore data at the end of a certificate,
      * use another constructor.
-     * 
+     *
      * @param cert the encoded bytes, with no terminatu (CONSUMED)
      * @exception IOException when the certificate is improperly encoded.
      */
@@ -90,11 +90,11 @@ public class X509Cert implements Certificate, Serializable {
      * encoded bytes. This form of constructor is used by agents which
      * need to examine and use certificate contents. That is, this is
      * one of the most commonly used constructors.
-     * 
+     *
      * @param buf the buffer holding the encoded bytes
      * @param offset the offset in the buffer where the bytes begin
      * @param len how many bytes of certificate exist
-     * 
+     *
      * @exception IOException when the certificate is improperly encoded.
      */
     public X509Cert(
@@ -114,7 +114,7 @@ public class X509Cert implements Certificate, Serializable {
      * Unmarshal a certificate from its encoded form, parsing a DER value.
      * This form of constructor is used by agents which need to examine
      * and use certificate contents.
-     * 
+     *
      * @param derVal the der value containing the encoded cert.
      * @exception IOException when the certificate is improperly encoded.
      */
@@ -131,25 +131,25 @@ public class X509Cert implements Certificate, Serializable {
      * which later signs and encodes the
      * certificate. Also, self-signed certificates serve as CA certificates,
      * and are sometimes used as certificate requests.
-     * 
+     *
      * 

      * Until the certificate has been signed and encoded, some of the mandatory fields in the certificate will not be
      * available via accessor functions: the serial number, issuer name and signing algorithm, and of course the signed
      * certificate. The fields passed to this constructor are available, and must be non-null.
-     * 
+     *
      * 

      * Note that the public key being signed is generally independent of the signature algorithm being used. So for
      * example Diffie-Hellman keys (which do not support signatures) can be placed in X.509 certificates when some other
      * signature algorithm (e.g. DSS/DSA, or one of the RSA based algorithms) is used.
-     * 
+     *
      * @see CertAndKeyGen
-     * 
+     *
      * @param subjectName the X.500 distinguished name being certified
      * @param subjectPublicKey the public key being certified. This
      *            must be an "X509Key" implementing the "PublicKey" interface.
      * @param notBefore the first time the certificate is valid
      * @param notAfter the last time the certificate is valid
-     * 
+     *
      * @exception CertException if the public key is inappropriate
      */
     public X509Cert(
@@ -174,7 +174,7 @@ public class X509Cert implements Certificate, Serializable {
 
     /**
      * Decode an X.509 certificate from an input stream.
-     * 
+     *
      * @param in an input stream holding at least one certificate
      * @exception IOException when the certificate is improperly encoded.
      */
@@ -189,7 +189,7 @@ public class X509Cert implements Certificate, Serializable {
 
     /**
      * Appends the certificate to an output stream.
-     * 
+     *
      * @param out an input stream to which the certificate is appended.
      * @exception IOException when appending fails.
      */
@@ -201,7 +201,7 @@ public class X509Cert implements Certificate, Serializable {
      * Compares two certificates. This is false if the
      * certificates are not both X.509 certs, otherwise it
      * compares them as binary data.
-     * 
+     *
      * @param other the object being compared with this one
      * @return true iff the certificates are equivalent
      */
@@ -215,7 +215,7 @@ public class X509Cert implements Certificate, Serializable {
     /**
      * Compares two certificates, returning false if any data
      * differs between the two.
-     * 
+     *
      * @param other the object being compared with this one
      * @return true iff the certificates are equivalent
      */
@@ -255,13 +255,13 @@ public class X509Cert implements Certificate, Serializable {
      * was not signed using the verification key provided. Successfully
      * verifying a certificate does not indicate that one should
      * trust the entity which it represents.
-     * 
+     *
      * 

      * Note that since this class represents only a single X.509
      * certificate, it cannot know anything about the certificate chain
      * which is used to provide the verification key and to establish trust.
      * Other code must manage and use those cert chains.
-     * 
+     *
      * 
For now, you must walk the cert chain being used to verify any
      * given cert.  Start at the root, which is a self-signed certificate;
      * verify it using the key inside the certificate.  Then use that to
@@ -271,7 +271,7 @@ public class X509Cert implements Certificate, Serializable {
      * if any of the verification operations for its certificate chain
      * were unsuccessful.
      * 
-     * 
+     *
      * @param issuerPublicKey the public key of the issuing CA
      * @exception CertException when the certificate is not valid.
      */
@@ -327,15 +327,15 @@ public class X509Cert implements Certificate, Serializable {
      * passed (associating a signature algorithm and an X.500 name).
      * This operation is used to implement the certificate generation
      * functionality of a certificate authority.
-     * 
+     *
      * @see #getSignedCert
      * @see #getSigner
      * @see CertAndKeyGen
-     * 
+     *
      * @param serial the serial number of the certificate (non-null)
      * @param issuer the certificate issuer (CA) (non-null)
      * @return the signed certificate, as returned by getSignedCert
-     * 
+     *
      * @exception IOException if any of the data could not be encoded,
      *                or when any mandatory data was omitted
      * @exception SignatureException on signing failures
@@ -375,7 +375,7 @@ public class X509Cert implements Certificate, Serializable {
      * Returns an X500Signer that may be used to create signatures. Those
      * signature may in turn be verified using this certificate (or a
      * copy of it).
-     * 
+     *
      * 

      * NOTE:  If the private key is by itself capable of
      * creating signatures, this fact may not be recognized at this time.
@@ -383,13 +383,13 @@ public class X509Cert implements Certificate, Serializable {
      * parameters from higher in the certificate chain is not supportable
      * without using an X509CertChain API, and there is no current support
      * for other sources of algorithm parameters.
-     * 
+     *
      * @param algorithm the signature algorithm to be used. Note that a
      *            given public/private key pair may support several such algorithms.
      * @param privateKey the private key used to create the signature,
      *            which must correspond to the public key in this certificate
      * @return the Signer object
-     * 
+     *
      * @exception NoSuchAlgorithmException if the signature
      *                algorithm is not supported
      * @exception InvalidKeyException if either the key in the certificate,
@@ -426,7 +426,7 @@ public class X509Cert implements Certificate, Serializable {
      * Returns a signature object that may be used to verify signatures
      * created using a specified signature algorithm and the public key
      * contained in this certificate.
-     * 
+     *
      * 

      * NOTE:  If the public key in this certificate is not by
      * itself capable of verifying signatures, this may not be recognized
@@ -434,7 +434,7 @@ public class X509Cert implements Certificate, Serializable {
      * their algorithm parameters from higher in the certificate chain
      * is not supportable without using an X509CertChain API, and there
      * is no current support for other sources of algorithm parameters.
-     * 
+     *
      * @param algorithm the algorithm of the signature to be verified
      * @return the Signature object
      * @exception NoSuchAlgorithmException if the signature
@@ -512,7 +512,7 @@ public class X509Cert implements Certificate, Serializable {
      * to perform a public key operation. Those keys need to be augmented
      * by algorithm parameters, which the certificate generation policy
      * chose not to place in the certificate.
-     * 
+     *
      * 

      * Two such public key algorithms are: DSS/DSA, where algorithm parameters could be acquired from a CA certificate
      * in the chain of issuers; and Diffie-Hellman, with a similar solution although the CA then needs both a
@@ -576,7 +576,7 @@ public class X509Cert implements Certificate, Serializable {
 
     /**
      * Returns a printable representation of the certificate.
-     * 
+     *
      * @param detailed true iff lots of detail is requested
      */
     public String toString(boolean detailed) {
@@ -664,7 +664,7 @@ public class X509Cert implements Certificate, Serializable {
 
         in = seq[0].data;
 
-        /* 
+        /*
         * Version -- this is optional (default zero). If it's there it's
         * the first field and is specially tagged.
         *
@@ -801,7 +801,7 @@ public class X509Cert implements Certificate, Serializable {
      */
     private byte[] sign(X500Signer issuer, byte data[])
             throws IOException, SignatureException {
-        /* 
+        /*
          * Encode the to-be-signed data, then the algorithm used
          * to create the signature.
          */
diff --git a/base/util/src/netscape/security/x509/X509CertImpl.java b/base/util/src/netscape/security/x509/X509CertImpl.java
index 9c62b36a6..f93fb9009 100755
--- a/base/util/src/netscape/security/x509/X509CertImpl.java
+++ b/base/util/src/netscape/security/x509/X509CertImpl.java
@@ -59,22 +59,22 @@ import netscape.security.util.ObjectIdentifier;
  * software distribution, and Secure Electronic Transactions (SET). There
  * is a commercial infrastructure ready to manage large scale deployments
  * of X.509 identity certificates.
- * 
+ *
  * 

  * These certificates are managed and vouched for by Certificate
  * Authorities (CAs). CAs are services which create certificates by placing data in the X.509 standard format and
  * then digitally signing that data. Such signatures are quite difficult to forge. CAs act as trusted third parties,
  * making introductions between agents who have no direct knowledge of each other. CA certificates are either signed by
  * themselves, or by some other CA such as a "root" CA.
- * 
+ *
  * 

  * RFC 1422 is very informative, though it does not describe much of the recent work being done with X.509 certificates.
  * That includes a 1996 version (X.509v3) and a variety of enhancements being made to facilitate an explosion of
  * personal certificates used as "Internet Drivers' Licences", or with SET for credit card transactions.
- * 
+ *
  * 

  * More recent work includes the IETF PKIX Working Group efforts, especially part 1.
- * 
+ *
  * @author Dave Brownell
  * @author Amit Kapoor
  * @author Hemma Prafullchandra
@@ -152,7 +152,7 @@ public class X509CertImpl extends X509Certificate
      * must include only a certificate, and no "garbage" may be left at
      * the end. If you need to ignore data at the end of a certificate,
      * use another constructor.
-     * 
+     *
      * @param certData the encoded bytes, with no trailing padding.
      * @exception CertificateException on parsing and initialization errors.
      */
@@ -165,7 +165,7 @@ public class X509CertImpl extends X509Certificate
      * As a special optimization, this constructor acts as X509CertImpl(byte[])
      * except that it takes an X509CertInfo which it uses as a 'hint' for
      * how to construct one field.
-     * 
+     *
      * @param certData the encode bytes, with no traiing padding
      * @param certInfo the certInfo which has already been constructed
      *            from the certData
@@ -190,7 +190,7 @@ public class X509CertImpl extends X509Certificate
 
     /**
      * unmarshals an X.509 certificate from an input stream.
-     * 
+     *
      * @param in an input stream holding at least one certificate
      * @exception CertificateException on parsing and initialization errors.
      */
@@ -209,7 +209,7 @@ public class X509CertImpl extends X509Certificate
     /**
      * Construct an initialized X509 Certificate. The certificate is stored
      * in raw form and has to be signed to be useful.
-     * 
+     *
      * @param certInfo the X509CertificateInfo which the Certificate is to be
      *            created from.
      */
@@ -221,7 +221,7 @@ public class X509CertImpl extends X509Certificate
      * Unmarshal a certificate from its encoded form, parsing a DER value.
      * This form of constructor is used by agents which need to examine
      * and use certificate contents.
-     * 
+     *
      * @param derVal the der value containing the encoded cert.
      * @exception CertificateException on parsing and initialization errors.
      */
@@ -242,7 +242,7 @@ public class X509CertImpl extends X509Certificate
 
     /**
      * Decode an X.509 certificate from an input stream.
-     * 
+     *
      * @param in an input stream holding at least one certificate
      * @exception CertificateException on parsing errors.
      * @exception IOException on other errors.
@@ -257,7 +257,7 @@ public class X509CertImpl extends X509Certificate
 
     /**
      * Appends the certificate to an output stream.
-     * 
+     *
      * @param out an input stream to which the certificate is appended.
      * @exception CertificateEncodingException on encoding errors.
      */
@@ -276,10 +276,10 @@ public class X509CertImpl extends X509Certificate
     /**
      * DER encode this object onto an output stream.
      * Implements the DerEncoder interface.
-     * 
+     *
      * @param out
      *            the output stream on which to write the DER encoding.
-     * 
+     *
      * @exception IOException on encoding error.
      */
     public void derEncode(OutputStream out) throws IOException {
@@ -294,7 +294,7 @@ public class X509CertImpl extends X509Certificate
      * assumed that each certificate type would have only a single
      * form of encoding; for example, X.509 certificates would
      * be encoded as ASN.1 DER.
-     * 
+     *
      * @exception CertificateEncodingException if an encoding error occurs.
      */
     public byte[] getEncoded() throws CertificateEncodingException {
@@ -311,9 +311,9 @@ public class X509CertImpl extends X509Certificate
      * verification key provided. Successfully verifying a certificate
      * does not indicate that one should trust the entity which
      * it represents.
-     * 
+     *
      * @param key the public key used for verification.
-     * 
+     *
      * @exception InvalidKeyException on incorrect key.
      * @exception NoSuchAlgorithmException on unsupported signature
      *                algorithms.
@@ -333,10 +333,10 @@ public class X509CertImpl extends X509Certificate
      * verification key provided. Successfully verifying a certificate
      * does not indicate that one should trust the entity which
      * it represents.
-     * 
+     *
      * @param key the public key used for verification.
      * @param sigProvider the name of the provider.
-     * 
+     *
      * @exception NoSuchAlgorithmException on unsupported signature
      *                algorithms.
      * @exception InvalidKeyException on incorrect key.
@@ -369,10 +369,10 @@ public class X509CertImpl extends X509Certificate
      * passed (associating a signature algorithm and an X.500 name).
      * This operation is used to implement the certificate generation
      * functionality of a certificate authority.
-     * 
+     *
      * @param key the private key used for signing.
      * @param algorithm the name of the signature algorithm used.
-     * 
+     *
      * @exception InvalidKeyException on incorrect key.
      * @exception NoSuchAlgorithmException on unsupported signature
      *                algorithms.
@@ -391,11 +391,11 @@ public class X509CertImpl extends X509Certificate
      * passed (associating a signature algorithm and an X.500 name).
      * This operation is used to implement the certificate generation
      * functionality of a certificate authority.
-     * 
+     *
      * @param key the private key used for signing.
      * @param algorithm the name of the signature algorithm used.
      * @param provider the name of the provider.
-     * 
+     *
      * @exception NoSuchAlgorithmException on unsupported signature
      *                algorithms.
      * @exception InvalidKeyException on incorrect key.
@@ -449,7 +449,7 @@ public class X509CertImpl extends X509Certificate
     /**
      * Checks that the certificate is currently valid, i.e. the current
      * time is within the specified validity period.
-     * 
+     *
      * @exception CertificateExpiredException if the certificate has expired.
      * @exception CertificateNotYetValidException if the certificate is not
      *                yet valid.
@@ -464,10 +464,10 @@ public class X509CertImpl extends X509Certificate
      * Checks that the specified date is within the certificate's
      * validity period, or basically if the certificate would be
      * valid at the specified date/time.
-     * 
+     *
      * @param date the Date to check against to see if this certificate
      *            is valid at that date/time.
-     * 
+     *
      * @exception CertificateExpiredException if the certificate has expired
      *                with respect to the date supplied.
      * @exception CertificateNotYetValidException if the certificate is not
@@ -489,7 +489,7 @@ public class X509CertImpl extends X509Certificate
 
     /**
      * Return the requested attribute from the certificate.
-     * 
+     *
      * @param name the name of the attribute.
      * @exception CertificateParsingException on invalid attribute identifier.
      */
@@ -531,7 +531,7 @@ public class X509CertImpl extends X509Certificate
 
     /**
      * Set the requested attribute in the certificate.
-     * 
+     *
      * @param name the name of the attribute.
      * @param obj the value of the attribute.
      * @exception CertificateException on invalid attribute identifier.
@@ -573,7 +573,7 @@ public class X509CertImpl extends X509Certificate
 
     /**
      * Delete the requested attribute from the certificate.
-     * 
+     *
      * @param name the name of the attribute.
      * @exception CertificateException on invalid attribute identifier.
      * @exception IOException on other errors.
@@ -663,7 +663,7 @@ public class X509CertImpl extends X509Certificate
 
     /**
      * Gets the publickey from this certificate.
-     * 
+     *
      * @return the publickey.
      */
     public PublicKey getPublicKey() {
@@ -680,7 +680,7 @@ public class X509CertImpl extends X509Certificate
 
     /**
      * Gets the version number from the certificate.
-     * 
+     *
      * @return the version number.
      */
     public int getVersion() {
@@ -697,7 +697,7 @@ public class X509CertImpl extends X509Certificate
 
     /**
      * Gets the serial number from the certificate.
-     * 
+     *
      * @return the serial number.
      */
     public BigInteger getSerialNumber() {
@@ -715,7 +715,7 @@ public class X509CertImpl extends X509Certificate
 
     /**
      * Gets the subject distinguished name from the certificate.
-     * 
+     *
      * @return the subject name.
      */
     public Principal getSubjectDN() {
@@ -733,7 +733,7 @@ public class X509CertImpl extends X509Certificate
 
     /**
      * Gets the issuer distinguished name from the certificate.
-     * 
+     *
      * @return the issuer name.
      */
     public Principal getIssuerDN() {
@@ -751,7 +751,7 @@ public class X509CertImpl extends X509Certificate
 
     /**
      * Gets the notBefore date from the validity period of the certificate.
-     * 
+     *
      * @return the start date of the validity period.
      */
     public Date getNotBefore() {
@@ -768,7 +768,7 @@ public class X509CertImpl extends X509Certificate
 
     /**
      * Gets the notAfter date from the validity period of the certificate.
-     * 
+     *
      * @return the end date of the validity period.
      */
     public Date getNotAfter() {
@@ -786,7 +786,7 @@ public class X509CertImpl extends X509Certificate
     /**
      * Gets the DER encoded certificate informations, the tbsCertificate from this certificate.
      * This can be used to verify the signature independently.
-     * 
+     *
      * @return the DER encoded certificate information.
      * @exception CertificateEncodingException if an encoding error occurs.
      */
@@ -799,7 +799,7 @@ public class X509CertImpl extends X509Certificate
 
     /**
      * Gets the raw Signature bits from the certificate.
-     * 
+     *
      * @return the signature.
      */
     public byte[] getSignature() {
@@ -814,7 +814,7 @@ public class X509CertImpl extends X509Certificate
      * Gets the signature algorithm name for the certificate
      * signature algorithm.
      * For example, the string "SHA-1/DSA" or "DSS".
-     * 
+     *
      * @return the signature algorithm name.
      */
     public String getSigAlgName() {
@@ -826,7 +826,7 @@ public class X509CertImpl extends X509Certificate
     /**
      * Gets the signature algorithm OID string from the certificate.
      * For example, the string "1.2.840.10040.4.3"
-     * 
+     *
      * @return the signature algorithm oid string.
      */
     public String getSigAlgOID() {
@@ -839,7 +839,7 @@ public class X509CertImpl extends X509Certificate
     /**
      * Gets the DER encoded signature algorithm parameters from this
      * certificate's signature algorithm.
-     * 
+     *
      * @return the DER encoded signature algorithm parameters, or
      *         null if no parameters are present.
      */
@@ -855,7 +855,7 @@ public class X509CertImpl extends X509Certificate
 
     /**
      * Gets the Issuer Unique Identity from the certificate.
-     * 
+     *
      * @return the Issuer Unique Identity.
      */
     public boolean[] getIssuerUniqueID() {
@@ -876,7 +876,7 @@ public class X509CertImpl extends X509Certificate
 
     /**
      * Gets the Subject Unique Identity from the certificate.
-     * 
+     *
      * @return the Subject Unique Identity.
      */
     public boolean[] getSubjectUniqueID() {
@@ -898,7 +898,7 @@ public class X509CertImpl extends X509Certificate
     /**
      * Gets a Set of the extension(s) marked CRITICAL in the
      * certificate by OID strings.
-     * 
+     *
      * @return a set of the extension oid strings in the
      *         certificate that are marked critical.
      */
@@ -926,7 +926,7 @@ public class X509CertImpl extends X509Certificate
     /**
      * Gets a Set of the extension(s) marked NON-CRITICAL in the
      * certificate by OID strings.
-     * 
+     *
      * @return a set of the extension oid strings in the
      *         certificate that are NOT marked critical.
      */
@@ -977,7 +977,7 @@ public class X509CertImpl extends X509Certificate
     /**
      * Gets the DER encoded extension identified by the passed
      * in oid String.
-     * 
+     *
      * @param oid the Object Identifier value for the extension.
      */
     public byte[] getExtensionValue(String oid) {
@@ -1024,7 +1024,7 @@ public class X509CertImpl extends X509Certificate
     /**
      * Get a boolean array representing the bits of the KeyUsage extension,
      * (oid = 2.5.29.15).
-     * 
+     *
      * @return the bit values of this extension as an array of booleans.
      */
     public boolean[] getKeyUsage() {
@@ -1047,7 +1047,7 @@ public class X509CertImpl extends X509Certificate
     /**
      * Get the certificate constraints path length from the
      * the critical BasicConstraints extension, (oid = 2.5.29.19).
-     * 
+     *
      * @return the length of the constraint.
      */
     public int getBasicConstraints() {
@@ -1170,12 +1170,12 @@ public class X509CertImpl extends X509Certificate
         /**
          * Construct the alternate Certificate class with the Certificate
          * type and Certificate encoding bytes.
-         * 
+         *
          * 

-         * 
+         *
          * @param type the standard name of the Certificate type.
          *            

-         * 
+         *
          * @param data the Certificate data.
          */
         protected CertificateRep1(String type, byte[] data) {
@@ -1185,11 +1185,11 @@ public class X509CertImpl extends X509Certificate
 
         /**
          * Resolve the Certificate Object.
-         * 
+         *
          * 

-         * 
+         *
          * @return the resolved Certificate Object.
-         * 
+         *
          * @throws java.io.ObjectStreamException if the Certificate could not
          *             be resolved.
          */
diff --git a/base/util/src/netscape/security/x509/X509CertInfo.java b/base/util/src/netscape/security/x509/X509CertInfo.java
index 4777cd958..20ef2bd6a 100644
--- a/base/util/src/netscape/security/x509/X509CertInfo.java
+++ b/base/util/src/netscape/security/x509/X509CertInfo.java
@@ -36,25 +36,25 @@ import netscape.security.util.DerValue;
 
 /**
  * The X509CertInfo class represents X.509 certificate information.
- * 
+ *
  * 

  * X.509 certificates have several base data elements, including:
  * 
    
- * 
+ *
  * 
  • The Subject Name, an X.500 Distinguished Name for the entity (subject) for which the certificate was
  * issued.
- * 
+ *
  * 
  • The Subject Public Key, the public key of the subject. This is one of the most important parts of the
  * certificate.
- * 
+ *
  * 
  • The Validity Period, a time period (e.g. six months) within which the certificate is valid (unless
  * revoked).
- * 
+ *
  * 
  • The Issuer Name, an X.500 Distinguished Name for the Certificate Authority (CA) which issued the
  * certificate.
- * 
+ *
  * 
  • A Serial Number assigned by the CA, for use in certificate revocation and other applications.
- * 
+ *
  * @author Amit Kapoor
  * @author Hemma Prafullchandra
  * @version 1.16
@@ -146,7 +146,7 @@ public class X509CertInfo implements CertAttrSet, Serializable {
      * must include only a certificate, and no "garbage" may be left at
      * the end. If you need to ignore data at the end of a certificate,
      * use another constructor.
-     * 
+     *
      * @param cert the encoded bytes, with no trailing data.
      * @exception CertificateParsingException on parsing errors.
      */
@@ -164,7 +164,7 @@ public class X509CertInfo implements CertAttrSet, Serializable {
      * Unmarshal a certificate from its encoded form, parsing a DER value.
      * This form of constructor is used by agents which need to examine
      * and use certificate contents.
-     * 
+     *
      * @param derVal the der value containing the encoded cert.
      * @exception CertificateParsingException on parsing errors.
      */
@@ -178,7 +178,7 @@ public class X509CertInfo implements CertAttrSet, Serializable {
 
     /**
      * Decode an X.509 certificate from an input stream.
-     * 
+     *
      * @param in an input stream holding at least one certificate
      * @exception CertificateParsingException on decoding errors.
      * @exception IOException on other errors.
@@ -192,7 +192,7 @@ public class X509CertInfo implements CertAttrSet, Serializable {
 
     /**
      * Appends the certificate to an output stream.
-     * 
+     *
      * @param out an output stream to which the certificate is appended.
      * @exception CertificateException on encoding errors.
      * @exception IOException on other errors.
@@ -204,7 +204,7 @@ public class X509CertInfo implements CertAttrSet, Serializable {
 
     /**
      * Appends the certificate to an output stream.
-     * 
+     *
      * @param out An output stream to which the certificate is appended.
      * @param ignoreCache Whether to ignore the internal cache when encoding.
      *            (the cache can easily become out of date).
@@ -248,7 +248,7 @@ public class X509CertInfo implements CertAttrSet, Serializable {
 
     /**
      * Returns the encoded certificate info.
-     * 
+     *
      * @exception CertificateEncodingException on encoding information errors.
      */
     public byte[] getEncodedInfo() throws CertificateEncodingException {
@@ -276,7 +276,7 @@ public class X509CertInfo implements CertAttrSet, Serializable {
      * Compares two X509CertInfo objects. This is false if the
      * certificates are not both X.509 certs, otherwise it
      * compares them as binary data.
-     * 
+     *
      * @param other the object being compared with this one
      * @return true iff the certificates are equivalent
      */
@@ -291,7 +291,7 @@ public class X509CertInfo implements CertAttrSet, Serializable {
     /**
      * Compares two certificates, returning false if any data
      * differs between the two.
-     * 
+     *
      * @param other the object being compared with this one
      * @return true iff the certificates are equivalent
      */
@@ -383,7 +383,7 @@ public class X509CertInfo implements CertAttrSet, Serializable {
 
     /**
      * Set the certificate attribute.
-     * 
+     *
      * @param name the name of the Certificate attribute.
      * @param val the value of the Certificate attribute.
      * @exception CertificateException on invalid attributes.
@@ -486,7 +486,7 @@ public class X509CertInfo implements CertAttrSet, Serializable {
 
     /**
      * Delete the certificate attribute.
-     * 
+     *
      * @param name the name of the Certificate attribute.
      * @exception CertificateException on invalid attributes.
      * @exception IOException on other errors.
@@ -579,9 +579,9 @@ public class X509CertInfo implements CertAttrSet, Serializable {
 
     /**
      * Get the certificate attribute.
-     * 
+     *
      * @param name the name of the Certificate attribute.
-     * 
+     *
      * @exception CertificateException on invalid attributes.
      * @exception IOException on other errors.
      */
@@ -817,7 +817,7 @@ public class X509CertInfo implements CertAttrSet, Serializable {
 
     /**
      * Set the version number of the certificate.
-     * 
+     *
      * @param val the Object class value for the Extensions
      * @exception CertificateException on invalid data.
      */
@@ -830,7 +830,7 @@ public class X509CertInfo implements CertAttrSet, Serializable {
 
     /**
      * Set the serial number of the certificate.
-     * 
+     *
      * @param val the Object class value for the CertificateSerialNumber
      * @exception CertificateException on invalid data.
      */
@@ -843,7 +843,7 @@ public class X509CertInfo implements CertAttrSet, Serializable {
 
     /**
      * Set the algorithm id of the certificate.
-     * 
+     *
      * @param val the Object class value for the AlgorithmId
      * @exception CertificateException on invalid data.
      */
@@ -857,7 +857,7 @@ public class X509CertInfo implements CertAttrSet, Serializable {
 
     /**
      * Set the issuer name of the certificate.
-     * 
+     *
      * @param val the Object class value for the issuer
      * @exception CertificateException on invalid data.
      */
@@ -871,7 +871,7 @@ public class X509CertInfo implements CertAttrSet, Serializable {
 
     /**
      * Set the validity interval of the certificate.
-     * 
+     *
      * @param val the Object class value for the CertificateValidity
      * @exception CertificateException on invalid data.
      */
@@ -885,7 +885,7 @@ public class X509CertInfo implements CertAttrSet, Serializable {
 
     /**
      * Set the subject name of the certificate.
-     * 
+     *
      * @param val the Object class value for the Subject
      * @exception CertificateException on invalid data.
      */
@@ -899,7 +899,7 @@ public class X509CertInfo implements CertAttrSet, Serializable {
 
     /**
      * Set the public key in the certificate.
-     * 
+     *
      * @param val the Object class value for the PublicKey
      * @exception CertificateException on invalid data.
      */
@@ -913,7 +913,7 @@ public class X509CertInfo implements CertAttrSet, Serializable {
 
     /**
      * Set the Issuer Unique Identity in the certificate.
-     * 
+     *
      * @param val the Object class value for the IssuerUniqueId
      * @exception CertificateException
      */
@@ -930,7 +930,7 @@ public class X509CertInfo implements CertAttrSet, Serializable {
 
     /**
      * Set the Subject Unique Identity in the certificate.
-     * 
+     *
      * @param val the Object class value for the SubjectUniqueId
      * @exception CertificateException
      */
@@ -947,7 +947,7 @@ public class X509CertInfo implements CertAttrSet, Serializable {
 
     /**
      * Set the extensions in the certificate.
-     * 
+     *
      * @param val the Object class value for the Extensions
      * @exception CertificateException
      */
diff --git a/base/util/src/netscape/security/x509/X509ExtensionException.java b/base/util/src/netscape/security/x509/X509ExtensionException.java
index c7174aed8..6e30746e3 100644
--- a/base/util/src/netscape/security/x509/X509ExtensionException.java
+++ b/base/util/src/netscape/security/x509/X509ExtensionException.java
@@ -21,7 +21,7 @@ import java.security.GeneralSecurityException;
 
 /**
  * X.509 Extension Exception.
- * 
+ *
  * @author Hemma Prafullchandra
  *         1.2
  */
@@ -45,7 +45,7 @@ public class X509ExtensionException extends GeneralSecurityException {
      * Constructs the exception with the specified detail
      * message. A detail message is a String that describes this
      * particular exception.
-     * 
+     *
      * @param message the detail message.
      */
     public X509ExtensionException(String message) {
diff --git a/base/util/src/netscape/security/x509/X509Key.java b/base/util/src/netscape/security/x509/X509Key.java
index a8253c0d8..5c8ac3a88 100644
--- a/base/util/src/netscape/security/x509/X509Key.java
+++ b/base/util/src/netscape/security/x509/X509Key.java
@@ -39,13 +39,13 @@ import netscape.security.util.DerValue;
  * certificate. Includes a description of the algorithm to be used
  * with the key; these keys normally are used as
  * "SubjectPublicKeyInfo".
- * 
+ *
  * 
    
  * While this class can represent any kind of X.509 key, it may be desirable to provide subclasses which understand how
  * to parse keying data. For example, RSA public keys have two members, one for the public modulus and one for the prime
  * exponent. If such a class is provided, it is used when parsing X.509 keys. If one is not provided, the key still
  * parses correctly.
- * 
+ *
  * @version 1.74, 97/12/10
  * @author David Brownell
  */
@@ -88,12 +88,12 @@ public class X509Key implements PublicKey {
      * the runtime environment is configured with a specific class for
      * this kind of key, a subclass is returned. Otherwise, a generic
      * X509Key object is returned.
-     * 
+     *
      * 
    
      * This mechanism gurantees that keys (and algorithms) may be freely manipulated and transferred, without risk of
      * losing information. Also, when a key (or algorithm) needs some special handling, that specific need can be
      * accomodated.
-     * 
+     *
      * @param in the DER-encoded SubjectPublicKeyInfo value
      * @exception IOException on data format errors
      */
@@ -123,11 +123,11 @@ public class X509Key implements PublicKey {
      * keys encapsulate two unsigned integers (modulus and exponent) as
      * DER values within the key bits; Diffie-Hellman and
      * DSS/DSA keys encapsulate a single unsigned integer.
-     * 
+     *
      * 
    
      * This function is called when creating X.509 SubjectPublicKeyInfo values using the X509Key member functions, such
      * as parse and decode.
-     * 
+     *
      * @exception IOException on parsing errors.
      * @exception InvalidKeyException on invalid key encodings.
      */
@@ -236,7 +236,7 @@ public class X509Key implements PublicKey {
 
     /**
      * Encode SubjectPublicKeyInfo sequence on the DER output stream.
-     * 
+     *
      * @exception IOException on encoding errors.
      */
     public final void encode(DerOutputStream out) throws IOException {
@@ -271,7 +271,7 @@ public class X509Key implements PublicKey {
 
     /**
      * Returns the DER-encoded form of the key as a byte array.
-     * 
+     *
      * @exception InvalidKeyException on encoding errors.
      */
     public byte[] encode() throws InvalidKeyException {
@@ -310,16 +310,16 @@ public class X509Key implements PublicKey {
      * sequence consisting of an algorithm ID and a bit string which holds
      * the key. (That bit string is often used to encapsulate another DER
      * encoded sequence.)
-     * 
+     *
      * 
    
      * Subclasses should not normally redefine this method; they should instead provide a parseKeyBits
      * method to parse any fields inside the key member.
-     * 
+     *
      * 
    
      * The exception to this rule is that since private keys need not be encoded using the X.509
      * SubjectPublicKeyInfo format, private keys may override this method, encode, and of
      * course getFormat.
-     * 
+     *
      * @param in an input stream with a DER-encoded X.509
      *            SubjectPublicKeyInfo value
      * @exception InvalidKeyException on parsing errors.
@@ -436,7 +436,7 @@ public class X509Key implements PublicKey {
     }
 
     /*
-    *  parsePublicKey returns a PublicKey for use with package JSS from within netscape.security.*. 
+    *  parsePublicKey returns a PublicKey for use with package JSS from within netscape.security.*.
     *  This function provide an interim solution for migrating from using the netscape.security.* package
      * to using the JSS package.
     */
@@ -461,23 +461,23 @@ public class X509Key implements PublicKey {
         return subjectKey;
     }
 
-    /*  buildPublicKey returns a PublicKey for use with  the JSS package  from within netscape.security.*. 
+    /*  buildPublicKey returns a PublicKey for use with  the JSS package  from within netscape.security.*.
      *  This function provide an interim solution for migrating from using the netscape.security.* package
      * to using the JSS package.
      */
     static PublicKey buildPublicKey(AlgorithmId algid, byte[] key)
             throws IOException, InvalidKeyException {
-        /* 
-         * Use the algid and key parameters to produce the ASN.1 encoding 
-         * of the key, which will then be used as the input to the 
-         * key factory. 
+        /*
+         * Use the algid and key parameters to produce the ASN.1 encoding
+         * of the key, which will then be used as the input to the
+         * key factory.
          */
         DerOutputStream x509EncodedKeyStream = new DerOutputStream();
         encode(x509EncodedKeyStream, algid, key);
         X509EncodedKeySpec x509KeySpec = new X509EncodedKeySpec(x509EncodedKeyStream.toByteArray());
 
         try {
-            // Instantiate the key factory of the appropriate algorithm 
+            // Instantiate the key factory of the appropriate algorithm
             KeyFactory keyFac = null;
             if (Security.getProvider("Mozilla-JSS") == null) {
                 keyFac = KeyFactory.getInstance(algid.getName());
@@ -486,16 +486,16 @@ public class X509Key implements PublicKey {
                         "Mozilla-JSS");
             }
 
-            // Generate the public key 
+            // Generate the public key
             PublicKey pubKey = keyFac.generatePublic(x509KeySpec);
 
-            /* 
-             * Return specialized X509Key, where the structure within the 
-             * key has been parsed 
+            /*
+             * Return specialized X509Key, where the structure within the
+             * key has been parsed
              */
             return pubKey;
         } catch (NoSuchAlgorithmException e) {
-            // Return generic X509Key with opaque key data (see below) 
+            // Return generic X509Key with opaque key data (see below)
             throw new InvalidKeyException(e.toString());
         } catch (InvalidKeySpecException e) {
             throw new InvalidKeyException(e.toString());
-- 
cgit