--- /dev/null	2005-09-12 21:58:38.000000000 -0700
+++ gnu/java/lang/PseudoEnum.java	2005-09-12 22:07:14.000000000 -0700
@@ -0,0 +1,96 @@
+/* PseudoEnum.java -- emulate an Enum in pre-Java 1.5 code.
+   Copyright (C) 2005 Free Software Foundation, Inc.
+
+This file is part of GNU Classpath.
+
+GNU Classpath is free software; you can redistribute it and/or modify
+it under the terms of the GNU General Public License as published by
+the Free Software Foundation; either version 2, or (at your option)
+any later version.
+
+GNU Classpath is distributed in the hope that it will be useful, but
+WITHOUT ANY WARRANTY; without even the implied warranty of
+MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+General Public License for more details.
+
+You should have received a copy of the GNU General Public License
+along with GNU Classpath; see the file COPYING.  If not, write to the
+Free Software Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA
+02111-1307 USA.
+
+Linking this library statically or dynamically with other modules is
+making a combined work based on this library.  Thus, the terms and
+conditions of the GNU General Public License cover the whole
+combination.
+
+As a special exception, the copyright holders of this library give you
+permission to link this library with independent modules to produce an
+executable, regardless of the license terms of these independent
+modules, and to copy and distribute the resulting executable under
+terms of your choice, provided that you also meet, for each linked
+independent module, the terms and conditions of the license of that
+module.  An independent module is a module which is not derived from
+or based on this library.  If you modify this library, you may extend
+this exception to your version of the library, but you are not
+obligated to do so.  If you do not wish to do so, delete this
+exception statement from your version. */
+
+
+package gnu.java.lang;
+
+import java.io.Serializable;
+
+public abstract class PseudoEnum implements Comparable, Serializable
+{
+  private final int ordinal;
+  private final String name;
+  private final Class declaringClass;
+
+  protected PseudoEnum (final int ordinal, final String name,
+                        final Class declaringClass)
+  {
+    this.ordinal = ordinal;
+    this.name = name;
+    this.declaringClass = declaringClass;
+  }
+
+  public final int compareTo (Object o)
+  {
+    PseudoEnum that = (PseudoEnum) o;
+    if (ordinal < that.ordinal)
+      return -1;
+    if (ordinal > that.ordinal)
+      return 1;
+    return 0;
+  }
+
+  public final boolean equals (Object o)
+  {
+    return (this == o);
+  }
+
+  public final Class getDeclaringClass ()
+  {
+    return declaringClass;
+  }
+
+  public final int hashCode ()
+  {
+    return ordinal;
+  }
+
+  public final String name ()
+  {
+    return name;
+  }
+
+  public final int ordinal ()
+  {
+    return ordinal;
+  }
+
+  public String toString ()
+  {
+    return name;
+  }
+}
--- /dev/null	2005-09-12 21:58:38.000000000 -0700
+++ javax/net/ssl/CertPathTrustManagerParameters.java	2005-09-12 22:08:04.000000000 -0700
@@ -0,0 +1,74 @@
+/* CertPathTrustManagerParameters.java -- 
+   Copyright (C) 2005  Free Software Foundation, Inc.
+
+This file is a part of GNU Classpath.
+
+GNU Classpath is free software; you can redistribute it and/or modify
+it under the terms of the GNU General Public License as published by
+the Free Software Foundation; either version 2 of the License, or (at
+your option) any later version.
+
+GNU Classpath is distributed in the hope that it will be useful, but
+WITHOUT ANY WARRANTY; without even the implied warranty of
+MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+General Public License for more details.
+
+You should have received a copy of the GNU General Public License along
+with GNU Classpath; if not, write to the
+
+   Free Software Foundation, Inc.,
+   59 Temple Place, Suite 330,
+   Boston, MA  02111-1307
+   USA
+
+Linking this library statically or dynamically with other modules is
+making a combined work based on this library.  Thus, the terms and
+conditions of the GNU General Public License cover the whole
+combination.
+
+As a special exception, the copyright holders of this library give you
+permission to link this library with independent modules to produce an
+executable, regardless of the license terms of these independent
+modules, and to copy and distribute the resulting executable under terms
+of your choice, provided that you also meet, for each linked independent
+module, the terms and conditions of the license of that module.  An
+independent module is a module which is not derived from or based on
+this library.  If you modify this library, you may extend this exception
+to your version of the library, but you are not obligated to do so.  If
+you do not wish to do so, delete this exception statement from your
+version.  */
+
+
+package javax.net.ssl;
+
+import java.security.cert.CertPathParameters;
+
+/**
+ * Trust manager parameters for certification paths.
+ */
+public class CertPathTrustManagerParameters implements ManagerFactoryParameters
+{
+  private final CertPathParameters params;
+
+  /**
+   * Creates a new trust manager parameter instance. The argument is
+   * cloned to prevent modification of this instance.
+   *
+   * @param params The certificate path parameters.
+   * @throws NullPointerException If params is null.
+   */
+  public CertPathTrustManagerParameters (final CertPathParameters params)
+  {
+    this.params = (CertPathParameters) params.clone ();
+  }
+
+  /**
+   * Returns a copy of the certificate path parameters.
+   *
+   * @return A copy of the certificate path parameters.
+   */
+  public CertPathParameters getParameters ()
+  {
+    return (CertPathParameters) params.clone ();
+  }
+}
--- /dev/null	2005-09-12 21:58:38.000000000 -0700
+++ javax/net/ssl/KeyStoreBuilderParameters.java	2005-09-12 22:08:13.000000000 -0700
@@ -0,0 +1,51 @@
+/* KeyStoreBuilderParameters.java -- 
+   Copyright (C) 2005  Free Software Foundation, Inc.
+
+This file is a part of GNU Classpath.
+
+GNU Classpath is free software; you can redistribute it and/or modify
+it under the terms of the GNU General Public License as published by
+the Free Software Foundation; either version 2 of the License, or (at
+your option) any later version.
+
+GNU Classpath is distributed in the hope that it will be useful, but
+WITHOUT ANY WARRANTY; without even the implied warranty of
+MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+General Public License for more details.
+
+You should have received a copy of the GNU General Public License along
+with GNU Classpath; if not, write to the
+
+   Free Software Foundation, Inc.,
+   59 Temple Place, Suite 330,
+   Boston, MA  02111-1307
+   USA
+
+Linking this library statically or dynamically with other modules is
+making a combined work based on this library.  Thus, the terms and
+conditions of the GNU General Public License cover the whole
+combination.
+
+As a special exception, the copyright holders of this library give you
+permission to link this library with independent modules to produce an
+executable, regardless of the license terms of these independent
+modules, and to copy and distribute the resulting executable under terms
+of your choice, provided that you also meet, for each linked independent
+module, the terms and conditions of the license of that module.  An
+independent module is a module which is not derived from or based on
+this library.  If you modify this library, you may extend this exception
+to your version of the library, but you are not obligated to do so.  If
+you do not wish to do so, delete this exception statement from your
+version.  */
+
+
+package javax.net.ssl;
+
+/**
+ * <p style="color: red;"><b>FIXME</b> this class is currently a stub;
+ * it depends on an implementation of address@hidden
+ * java.security.KeyStore.Builder}</p>.
+ */
+public class KeyStoreBuilderParameters implements ManagerFactoryParameters
+{
+}
--- /dev/null	2005-09-12 21:58:38.000000000 -0700
+++ javax/net/ssl/SSLEngine.java	2005-06-29 21:40:02.000000000 -0700
@@ -0,0 +1,442 @@
+/* SSLEngine.java -- advanced, generic utility for manipulating SSL messages.
+   Copyright (C) 2005 Free Software Foundation, Inc.
+
+This file is part of GNU Classpath.
+
+GNU Classpath is free software; you can redistribute it and/or modify
+it under the terms of the GNU General Public License as published by
+the Free Software Foundation; either version 2, or (at your option)
+any later version.
+
+GNU Classpath is distributed in the hope that it will be useful, but
+WITHOUT ANY WARRANTY; without even the implied warranty of
+MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+General Public License for more details.
+
+You should have received a copy of the GNU General Public License
+along with GNU Classpath; see the file COPYING.  If not, write to the
+Free Software Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA
+02111-1307 USA.
+
+Linking this library statically or dynamically with other modules is
+making a combined work based on this library.  Thus, the terms and
+conditions of the GNU General Public License cover the whole
+combination.
+
+As a special exception, the copyright holders of this library give you
+permission to link this library with independent modules to produce an
+executable, regardless of the license terms of these independent
+modules, and to copy and distribute the resulting executable under
+terms of your choice, provided that you also meet, for each linked
+independent module, the terms and conditions of the license of that
+module.  An independent module is a module which is not derived from
+or based on this library.  If you modify this library, you may extend
+this exception to your version of the library, but you are not
+obligated to do so.  If you do not wish to do so, delete this
+exception statement from your version. */
+
+
+package javax.net.ssl;
+
+import java.nio.ByteBuffer;
+
+/**
+ * A class for low-level message wrapping and unwrapping of SSL
+ * messages.
+ *
+ * @author Casey Marshall (address@hidden)
+ * @since 1.5
+ */
+public abstract class SSLEngine
+{
+  private final String peerHost;
+  private final int peerPort;
+
+  /**
+   * Creates a new SSLEngine with no peer host name or port number.
+   */
+  protected SSLEngine ()
+  {
+    this (null, -1);
+  }
+
+  /**
+   * Creates a new SSLEngine with the specified peer host name and
+   * port number.
+   *
+   * @param peerHost The peer's host name.
+   * @param peerPort The peer's port number.
+   */
+  protected SSLEngine (String peerHost, int peerPort)
+  {
+    this.peerHost = peerHost;
+    this.peerPort = peerPort;
+  }
+
+
+
+  /**
+   * Begin, or restart, the SSL handshake.
+   *
+   * @throws SSLException
+   */
+  public abstract void beginHandshake () throws SSLException;
+
+  /**
+   * Close the inbound state.
+   *
+   * @throws SSLException
+   */
+  public abstract void closeInbound () throws SSLException;
+
+  /**
+   * Close the outbound state.
+   */
+  public abstract void closeOutbound ();
+
+  /**
+   *
+   */
+  public abstract Runnable getDelegatedTask ();
+
+  /**
+   * Returns the peer host name this SSL session is connected to, or
+   * <code>null</code> if this value was not set.
+   *
+   * @return The peer host's name.
+   */
+  public String getPeerHost ()
+  {
+    return peerHost;
+  }
+
+  /**
+   * Returns the peer IP port number this SSL session in communicating
+   * on, or -1 if this value was not set.
+   *
+   * @return The peer's port number.
+   */
+  public int getPeerPort ()
+  {
+    return peerPort;
+  }
+
+  /**
+   * Returns a list of SSL cipher suite names this SSLEngine is
+   * configured to use.
+   *
+   * @return The list of enabled cipher suite names.
+   */
+  public abstract String[] getEnabledCipherSuites();
+
+  /**
+   * Returns a list of SSL protocol version names this SSLEngine is
+   * configured to use.
+   *
+   * @return The list of enabled protocol names.
+   */
+  public abstract String[] getEnabledProtocols ();
+
+  /**
+   * Tells if sessions will be created by this engine, and therefore
+   * may be resumed at a later time.
+   *
+   * @return True if sessions will be created.
+   */
+  public abstract boolean getEnableSessionCreation();
+
+  /**
+   * Return the current handshake status.
+   *
+   * @return The current handshake status.
+   */
+  public abstract SSLEngineResult.HandshakeStatus getHandshakeStatus ();
+
+  /**
+   * Tells if this SSLEngine is configured to require client
+   * authentication when in server mode.
+   *
+   * @return True iff client authentication is required.
+   */
+  public abstract boolean getNeedClientAuth ();
+
+  /**
+   * Return the address@hidden SSLSession} object this connection represents.
+   *
+   * @return The SSL session.
+   */
+  public abstract SSLSession getSession ();
+
+  /**
+   * Returns a list of SSL cipher suite names this SSLEngine
+   * implementation supports.
+   *
+   * @return The list of cipher suite names supported by this
+   * implementation.
+   */
+  public abstract String[] getSupportedCipherSuites ();
+
+  /**
+   * Returns a list of SSL protocol version names this SSLEngine
+   * implementation supports. SSL protocol names include things like
+   * "SSLv3" or "TLSv1".
+   *
+   * @return The list of SSL protocol names
+   */
+  public abstract String[] getSupportedProtocols ();
+
+  /**
+   * Tells if this SSLEngine is a "client" session.
+   *
+   * @return True iff this session is configured for client mode.
+   */
+  public abstract boolean getUseClientMode ();
+
+  /**
+   * Tells if client authentication is requested, but not required,
+   * for sessions in server mode. If true, a server session will
+   * request an authentication message from connecting clients, but
+   * will still allow clients to connect if they cannot be
+   * authenticated.
+   *
+   * @return True iff client authentication is requested.
+   */
+  public abstract boolean getWantClientAuth ();
+
+  /**
+   * Tells if the incoming data stream is finished, and thus if no
+   * more data will be available to be unwrapped.
+   *
+   * @return True if no more data is to be unwrapped.
+   */
+  public abstract boolean isInboundDone ();
+
+  /**
+   * Tells if the outgoing data stream is finished, and thus if no
+   * more data may be wrapped.
+   *
+   * @return True if no more data may be wrapped.
+   */
+  public abstract boolean isOutboundDone ();
+
+  /**
+   * Sets the list of enabled cipher suites. The argument is an array
+   * of strings of the canonical suite names.
+   *
+   * @param suites The cipher suites to enable.
+   * @throws IllegalArgumentException If any of the specified suite
+   * strings is not supported by this implementation, or if the
+   * argument is null.
+   */
+  public abstract void setEnabledCipherSuites (String[] suites);
+
+  /**
+   * Sets the list of enabled protocol versions. The argument is an
+   * array of strings of the canonical protocol version names, such as
+   * "TLSv1".
+   *
+   * @param protocols The protocol versions to enable.
+   * @throws IllegalArgumentException If any of the specified
+   * protocols are not supported, or if the argument is null.
+   */
+  public abstract void setEnabledProtocols (String[] protocols);
+
+  /**
+   * Enables or disables session creation. If enabled, each connection
+   * will create session that may be resumed by another connection.
+   *
+   * @param create Whether or not to enable session creation.
+   */
+  public abstract void setEnableSessionCreation (boolean create);
+
+  /**
+   * Enables client or server mode. If the argument is true, this
+   * engine will run in client mode; if false, server mode.
+   *
+   * @param clientMode Whether or not to use client mode.
+   */
+  public abstract void setUseClientMode (boolean clientMode);
+
+  /**
+   * Enables or disables required client authentication. If enabled,
+   * clients may only connect if they provide proper identification.
+   *
+   * <p>This parameter is only used in server mode.
+   *
+   * @param needAuth Whether or not client authentication is required.
+   */
+  public abstract void setNeedClientAuth (boolean needAuth);
+
+  /**
+   * Enables or disables requested client authentication. If enabled,
+   * clients will be asked to provide proper identification, but will
+   * still be allowed to connect if they do not provide it.
+   *
+   * <p>This parameter is only used in server mode.
+   *
+   * @param wantAuth Whether or not client authentication will be
+   * requested, but not required.
+   */
+  public abstract void setWantClientAuth (boolean wantAuth);
+
+  /**
+   * Unwraps a byte buffer recieved from the network, storing the
+   * decrypted, unwrapped bytes into the given buffer.
+   *
+   * <p>This call is exactly equivalent to <code>unwrap (source, new
+   * ByteBuffer[] { sink }, 0, 1)</code>.
+   *
+   * @param source The source bytes, coming from the network.
+   * @param sink The buffer to hold the unwrapped message.
+   * @return An engine result object for the operation.
+   * @throws SSLException If an SSL message parsing error occurs.
+   * @throws java.nio.ReadOnlyBufferException If 'sink' is not
+   * writable.
+   * @throws IllegalArgumentException If either 'source' or 'sink' is
+   * null.
+   * @throws IllegalStateException If this engine has not been put
+   * into client or server mode.
+   */
+  public SSLEngineResult unwrap (ByteBuffer source, ByteBuffer sink)
+    throws SSLException
+  {
+    return unwrap (source, new ByteBuffer[] { sink }, 0, 1);
+  }
+
+  /**
+   * Unwraps a byte buffer recieved from the network, storing the
+   * decrypted, unwrapped bytes into the given buffers.
+   *
+   * <p>This call is exactly equivalent to <code>unwrap (source,
+   * sinks, 0, sinks.length)</code>.
+   *
+   * @param source The source bytes, coming from the network.
+   * @param sinks The buffers to hold the unwrapped message.
+   * @return An engine result object for the operation.
+   * @throws SSLException If an SSL message parsing error occurs.
+   * @throws java.nio.ReadOnlyBufferException If any buffer in 'sinks'
+   * is not writable.
+   * @throws IllegalArgumentException If either 'source' or 'sinks' is
+   * null.
+   * @throws IllegalStateException If this engine has not been put
+   * into client or server mode.
+   */
+  public SSLEngineResult unwrap (ByteBuffer source, ByteBuffer[] sinks)
+    throws SSLException
+  {
+    return unwrap (source, sinks, 0, sinks.length);
+  }
+
+  /**
+   * Unwraps a byte buffer received from the network, storing the
+   * decrypted, unwrapped bytes into the given buffers. After
+   * unwrapping, the bytes placed into the sink buffers are ready for
+   * consumption by the application.
+   *
+   * <p>This method may place no bytes in the destination buffer; for
+   * example, if this engine is still performing the SSL handshake,
+   * only handshake data will be consumed, and no application data.
+   *
+   * <p>It is stated that this method may modify the source buffer,
+   * and that it must not be passed to another SSLEngine (SSL
+   * connections are independent, so another SSLEngine will not have
+   * the parameters or state to handle messages meant for this
+   * engine).
+   *
+   * @param source The source bytes, coming from the network.
+   * @param sinks The buffers to hold the unwrapped message.
+   * @param offset The index of the first buffer in 'sinks' to use.
+   * @param length The number of buffers in 'sinks' to use.
+   * @return An engine result object for the operation.
+   * @throws SSLException If an SSL message parsing error occurs.
+   * @throws java.nio.ReadOnlyBufferException If any buffer in 'sinks'
+   * is not writable.
+   * @throws IllegalArgumentException If either 'source' or 'sinks' is
+   * null.
+   * @throws IllegalStateException If this engine has not been put
+   * into client or server mode.
+   * @throws IndexOutOfBoundsException If 'offset' or 'length' is
+   * negative, or if 'length+offset' is greater than 'sinks.length'.
+   */
+  public abstract SSLEngineResult unwrap (ByteBuffer source,
+					  ByteBuffer[] sinks, int offset,
+					  int length)
+    throws javax.net.ssl.SSLException;
+
+  /**
+   * Wraps a byte buffer into an SSL message, for preparation to send
+   * it over the network.
+   *
+   * <p>This method is exactly equivalent to <code>wrap (new
+   * ByteBuffer[] { source }, 0, 1, sink)</code>.
+   *
+   * @param source The source buffer with application data.
+   * @param sink The buffer to hold the wrapped data.
+   * @return An engine result object for the operation.
+   * @throws SSLException If an SSL error occurs.
+   * @throws java.nio.ReadOnlyBufferException If 'sink' is read-only.
+   * @throws IllegalArgumentException If either 'source' or 'sink' is
+   * null.
+   * @throws IllegalStateException If this engine has not been put
+   * into client or server mode.
+   */
+  public SSLEngineResult wrap (ByteBuffer source, ByteBuffer sink)
+    throws SSLException
+  {
+    return wrap (new ByteBuffer[] { source }, 0, 1, sink);
+  }
+
+  /**
+   * Wraps byte buffers into an SSL message, for preparation to send
+   * them over the network.
+   *
+   * <p>This method is exactly equivalent to <code>wrap (sources, 0,
+   * 1, sink)</code>.
+   *
+   * @param sources The source buffers with application data.
+   * @param sink The buffer to hold the wrapped data.
+   * @return An engine result object for the operation.
+   * @throws SSLException If an SSL error occurs.
+   * @throws java.nio.ReadOnlyBufferException If 'sink' is read-only.
+   * @throws IllegalArgumentException If either 'sources' or 'sink' is
+   * null.
+   * @throws IllegalStateException If this engine has not been put
+   * into client or server mode.
+   */
+  public SSLEngineResult wrap (ByteBuffer[] sources, ByteBuffer sink)
+    throws SSLException
+  {
+    return wrap (sources, 0, sources.length, sink);
+  }
+
+  /**
+   * Wraps byte buffers into an SSL message, for preparation to send
+   * them over the network. After wrapping, the data in the sink
+   * buffer is ready to be sent over the transport layer.
+   *
+   * <p>This method may consume no data from the source buffers, and
+   * yet still produce output that should be sent accross the wire;
+   * for example if this engine has not yet completed the SSL
+   * handshake, the sink buffer will be filled with handshake
+   * messages.
+   *
+   * @param sources The source buffers with application data.
+   * @param offset The offset into the source buffers to start reading
+   * application data.
+   * @param length The number of buffers to read from 'sources'.
+   * @param sink The buffer to hold the wrapped data.
+   * @return An engine result object for the operation.
+   * @throws SSLException If an SSL error occurs.
+   * @throws java.nio.ReadOnlyBufferException If 'sink' is read-only.
+   * @throws IllegalArgumentException If either 'sources' or 'sink' is
+   * null.
+   * @throws IllegalStateException If this engine has not been put
+   * into client or server mode.
+   * @throws IndexOutOfBoundsException If 'offset' or 'length' is
+   * negative, or if 'length+offset' is greater than 'sources.length'.
+   */
+  public abstract SSLEngineResult wrap (ByteBuffer[] sources, int offset,
+					int length, ByteBuffer sink)
+    throws SSLException;
+
+}
--- /dev/null	2005-09-12 21:58:38.000000000 -0700
+++ javax/net/ssl/SSLEngineResult.java	2005-09-12 22:08:47.000000000 -0700
@@ -0,0 +1,245 @@
+/* SSLEngineResult.java -- 
+   Copyright (C) 2005 Free Software Foundation, Inc.
+
+This file is part of GNU Classpath.
+
+GNU Classpath is free software; you can redistribute it and/or modify
+it under the terms of the GNU General Public License as published by
+the Free Software Foundation; either version 2, or (at your option)
+any later version.
+
+GNU Classpath is distributed in the hope that it will be useful, but
+WITHOUT ANY WARRANTY; without even the implied warranty of
+MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+General Public License for more details.
+
+You should have received a copy of the GNU General Public License
+along with GNU Classpath; see the file COPYING.  If not, write to the
+Free Software Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA
+02111-1307 USA.
+
+Linking this library statically or dynamically with other modules is
+making a combined work based on this library.  Thus, the terms and
+conditions of the GNU General Public License cover the whole
+combination.
+
+As a special exception, the copyright holders of this library give you
+permission to link this library with independent modules to produce an
+executable, regardless of the license terms of these independent
+modules, and to copy and distribute the resulting executable under
+terms of your choice, provided that you also meet, for each linked
+independent module, the terms and conditions of the license of that
+module.  An independent module is a module which is not derived from
+or based on this library.  If you modify this library, you may extend
+this exception to your version of the library, but you are not
+obligated to do so.  If you do not wish to do so, delete this
+exception statement from your version. */
+
+
+package javax.net.ssl;
+
+import gnu.java.lang.PseudoEnum;
+
+/**
+ * A result from an address@hidden SSLEngine} <code>wrap</code> or
+ * <code>unwrap</code> operation. This class conveys a possibly
+ * intermediate result, and may ask for more input data or request
+ * that output data be sent over a connection.
+ */
+public class SSLEngineResult
+{
+  private final HandshakeStatus handshakeStatus;
+  private final Status status;
+  private final int bytesConsumed;
+  private final int bytesProduced;
+
+  /**
+   * Creates a new SSL engine result.
+   *
+   * @param status The status of the SSL connection.
+   * @param handshakeStatus The status of the SSL handshake.
+   * @param bytesConsumed The number of bytes consumed by the previous
+   * operation.
+   * @param bytesProduced The number of bytes produced by the previous
+   * operation.
+   * @throws IllegalArgumentException If either enum value is
+   * <code>null</code>, or if either integer is negative.
+   */
+  public SSLEngineResult (Status status, HandshakeStatus handshakeStatus,
+			  int bytesConsumed, int bytesProduced)
+  {
+    if (status == null)
+      throw new IllegalArgumentException ("'status' may not be null");
+    if (handshakeStatus == null)
+      throw new IllegalArgumentException ("'handshakeStatus' may not be null");
+    if (bytesConsumed < 0)
+      throw new IllegalArgumentException ("'bytesConumed' must be nonnegative");
+    if (bytesProduced < 0)
+      throw new IllegalArgumentException ("'bytesProduced' must be nonnegative");
+    this.status = status;
+    this.handshakeStatus = handshakeStatus;
+    this.bytesConsumed = bytesConsumed;
+    this.bytesProduced = bytesProduced;
+  }
+
+
+
+  /**
+   * An enumeration of possible general states.
+   */
+  public static class Status extends PseudoEnum // FIXME ENUM 1.5
+  {
+
+    /**
+     * There were not enough input bytes available to complete the
+     * operation.
+     */
+    public static final Status BUFFER_UNDERFLOW = new Status (0, "BUFFER_UNDERFLOW");
+
+    /**
+     * There was not enough space for the output message.
+     */
+    public static final Status BUFFER_OVERFLOW = new Status (1, "BUFFER_OVERFLOW");
+
+    /**
+     * Okay. No error.
+     */
+    public static final Status OK = new Status (2, "OK");
+
+    /**
+     * The connection is closed.
+     */
+    public static final Status CLOSED = new Status (3, "CLOSED");
+
+    private Status (final int ordinal, final String name)
+    {
+      super (ordinal, name, Status.class);
+    }
+
+    public static Status[] values ()
+    {
+      return new Status[] { BUFFER_UNDERFLOW, BUFFER_OVERFLOW, OK, CLOSED };
+    }
+
+    public static Status valueOf (final String name)
+    {
+      if (name.equals ("BUFFER_UNDERFLOW"))
+	return BUFFER_UNDERFLOW;
+      if (name.equals ("BUFFER_OVERFLOW"))
+	return BUFFER_OVERFLOW;
+      if (name.equals ("OK"))
+	return OK;
+      if (name.equals ("CLOSED"))
+	return CLOSED;
+      throw new IllegalArgumentException (name);
+    }
+  }
+
+  /**
+   * An enumeration of possible handshake status states.
+   */
+  public static class HandshakeStatus extends PseudoEnum // FIXME ENUM 1.5
+  {
+
+    /**
+     * Not currently handshaking.
+     */
+    public static final HandshakeStatus NOT_HANDSHAKING = new HandshakeStatus (0, "NOT_HANDSHAKING");
+
+    /**
+     * The handshake is finished.
+     */
+    public static final HandshakeStatus FINISHED = new HandshakeStatus (1, "FINISHED");
+
+    /**
+     * Needs the status of one or more delegated tasks.
+     */
+    public static final HandshakeStatus NEED_TASK = new HandshakeStatus (2, "NEED_TASK");
+
+    /**
+     * Has data prepared for output, and needs a new call to
+     * <code>wrap</code>.
+     */
+    public static final HandshakeStatus NEED_WRAP = new HandshakeStatus (3, "NEED_WRAP");
+
+    /**
+     * Is waiting for more input.
+     */
+    public static final HandshakeStatus NEED_UNWRAP = new HandshakeStatus (4, "NEED_UNWRAP");
+
+    private HandshakeStatus (final int ordinal, final String name)
+    {
+      super (ordinal, name, HandshakeStatus.class);
+    }
+
+    public static HandshakeStatus[] values ()
+    {
+      return new HandshakeStatus[] { NOT_HANDSHAKING, FINISHED, NEED_TASK,
+				     NEED_WRAP, NEED_UNWRAP };
+    }
+
+    public static HandshakeStatus valueOf (final String name)
+    {
+      if (name.equals ("NOT_HANDSHAKING"))
+	return NOT_HANDSHAKING;
+      if (name.equals ("FINISHED"))
+	return FINISHED;
+      if (name.equals ("NEED_TASK"))
+	return NEED_TASK;
+      if (name.equals ("NEED_WRAP"))
+	return NEED_WRAP;
+      if (name.equals ("NEED_UNWRAP"))
+	return NEED_UNWRAP;
+      throw new IllegalArgumentException (name);
+    }
+  }
+
+
+
+  /**
+   * Returns the number of bytes consumed by the previous operation.
+   *
+   * @return The number of bytes consumed.
+   */
+  public int bytesConsumed ()
+  {
+    return bytesConsumed;
+  }
+
+  /**
+   * Returns the number of bytes produced by the previous operation.
+   *
+   * @return The number of bytes produced.
+   */
+  public int bytesProduced ()
+  {
+    return bytesProduced;
+  }
+
+  /**
+   * Returns the handshake status.
+   *
+   * @return The handshake status.
+   */
+  public HandshakeStatus getHandshakeStatus ()
+  {
+    return handshakeStatus;
+  }
+
+  /**
+   * Returns the connection status.
+   *
+   * @return The connection status.
+   */
+  public Status getStatus ()
+  {
+    return status;
+  }
+
+  public String toString ()
+  {
+    return (super.toString () + " [ status: " + status + "; handshakeStatus: "
+	    + handshakeStatus + "; bytesConsumed: " + bytesConsumed
+	    + "; bytesProduced: " + bytesProduced + " ]");
+  }
+}
--- /dev/null	2005-09-12 21:58:38.000000000 -0700
+++ javax/net/ssl/X509ExtendedKeyManager.java	2005-09-12 22:09:05.000000000 -0700
@@ -0,0 +1,99 @@
+/* X509ExtendedKeyManager.java -- 
+   Copyright (C) 2005  Free Software Foundation, Inc.
+
+This file is a part of GNU Classpath.
+
+GNU Classpath is free software; you can redistribute it and/or modify
+it under the terms of the GNU General Public License as published by
+the Free Software Foundation; either version 2 of the License, or (at
+your option) any later version.
+
+GNU Classpath is distributed in the hope that it will be useful, but
+WITHOUT ANY WARRANTY; without even the implied warranty of
+MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+General Public License for more details.
+
+You should have received a copy of the GNU General Public License along
+with GNU Classpath; if not, write to the
+
+   Free Software Foundation, Inc.,
+   59 Temple Place, Suite 330,
+   Boston, MA  02111-1307
+   USA
+
+Linking this library statically or dynamically with other modules is
+making a combined work based on this library.  Thus, the terms and
+conditions of the GNU General Public License cover the whole
+combination.
+
+As a special exception, the copyright holders of this library give you
+permission to link this library with independent modules to produce an
+executable, regardless of the license terms of these independent
+modules, and to copy and distribute the resulting executable under terms
+of your choice, provided that you also meet, for each linked independent
+module, the terms and conditions of the license of that module.  An
+independent module is a module which is not derived from or based on
+this library.  If you modify this library, you may extend this exception
+to your version of the library, but you are not obligated to do so.  If
+you do not wish to do so, delete this exception statement from your
+version.  */
+
+
+package javax.net.ssl;
+
+import java.security.Principal;
+
+/**
+ * An extended address@hidden X509KeyManager} for use with address@hidden SSLEngine}.
+ *
+ * @since 1.5
+ * @author Casey Marshall (address@hidden)
+ */
+public abstract class X509ExtendedKeyManager implements X509KeyManager
+{
+
+  /**
+   * Default constructor.
+   */
+  protected X509ExtendedKeyManager ()
+  {
+  }
+
+  /**
+   * Return a client alias given a list of key types, a list of
+   * allowable issuers, and the SSLEngine being used.
+   *
+   * <p>This implementation always returns <code>null</code>.
+   *
+   * @param keyTypes The list of desired key types.
+   * @param issuers The list of desired key issuers.
+   * @param engine This client's SSLEngine.
+   * @return A key alias that matches the given parameters, or
+   * <code>null</code> if the parameters were not matched.
+   */
+  public String chooseEngineClientAlias (final String[] keyTypes,
+                                         final Principal[] issuers,
+                                         final SSLEngine engine)
+  {
+    return null;
+  }
+
+  /**
+   * Return a server alias given a key type, a list of allowable
+   * issuers, and the SSLEngine being used.
+   *
+   * <p>This implementation always returns <code>null</code>.
+   *
+   * @param keyType The desired key type.
+   * @param issuers The list of desired key issuers.
+   * @param engine The server's SSLEngine.
+   * @return A key alias that matches the given parameters, or
+   * <code>null</code> if the parameters were not matched.
+   */
+  public String chooseEngineServerAlias (final String keyType,
+                                         final Principal[] issuers,
+                                         final SSLEngine engine)
+  {
+    return null;
+  }
+}