Cleanup the majority of the warnings in the gnu.java.security, java.security, javax.security and gnu.javax.security classes.

2015-03-11  Andrew John Hughes  <gnu_andrew@member.fsf.org>

	* configure.ac:
	(ECJ_WARNINGS): Turn off parameter assignment,
	autoboxing and overridding without a super method
	call warnings for now.
	* gnu/java/security/OID.java:
	(OID(int[],boolean)): Remove unnecessary cast on clone() call.
	(getIDs()): Likewise.
	(getDER()): Likewise.
	(clone()): Add @Override.
	(toString()): Add @Override. Remove unncessary else clause.
	(hashCode()): Add @Override.
	(equals(Object)): Likewise.
	(compareTo(OID)): Likewise.
	* gnu/java/security/PolicyFile.java:
	(getPermissions(CodeSource)): Add @Override.
	(refresh()): Likewise and on anonymous inner class run() method.
	(toString()): Add @Override.
	(parse(URL)): Throw exception if p is null, and suppress associated
	warning, as exception is thrown via error method. Add default
	empty case to switch method. Call error method with the exception,
	not the result of its toString() method. Remove unneeded else block.
	(expand(String)): Avoid shadowing the prop variable.
	(error(URL,StreamTokenizer,Throwable)): Add new variant that allows
	the cause to be included.
	* gnu/java/security/Properties.java:
	(init()): Avoid unnecessary casts.
	(handleBooleanProperty(String)): Make static.
	* gnu/java/security/action/GetPropertyAction.java:
	(run()): Add @Override.
	* gnu/java/security/action/GetSecurityPropertyAction.java:
	(run()): Add @Override.
	* gnu/java/security/ber/BERReader.java:
	(read()): Add @Override. Remove unnecessary else clause.
	* gnu/java/security/ber/BERValue.java:
	(getLength()): Add @Override.
	* gnu/java/security/der/BitString.java:
	(toByteArray()): Remove unnecessary cast on clone() call.
	(getShiftedByteArray()): Likewise.
	(toBooleanArray()): Likewise.
	(clone(): Add @Override.
	(hashCode()): Likewise.
	(equals(Object)): Likewise.
	(toString()): Likewise.
	* gnu/java/security/der/DERReader.java:
	(makeTime(int,byte[])): Make static. Mark fall-through
	cases in switch statement. Add default case which throws
	an exception.
	* gnu/java/security/der/DERValue.java:
	(DERValue(int,int,Object,byte[])): Remove unnecessary cast on clone() call.
	(getValueAs(int)): Avoid shadowing of encoded variable.
	(getEncoded()): Remove unnecessary cast on clone() call.
	(toString()): Add @Override.
	* gnu/java/security/hash/BaseHash.java:
	(name()): Add @Override.
	(hashSize()): Likewise.
	(blockSize()): Likewise.
	(update(byte)): Likewise.
	(update(byte[])): Likewise.
	(update(byte[],int,int)): Likewise.
	(digest()): Likewise.
	(reset()): Likewise.
	(clone()): Likewise.
	(selfTest()): Likewise.
	* gnu/java/security/hash/Haval.java:
	(Haval(Haval)): Remove unnecessary cast on clone() call.
	(clone()): Add @Override.
	(transform(byte[],int)): Likewise.
	(padBuffer()): Likewise.
	(getResult()): Likewise.
	(resetContext()): Likewise.
	(selfTest()): Likewise.
	(tailorDigestBits()): Add empty default case to switch statement.
	(FF5(int,int,int,int,int,int,int,int,int,int)): Make static.
	(f1(int,int,int,int,int,int,int)): Likewise.
	(f2(int,int,int,int,int,int,int)): Likewise.
	(f3(int,int,int,int,int,int,int)): Likewise.
	(f4(int,int,int,int,int,int,int)): Likewise.
	(f5(int,int,int,int,int,int,int)): Likewise.
	* gnu/java/security/hash/MD2.java:
	(MD2(MD2)): Remove unnecessary casts on clone() call.
	(clone()): Add @Override.
	(getResult()): Likewise.
	(resetContext()): Likewise.
	(selfTest())): Likewise.
	(padBuffer()): Likewise.
	(transform(byte[],int)): LIkewise.
	* gnu/java/security/hash/MD4.java:
	(MD4(MD4)): Remove unncessary casts on clone() call.
	(clone()): Add @Override.
	(getResult()): Likewise.
	(resetContext()): Likewise.
	(selfTest())): Likewise. Avoid shadowing d variable.
	(padBuffer()): Likewise.
	(transform(byte[],int)): LIkewise.
	* gnu/java/security/hash/MD5.java:
	(MD5(MD5)): Remove unnecessary casts on clone() call.
	(clone()): Add @Override.
	(transform(byte[],int)): LIkewise.
	(padBuffer()): Likewise.
	(getResult()): Likewise.
	(resetContext()): Likewise.
	(selfTest())): Likewise.
	* gnu/java/security/hash/RipeMD128.java:
	(RipeMD128(RipeMD128)): Remove unnecessary casts on clone() call.
	(clone()): Add @Override.
	(transform(byte[],int)): LIkewise.
	(padBuffer()): Likewise.
	(getResult()): Likewise.
	(resetContext()): Likewise.
	(selfTest())): Likewise.
	* gnu/java/security/hash/RipeMD160.java:
	(RipeMD160(RipeMD160)): Remove unnecessary casts on clone() call.
	(clone()): Add @Override.
	(transform(byte[],int)): LIkewise.
	(padBuffer()): Likewise.
	(getResult()): Likewise.
	(resetContext()): Likewise.
	(selfTest())): Likewise.
	* gnu/java/security/hash/Sha160.java:
	(Sha160(Sha160)): Remove unnecessary casts on clone() call.
	(clone()): Add @Override.
	(transform(byte[],int)): LIkewise.
	(padBuffer()): Likewise.
	(getResult()): Likewise.
	(resetContext()): Likewise.
	(selfTest())): Likewise.
	* gnu/java/security/hash/Sha256.java:
	(Sha256(Sha256)): Remove unnecessary casts on clone() call.
	(clone()): Add @Override.
	(transform(byte[],int)): LIkewise.
	(padBuffer()): Likewise.
	(getResult()): Likewise.
	(resetContext()): Likewise.
	(selfTest())): Likewise.
	* gnu/java/security/hash/Sha384.java:
	(Sha384(Sha384)): Remove unnecessary casts on clone() call.
	(clone()): Add @Override.
	(transform(byte[],int)): LIkewise.
	(padBuffer()): Likewise.
	(getResult()): Likewise.
	(resetContext()): Likewise.
	(selfTest())): Likewise.
	* gnu/java/security/hash/Sha512.java:
	(Sha512(Sha512)): Remove unnecessary casts on clone() call.
	(clone()): Add @Override.
	(transform(byte[],int)): LIkewise.
	(padBuffer()): Likewise.
	(getResult()): Likewise.
	(resetContext()): Likewise.
	(selfTest())): Likewise.
	* gnu/java/security/hash/Tiger.java:
	(Tiger(Tiger)): Remove unnecessary casts on clone() call.
	(clone()): Add @Override.
	(selfTest())): Likewise.
	(padBuffer()): Likewise.
	(getResult()): Likewise.
	(resetContext()): Likewise.
	(transform(byte[],int)): LIkewise.
	* gnu/java/security/hash/Whirlpool.java,
	(Whirlpool(Whirlpool)): Remove unnecessary casts on clone() call.
	(clone()): Add @Override.
	(transform(byte[],int)): LIkewise.
	(padBuffer()): Likewise.
	(getResult()): Likewise.
	(resetContext()): Likewise.
	(selfTest())): Likewise.
	* gnu/java/security/jce/hash/MessageDigestAdapter.java:
	(clone()): Add @Override.
	(engineGetDigestLength()): Likewise.
	(engineUpdate(byte)): Likewise.
	(engineUpdate(byte[],int,int)): Likewise.
	(engineDigest()): Likewise.
	(engineDigest(byte[],int,int)): Likewise.
	(engineReset()): Likewise.
	* gnu/java/security/jce/sig/DSSKeyPairGeneratorSpi.java:
	(initialize(int,SecureRandom)): Add @Override.
	(initialize(AlgorithmParameterSpec,SecureRandom)): Likewise.
	* gnu/java/security/jce/sig/DSSParametersGenerator.java:
	(engineInit(int,SecureRandom)): Add @Override.
	(engineInit(AlgorithmParameterSpec,SecureRandom)): Likewise.
	(engineGenerateParameters()): Likewise.
	* gnu/java/security/jce/sig/EncodedKeyFactory.java:
	(decodeDSSPublicKey(DSAPublicKeySpec)): Make static.
	(decodeRSAPublicKey(RSAPublicKeySpec)): Likewise.
	(decodeDHPublicKey(DHPublicKeySpec)): Likewise.
	(decodeDHPublicKey(byte[]]): Likewise.
	(decodeDSSPrivateKey(DSAPrivateKeySpec)): Likewise.
	(decodeRSAPrivateKey(RSAPrivateCrtKeySpec)): Likewise.
	(decodeDHPrivateKey(DHPrivateKeySpec)): Likewise.
	(decodeDHPrivateKey(byte[])): Likewise.
	* gnu/java/security/jce/sig/KeyPairGeneratorAdapter.java:
	(initialize(int,SecureRandom)): Add Override.
	(initialize(AlgorithmParameterSpec,SecureRandom)): Likewise.
	(generateKeyPair()): Likewise.
	(localiseName(String)): Uncomment conversion.
	* gnu/java/security/jce/sig/RSAKeyPairGeneratorSpi.java:
	(initialize(int,SecureRandom)): Add Override.
	(initialize(AlgorithmParameterSpec,SecureRandom)): Likewise.
	* gnu/java/security/jce/sig/SignatureAdapter.java:
	Drop unneeded import of BaseSignature.
	(clone()): Add @Override.
	(engineInitVerify(PublicKey)): Reference VERIFIER_KEY via
	interface ISignature where it is defined.
	(engineInitSign(PrivateKey)): Likewise for SIGNER_KEY.
	(engineInitSign(PrivateKey,SecureRandom)): Likewise for
	SIGNER_KEY and SOURCE_OF_RANDOMNESS.
	* gnu/java/security/key/KeyPairCodecFactory.java:
	(getInstance(String,int)): Add default case which returns null.
	(getInstance(Key)): Likewise and fix typo in documentation.
	* gnu/java/security/key/dss/DSSKey.java:
	(getParams()): Add @Override.
	(getAlgorithm()): Likewise.
	(getEncoded()): Likewise.
	(getFormat()): LIkewise.
	(equals(Object)): Likewise.
	(hashCode()): Add implementation using java.util.Objects.hash
	(toString()): Remove unneeded cast.
	* gnu/java/security/key/dss/DSSKeyPairGenerator.java:
	(setup(MAp)): Remove unnecessary else clause.
	(generate()): Remove left-over debug statement.
	* gnu/java/security/key/dss/DSSKeyPairRawCodec.java:
	(getFormatID()): Add @Override.
	(encodePublicKey(PublicKey)): Likewise.
	(decodePublicKey(byte[])): Likewise.
	(encodePrivateKey(PrivateKey)): Likewise.
	(decodePrivateKey(byte[])): Likewise.
	* gnu/java/security/key/dss/DSSKeyPairX509Codec.java:
	(getFormatID()): Add @Override.
	(encodePublicKey(PublicKey)): Likewise.
	(encodePrivateKey(PrivateKey)): Likewise.
	(decodePublicKey(byte[])): Likewise.
	(decodePrivateKey(byte[])): Likewise.
	* gnu/java/security/key/dss/DSSPrivateKey.java:
	Drop unneeded reference to PrivateKey.
	(getX()): Add @Override.
	(getEncoded(int)): Likewise.
	(equals(Object)): Likewise.
	(hashCode()): Implemented.
	(toString()): Add @Override and remove unneeded cast.
	* gnu/java/security/key/dss/DSSPublicKey.java:
	Drop unneeded reference to PublicKey.
	(getY()): Add @Override.
	(getEncoded(int)): Likewise.
	(equals(Object)): Likewise.
	(hashCode()): Implemented.
	(toString()): Add @Override and remove unneeded cast.
	* gnu/java/security/key/rsa/GnuRSAKey.java:
	(getModulus()): Add @Override.
	(getAlgorithm()): Likewise.
	(getEncoded()): Likewise.
	(getFormat()): Likewise.
	(equals(Object)): Likewise.
	(hashCode()): Implemented using java.util.Objects.hash
	(toString()): Add @Override and remove unneeded cast.
	* gnu/java/security/key/rsa/GnuRSAPrivateKey.java:
	Drop unneeded reference to PrivateKey.
	(getPrimeP()): Add @Override.
	(getPrimeQ()): Likewise.
	(getPrimeExponentP()): Likewise.
	(getPrimeExponentQ()): Likewise.
	(getCrtCoefficient()): Likewise.
	(getPrivateExponent()): Likewise.
	(getEncoded(int)): Likewise.
	(equals(Object)): Likewise.
	(hashCode()): Implemented using java.util.Objects.hash.
	(toString()): Add @Override and remove unneeded cast.
	* gnu/java/security/key/rsa/GnuRSAPublicKey.java:
	Drop unneeded reference to PublicKey.
	(getEncoded()): Add @Override.
	(equals(Object)): Likewise.
	(hashCode()): Implemented.
	(toString()): Add @Override and remove unneeded cast.
	* gnu/java/security/key/rsa/RSAKeyPairPKCS8Codec.java:
	(getFormatID()): Add @Override.
	(encodePublicKey(PublicKey)): Likewise.
	(encodePrivateKey(PrivateKey)): Likewise.
	(decodePublicKey(byte[])): Likewise.
	(decodePrivateKey(byte[])): Likewise.
	* gnu/java/security/key/rsa/RSAKeyPairRawCodec.java:
	(getFormatID()): Add @Override.
	(encodePublicKey(PublicKey)): Likewise.
	(decodePublicKey(byte[])): Likewise.
	(encodePrivateKey(PrivateKey)): Likewise.
	(decodePrivateKey(byte[])): Likewise.
	* gnu/java/security/pkcs/PKCS7SignedData.java:
	(PKCS7SignedData(BERReader)): Refer to constants by
	the interface where they are defined. Rename crls
	to avoid shadowing the class variable.
	* gnu/java/security/pkcs/SignerInfo.java:
	(SignerInfo(BERReader)): Refer to constants by the
	interface where they are defined.
	* gnu/java/security/prng/BasePRNG.java:
	(addRandomBytes(byte[])): Add @Override.
	(addRandomBytes(byte[],int,int)): Likewise. Rename
	buffer to buf to avoid shadowing.
	(clone()): Remove unnecessary cast and this references.
	* gnu/java/security/prng/MDGenerator.java:
	Remove unneeded reference to Cloneable.
	* gnu/java/security/prng/RandomEvent.java:
	(RandomEvent(Object,byte,byte,byte[])): Remove unnecessary cast.
	* gnu/java/security/provider/DefaultPolicy.java:
	(getPermissions(CodeSource)): Add @Override.
	(refresh()): Likewise.
	* gnu/java/security/provider/Gnu.java:
	(Gnu()): Add @Override to run implementation in anonymous inner
	class.
	* gnu/java/security/provider/PKIXCertPathValidatorImpl.java:
	(engineValidate(CertPath,CertPathParameters)): Add @Override. Remove
	unneeded cast and else clause.
	(checkExplicitPolicy(int,List)): Make static.
	* gnu/java/security/provider/X509CertificateFactory.java:
	(generateCert(InputStream)): Make static. Remove unnecessary
	else clause.
	(generateCRL(InputStream)): Likewise.
	* gnu/java/security/sig/SignatureCodecFactory.java:
	(getInstance(String,int)): Add default case to switch statement.
	* gnu/java/security/sig/dss/DSSSignature.java:
	(encodeSignature(BigInteger,BigInteger)): Make static.
	(decodeSignature(Object)): Likewise.
	* gnu/java/security/sig/dss/DSSSignatureRawCodec.java:
	(getFormatID()): Add @Override.
	(encodeSignature(Object)): Likewise.
	(decodeSignature(byte[])): Likewise.
	* gnu/java/security/sig/dss/DSSSignatureX509Codec.java:
	(getFormatID()): Add @Override.
	(encodeSignature(Object)): Likewise.
	(decodeSignature(byte[])): Likewise.
	* gnu/java/security/sig/rsa/EMSA_PKCS1_V1_5.java:
	(clone()): Add @Override.
	* gnu/java/security/sig/rsa/EMSA_PSS.java:
	(clone()): Add @Override.
	* gnu/java/security/sig/rsa/RSA.java:
	(RSADP(RSAPrivateKey, BigInteger)): Suppress null warning
	as r is always non-null if rsaBlinding is true.
	* gnu/java/security/sig/rsa/RSAPKCS1V1_5Signature.java:
	(clone()): Add @Override.
	(setupForVerification(PublicKey)): Likewise.
	(setupForSigning(PrivateKey)): Likewise.
	(generateSignature()): Likewise.
	(verifySignature(Object)): Likewise.
	* gnu/java/security/sig/rsa/RSAPKCS1V1_5SignatureRawCodec.java:
	(getFormatID()): Add @Override.
	(encodeSignature(Object)): Likewise.
	(decodeSignature(byte[])): Likewise.
	* gnu/java/security/sig/rsa/RSAPKCS1V1_5SignatureX509Codec.java:
	(getFormatID()): Add @Override.
	(encodeSignature(Object)): Likewise.
	(decodeSignature(byte[])): Likewise.
	* gnu/java/security/sig/rsa/RSAPSSSignature.java:
	(clone()): Add @Override.
	(setupForVerification(PublicKey)): Likewise. Remove unnecessary
	cast.
	(setupForSigning(PrivateKey)): Likewise.
	(generateSignature()): Add @Override.
	(verifySignature(Object)): Likewise.
	* gnu/java/security/sig/rsa/RSAPSSSignatureRawCodec.java:
	(getFormatID()): Add @Override.
	(encodeSignature(Object)): Likewise.
	(decodeSignature(byte[])): Likewise.
	* gnu/java/security/util/ByteArray.java:
	(toString()): Add @Override.
	* gnu/java/security/util/ByteBufferOutputStream.java:
	(toString()): Add @Override.
	* gnu/java/security/util/ExpirableObject.java:
	(destroy()): Add @Override.
	(Destroyer.run()): Likewise.
	* gnu/java/security/util/FormatUtil.java:
	(getEncodingName(int)): Add default case for switch statement.
	(getEncodingShortName(int)): Likewise.
	* gnu/java/security/util/Sequence.java:
	(size()): Add @Override.
	(toArray()): Likewise. Remove unnecessary cast.
	* gnu/java/security/util/SimpleList.java:
	(size()): Add @Override.
	(get(int)): Likewise.
	(toString()): Likewise.
	* gnu/java/security/util/Util.java:
	(toBase64(byte[])): Add default case to switch statement which
	does nothing. Remove unnecessary else clause.
	* gnu/java/security/x509/PolicyNodeImpl.java:
	(addExpectedPolicy(String)): Rename variable to expectedPolicy
	to avoid shadowing policy variable.
	(addAllPolicyQualifiers(Collection)): Rename variable to
	policyQualifiers to avoid shadowing qualifiers variable.
	Rewrite collection check to catch ClassCastException as,
	if it.next() returns normally, it will always be an instance
	of PolicyQualifierInfo.
	(toString()): Add @Override.
	* gnu/java/security/x509/X500DistinguishedName.java:
	(X500DistinguishedName(String)): Throw IOException rather
	than catching it as calling methods in X509CRLSelector
	implementations, addIssuerName(String), expect an
	IOException to be thrown if there is a parsing error.
	(getName()): Add @Override.
	(hashCode()): Likewise.
	(equals(Object)): Likewise.
	(toString()): Likewise.
	(getDer()): Remove unnecessary casts.
	(readAttributeType(Reader)): Make static.
	* gnu/java/security/x509/X509CRL.java:
	(equals(Object)): Add @Override.
	(hashCode()): Likewise.
	(getEncoded()): Remove unnecessary cast.
	(getIssuerX500Principal()): Add @Override.
	(getTBSCertList()): Remove unnecessary cast.
	(getSignature()): Likewise.
	(getSigAlgParams()): Likewise.
	(hasUnsupportedCriticalExtension()): Add @Override.
	(getCriticialExtensionOIDs()): Likewise.
	(getNonCriticalExtensionOIDs()): Likewise.
	(getExtensionValue(String)): Likewise.
	(isRevoked(Certificate)): Likewise. Remove unnecessary
	cast.
	(parse(InputStream)): Remove unnecessary cast.
	* gnu/java/security/x509/X509CRLEntry.java:
	(getEncoded()): Remove unncessary cast.
	(hasUnsupportedCriticalExtension()): Add @Override.
	(getCriticialExtensionOIDs()): Likewise.
	(getNonCriticalExtensionOIDs()): Likewise.
	(getExtensionValue(String)): Likewise.
	* gnu/java/security/x509/X509CRLSelectorImpl.java:
	(addIssuerName(String)): Throw IOException as specified.
	* gnu/java/security/x509/X509CertPath.java:
	(getCertificates()): Add @Override.
	(getEncoded()): Likewise. Remove unnecessary casts.
	(getEncodings()): Add @Override.
	(parse(InputStream, String)): Rename path to parsedPath
	to avoid shadowing.
	* gnu/java/security/x509/X509CertSelectorImpl.java:
	(addIssuerName(String)): Throw IOException as specified.
	* gnu/java/security/x509/X509Certificate.java:
	Remove unneeded Serializable reference.
	(checkValidity()): Add @Override.
	(checkValidity(Date)): Likewise.
	(getVersion()): Likewise.
	(getSerialNumber()): Likewise.
	(getIssuerDN()): Likewise.
	(getIssuerX500Principal()): Likewise.
	(getSubjectDN()): Likewise.
	(getSubjectX500Principal()): Likewise.
	(getNotBefore()): Likewise.
	(getNotAfter()): Likewise.
	(getTBSCertificate()): Likewise. Remove unnecessary cast.
	(getSignature()): Likewise.
	(getSigAlgName()): Add @Override.
	(getSigAlgOID()): Likewise.
	(getSigAlgParams()): Likewise. Remove unnecessary cast.
	(getIssuerUniqueID()): Add @Override.
	(getSubjectUniqueID()): Likewise.
	(getKeyUsage()): Likewise.
	(getExtendedKeyUsage()): Likewise.
	(getBasicConstraints()): Likewise.
	(getSubjectAlternativeNames()): Likewise. Make conversion
	from int to Integer explicit.
	(getIssuerAlternativeNames()): Likewise.
	(hasUnsupportedCriticalExtension()): Add @Override.
	(getCriticialExtensionOIDs()): Likewise.
	(getNonCriticalExtensionOIDs()): Likewise.
	(getExtensionValue(String)): Likewise.
	(getEncoded()): Likewise. Remove unnecessary cast.
	(verify(PublicKey)): Add @Override.
	(verify(PublicKey, String)): Likewise.
	(toString()): Likewise.
	(getPublicKey()): Likewise.
	(parse(InputStream)): Rename encoded to enc to avoid shadowing.
	Avoid unnecessary cast.
	* gnu/java/security/x509/ext/AuthorityKeyIdentifier.java:
	(toString()): Add @Override.
	* gnu/java/security/x509/ext/BasicConstraints.java:
	(getEncoded()): Add @Override. Remove unncessary casts.
	(toString()): Add @Override.
	* gnu/java/security/x509/ext/CRLNumber.java:
	(getEncoded()): Add @Override. Remove unncessary casts.
	(toString()): Add @Override.
	* gnu/java/security/x509/ext/CertificatePolicies.java:
	(CertificatePolicies(List,Map)): Swap empty for-loop
	for a while loop.
	(getEncoded()): Add @Override. Remove unnecessary cast.
	(toString()): Add @Override.
	* gnu/java/security/x509/ext/ExtendedKeyUsage.java:
	(toString()): Add @Override.
	* gnu/java/security/x509/ext/Extension.java:
	(Extension(byte[])): Remove unnecessary cast.
	(getEncoded()): Likewise.
	(toString()): Add @Override.
	(Value.Value(byte[])): Remove unnecessary cast.
	(Value.getEncoded()): Likewise.
	(hashCode()): Add @Override.
	(equals(Object)): Likewise.
	(toString()): Likewise.
	* gnu/java/security/x509/ext/GeneralName.java:
	(Kind.forTag(int)): Add default case.
	(Kind): Remove unnecessary ; on closing brace.
	(GeneralName(Kind,byte[])): Remove unnecessary cast.
	(name()): Likewise.
	(encoded()): Check for null rather than catching exception.
	Remove unnecessary cast.
	(equals(Object)): Add @Override. Avoid unnecessary method call.
	(hashCode()): Implemented using java.util.Objects.hash.
	(toString()): Add @Override.
	* gnu/java/security/x509/ext/GeneralNames.java:
	(toString()): Add @Override.
	* gnu/java/security/x509/ext/GeneralSubtree.java:
	(toString()): Add @Override.
	* gnu/java/security/x509/ext/IssuerAlternativeNames.java:
	(toString()): Add @Override.
	* gnu/java/security/x509/ext/KeyUsage.java:
	(toString()): Add @Override.
	* gnu/java/security/x509/ext/NameConstraints.java:
	(toString()): Add @Override.
	* gnu/java/security/x509/ext/PolicyConstraint.java:
	(toString()): Add @Override.
	* gnu/java/security/x509/ext/PolicyMappings.java:
	(toString()): Add @Override.
	* gnu/java/security/x509/ext/PrivateKeyUsagePeriod.java:
	(toString()): Add @Override.
	* gnu/java/security/x509/ext/ReasonCode.java:
	(toString()): Add @Override.
	* gnu/java/security/x509/ext/SubjectAlternativeNames.java:
	(toString()): Add @Override.
	* gnu/java/security/x509/ext/SubjectKeyIdentifier.java:
	(getKeyIdentifier()): Remove unnecessary cast.
	(toString()): Add @Override.
	* gnu/javax/security/auth/Password.java:
	(doDestroy): Add @Override. Remove unneeded else block.
	(isDestroyed): Add @Override.
	* gnu/javax/security/auth/callback/AWTCallbackHandler.java:
	(handleChoice(ChoiceCallback)): Add @Override.
	(handleConfirmation(ConfirmationCallback)): Likewise.
	(handleLanguage(LanguageCallback)): Likewise.
	(handleName(NameCallback)): Likewise.
	(handlePassword(PasswordCallback)): Likewise.
	(handleTextInput(TextInputCallback)): Likewise.
	(handleTextOutput(TextOutputCallback)): Likewise.
	(actionPerformed(ActionEvent)): Likewise.
	(windowClosing(WindowEvent)): Likewise.
	(windowOpened(WindowEvent)): Likewise.
	(windowClosed(WindowEvent)): Likewise.
	(windowIconified(WindowEvent)): Likewise.
	(windowDeiconified(WindowEvent)): Likewise.
	(windowActivated(WindowEvent)): Likewise.
	(windowDeactivated(WindowEvent)): Likewise.
	* gnu/javax/security/auth/callback/AbstractCallbackHandler.java:
	(AbstractCallbackHandler(String)): Reference getBundle by class
	where it is implemented (ResourceBundle).
	(handle(Callback[])): Add @Override.
	(handleChoice(ChoiceCallback)): Allow and document an
	UnsupportedCallbackException being thrown.
	(handleConfirmation(ConfirmationCallback)): Likewise.
	(handleLanguage(LanguageCallback)): Likewise.
	(handleName(NameCallback)): Likewise.
	(handlePassword(PasswordCallback)): Likewise.
	(handleTextInput(TextInputCallback)): Likewise.
	(handleTextOutput(TextOutputCallback)): Likewise.
	(handleOther(Callback)): Suppress warnings resulting from
	unused variables, unthrown exceptions and lack of IOException
	being thrown. They are necessary for subclasses.
	* gnu/javax/security/auth/callback/ConsoleCallbackHandler.java:
	(handleChoice(ChoiceCallback)): Add @Override. Drop unnecessary
	cast.
	(handleConfirmation(ConfirmationCallback)): Add @Override.
	(handleLanguage(LanguageCallback)): Likewise.
	(handleName(NameCallback)): Likewise.
	(handlePassword(PasswordCallback)): Likewise.
	(handleTextInput(TextInputCallback)): Likewise.
	(handleTextOutput(TextOutputCallback)): Likewise.
	* gnu/javax/security/auth/callback/DefaultCallbackHandler.java:
	(handleChoice(ChoiceCallback)): Add @Override.
	(handleConfirmation(ConfirmationCallback)): Likewise.
	(handleLanguage(LanguageCallback)): Likewise.
	(handleName(NameCallback)): Likewise.
	(handlePassword(PasswordCallback)): Likewise.
	(handleTextInput(TextInputCallback)): Likewise.
	(handleTextOutput(TextOutputCallback)): Likewise.
	* gnu/javax/security/auth/callback/GnuCallbacks.java:
	(GnuCallbacks()): Add @Override to run() implementation
	in anonymous inner class.
	* gnu/javax/security/auth/callback/SwingCallbackHandler.java:
	(handleChoice(ChoiceCallback)): Add @Override to method
	and methods of anonymous inner classes. Refer to
	constants using interface where they appear.
	(handleConfirmation(ConfirmationCallback)): Add @Override
	to method and methods of anonymous inner class. Declare
	UnsupportedCallbackException as thrown and add default
	cases and fall-through markers to switch statements.
	(handleLanguage(LanguageCallback)): Add @Override. Remove
	unused variable defaultIndex.
	(handleName(NameCallback)): Add @Override to method and
	method of anonymous inner class.
	(handlePassword(PasswordCallback)): Likewise.
	(handleTextInput(TextInputCallback)): Likewise. Refer to
	constants using interface where they appear.
	(handleTextOutput(TextOutputCallback)): Likewise. Declare
	UnsupportedCallbackException as thrown and add default
	case to switch statement.
	(waitForInput(JDialog, Callback)): Make static.
	* gnu/javax/security/auth/login/ConfigFileParser.java:
	(initParser(Reader)): Don't declare IOException as thrown
	as one is never thrown.
	(expandParamValue(String)): Make static.
	* gnu/javax/security/auth/login/GnuConfiguration.java:
	(getAppConfigurationEntry(String)): Add @Override.
	(refresh()): Likewise.
	(getInputStreamFromURL(String)): Make static.
	(parseConfig(InputStream)): Remove unneeded variable.
	(getUserName()): Make static.
	(getConfigFromUserName(File,String)): Likewise.
	* java/security/AccessControlContext.java:
	(equals(Object)): Add @Override.
	(hashCode()): Likewise.
	* java/security/AlgorithmParameters.java:
	(toString()): Add @Override.
	* java/security/AllPermission.java:
	(AllPermission(String,String)): Suppress
	warning about actions variable being unused.
	(implies(Permission)): Add @Override.
	(equals(Object)): Likewise.
	(hashCode()): Likewise.
	(getActions()): Likewise.
	(newPermissionCollection()): Likewise.
	(AllPermissionCollection()): Add public constructor
	to avoid generating a synthetic accessor method.
	* java/security/BasicPermission.java:
	Remove unneeded Serializable reference.
	(BasicPermission(String,String)): Suppress
	warnings about actions variable being unused.
	(getActions()): Add @Override.
	(newPermissionCollection()): Likewise.
	* java/security/Certificate.java:
	Mark with @Deprecated. Fix typo in documentation.
	* java/security/DigestInputStream.java:
	(read()): Add @Override.
	(read(byte[],int,int)): Likewise.
	(toString()): Likewise.
	* java/security/DigestOutputStream.java:
	(write(int)): Add @Override.
	(write(byte[],int,int)): Likewise.
	(toString()): Likewise.
	* java/security/DummyKeyPairGenerator.java:
	(clone()): Add @Override.
	(initialize(int,SecureRandom)): Likewise.
	(initialize(AlgorithmParameterSpec,SecureRandom)):
	Likewise.
	(generateKeyPair()): Likewise.
	* java/security/DummyMessageDigest.java:
	(clone()): Add @Override.
	(engineDigest()): Likewise.
	(engineDigest(byte[],int,int)): Likewise.
	(engineGetDigestLength()): Likewise.
	(engineReset()): Likewise.
	(engineUpdate(byte)): Likewise.
	(engineUpdate(byte[],int,int)): Likewise.
	* java/security/Identity.java:
	Mark as @Deprecated. Fix typo in documentation.
	(getName()): Add @Override.
	(equals(Object)): Likewise.
	(toString()): Likewise.
	(toString(boolean)): Remove unnecessary else clause.
	(hashCode()): Add @Override.
	* java/security/IdentityScope.java:
	Mark as @Deprecated.
	(toString()): Add @Override.
	* java/security/IntersectingDomainCombiner.java:
	(combine(ProtectionDomain[],ProtectionDomain[])):
	Add @Override.
	* java/security/KeyPairGenerator.java:
	(generateKeyPair()): Add @Override.
	* java/security/KeyPairGeneratorSpi.java:
	(initialize(AlgorithmParameterSpec,SecureRandom)):
	Suppress warning about making this method static.
	Intended to be overridden by subclasses.
	(clone()): Add @Override.
	* java/security/KeyStore.java:
	(getInstance(String,Provider)): Fix typo in documentation.
	(getDefaultType()): Add @Override to run() in anonymous
	inner class.
	* java/security/MessageDigest.java:
	(toString()): Add @Override.
	(clone()): Likewise.
	* java/security/MessageDigestSpi.java:
	(engineGetDigestLength()): Suppress warning about
	making this method static. Intended to be overridden
	by subclasses.
	(clone()): Add @Override.
	* java/security/Permission.java:
	(checkGuard(Object)): Add @Override.
	(equals(Object)): Likewise.
	(hashCode()): Likewise.
	(newPermissionCollection()): Likewise.
	(toString()): Likewise.
	* java/security/PermissionCollection.java:
	(toString()): Add @Override.
	* java/security/Permissions.java:
	Remove unneeded Serializable reference.
	(elements()): Add @Override to hasMoreElements
	and nextElement methods in anonymous inner class.
	(PermissionsHash.PermissionsHash()): Add explicit
	constructor to avoid a synthetic accessor method.
	(add(Permission)): Mark synchronized.
	(implies(Permission)): Likewise.
	* java/security/Policy.java:
	(implies(ProtectionDomain,Permission)): Remove
	unnecessary cast.
	* java/security/Principal.java:
	(equals(Object)): Add @Override.
	(toString()): Likewise.
	(hashCode()): Likewise.
	* java/security/PrivilegedActionException.java:
	(getCause()): Add @Override.
	(toString()): Removed; pointless as it just calls
	superclass version.
	* java/security/ProtectionDomain.java:
	(ProtectionDomain(CodeSource,PermissionCollection,
	ClassLoader,Principal[],boolean)): Remove unnecessary
	cast.
	(getPrincipals()): Add @Override.
	(toString()): Likewise.
	* java/security/Provider.java:
	Remove unneeded Serializable reference.
	(put(Object,Object)): Add @Override. Suppress warnings
	about overridding a synchronized method as all collection
	modifications are made in synchronized superclass method.
	(get(Object)): Likewise.
	(remove(Object)): Likewise.
	(clear()): Likewise.
	(toString()): Add @Override. Suppress warning about
	overridding a synchronized method as the collection isn't
	used.
	(toCanonicalKey(Object)): Make static.
	* java/security/SecureClassLoader.java:
	(getPermissions(CodeSource)): Suppress warning about
	making this method static; may potentially be overridden
	by subclasses. Avoid unnecessary variable policy.
	* java/security/SecureRandom.java:
	(setSeed(byte[])): Make synchronized to prevent
	concurrent access to secureRandomSpi.
	(setSeed(long)): Add @Override and make synchronized.
	(nextBytes(byte[])): Likewise.
	(next(int)): Likewise.
	(generateSeed(byte[])): Make synchronized.
	* java/security/Security.java:
	(getAlgorithmProperty(String,String)): Add @Deprecated.
	(getProvider(String)): Remove unnecessary else clause.
	(getAlgorithm(String)): Use provs instead of providers
	to avoid shadowing class variable.
	(provides(Provider,String,String,String,String)): Set
	serviceDotAlgorithm to the empty string to avoid null
	pointer issues.
	* java/security/SecurityPermission.java:
	(SecurityPermission(String,String)): Suppress warning
	due to nothing being done with actions.
	* java/security/Signature.java:
	(sign()): Remove unnecessary else clause.
	(sign(byte[],int,int)): Likewise.
	(verify(byte[])): Likewise.
	(toString()): Mark @Override.
	(setParameter(String,Object)): Add @Deprecated.
	(getParameter(String)): Likewise.
	(clone()): Add @Override.
	* java/security/SignatureSpi.java:
	(engineSetParameter(String,Object)): Add @Deprecated.
	(engineSetParameter(AlgorithmParameterSpec)): Suppress
	warnings about unused variables, unthrown exceptions and
	ability to be a static method. Subclasses override this.
	(engineGetParameters()): Suppress warnings about making
	this method static.
	(engineGetParameter(String)): Add @Deprecated.
	* java/security/SignedObject.java:
	(getSignature()): Remove unnecessary cast.
	(readObject(ObjectInputStream)): Likewise x 2.
	* java/security/Signer.java:
	Mark as @Deprecated.
	(toString()): Add @Override.
	* java/security/UnresolvedPermission.java:
	(getUnresolvedCerts()): Remove unnecessaary cast.
	(UnresolvedPermissionCollection.elements()):
	Add @Override to hasMoreElements and nextElement.
	* java/security/acl/Acl.java:
	(toString()): Add @Override.
	* java/security/acl/AclEntry.java:
	(setPrincipal(Principal)): Fix formatting of documentation.
	(addPermission(Permission)): Likewise.
	(removePermission(Permission)): Likewise.
	(checkPermission(Permission)): Likewise.
	(toString()): Add @Override.
	* java/security/acl/Permission.java:
	(equals(Object)): Add @Override.
	(toString()): Likewise.
	* java/security/cert/CRL.java:
	(toString()): Add @Override.
	* java/security/cert/CertPath.java:
	(equals(Object)): Add @Override.
	(hashCode()): Likewise.
	(toString()): Likewise.
	* java/security/cert/CertPathBuilderException.java:
	(CertPathBuilderException(Throwable)): Just call
	superclass constructor.
	(CertPathBuilderException(String,Throwable)): Likewise.
	(getMessage()): Removed; provided by superclass.
	(getCause()): Likewise.
	(toString()): Likewise.
	(printStackTrace()): Likewise.
	(printStackTrace(PrintStream)): Likewise.
	(printStackTrace(PrintWriter)): Likewise.
	* java/security/cert/CertPathValidatorException.java:
	(CertPathValidatorException(String,Throwable)): Just call
	superclass with both arguments, rather than initCause.
	(getMessage()): Removed; provided by superclass.
	(getCause()): Likewise.
	(toString()): Likewise.
	(printStackTrace()): Likewise.
	(printStackTrace(PrintStream)): Likewise.
	(printStackTrace(PrintWriter)): Likewise.
	* java/security/cert/CertStoreException.java:
	(CertStoreException(Throwable)): Just call superclass
	constructor.
	(CertStoreException(String,Throwable)): Likewise.
	(getMessage()): Removed; provided by superclass.
	(getCause()): Likewise.
	(toString()): Likewise.
	(printStackTrace()): Likewise.
	(printStackTrace(PrintStream)): Likewise.
	(printStackTrace(PrintWriter)): Likewise.
	* java/security/cert/CertStoreSpi.java:
	(CertStoreSpi(CertStoreParameters)): Suppress warnings
	about exception not being thrown. Present for subclasses.
	* java/security/cert/Certificate.java:
	(equals(Object)): Add @Override.
	(hashCode()): Likewise.
	(toString()): Likewise.
	* java/security/cert/CertificateFactorySpi.java:
	(engineGenerateCertPath(InputStream)): Suppress warnings
	about unused arguments, exceptions not being thrown and
	method can be static. Provided for subclass implementations.
	(engineGenerateCertPath(InputStream,String)): Likewise.
	(engineGenerateCertPath(List)): Likewise.
	(engineGetCertPathEncodings()): Likewise.
	* java/security/cert/CollectionCertStoreParameters.java:
	(toString()): Add @Override.
	* java/security/cert/LDAPCertStoreParameters.java:
	(clone()): Add @Override.
	(toString()): Likewise.
	* java/security/cert/PKIXBuilderParameters.java:
	(toString()): Likewise.
	* java/security/cert/PKIXCertPathBuilderResult.java:
	(getCertPath()): Add @Override.
	(toString()): Likewise.
	* java/security/cert/PKIXCertPathChecker.java:
	(clone()): Add @Override.
	* java/security/cert/PKIXCertPathValidatorResult.java:
	(clone()): Add @Override.
	(toString()): Likewise.
	* java/security/cert/PKIXParameters.java:
	(clone()): Add @Overrride.
	(toString()): Likewise.
	* java/security/cert/PolicyQualifierInfo.java:
	(PolicyQualifierInfo(byte[])): Remove unnecessary cast.
	(getEncoded()): Likewise.
	(toString()): Add @Override.
	* java/security/cert/TrustAnchor.java:
	(TrustAnchor(X509Certificate,byte[])): Remove unnecessary cast.
	(TrustAnchor(String,PublicKey,byte[])): Document exceptions.
	Catch IOException and throw as IllegalArgumentException.
	Remove unnecessary casts.
	(toString()): Add @Override.
	* java/security/cert/X509CRL.java:
	(equals(Object)): Add @Override.
	(hashCode()): Likewise.
	(getIssuerX500Principal()): Suppress warning about making this
	static. Should be overridden by subclasses.
	* java/security/cert/X509CRLEntry.java:
	(equals(Object):: Add @Override.
	(hashCode()): Likewise.
	(toString()): Likewise.
	* java/security/cert/X509CRLSelector.java:
	Remove unneeded Cloneable reference.
	(getIssuerNames()): Remove unneeded else block.
	(toString()): Add @Override.
	(match(CRL)): Likewise.
	(clone()): LIkewise.
	* java/security/cert/X509CertSelector.java:
	Remove unneeded Cloneable reference.
	(makeName(int,String)): Re-use earlier result of Kind.forTag(id).
	Add default case.
	(clone()): Add @Override.
	(getAuthorityKeyIdentifier()): Remove unneeded else block
	and cast.
	(getCertificateValid()): Remove unneeded else block.
	(getExtendedKeyUsage()): Likewise.
	(getIssuerAsBytes()): Likewise.
	(getIssuerAsString()): Likewise.
	(getKeyUsage()): Likewise and remove unneeded cast.
	(getNameConstraints()): Likewise.
	(getPathToNames()): Explicitly convert int to Integer.
	(getPrivateKeyValid()): Suppress static method warning.
	Method is deliberately useless.
	(getSubjectAlternativeNames()): Explicitly convert int to
	Integer.
	(getSubjectAsBytes()): Remove unneeded else block.
	(getSubjectAsString()): Likewise.
	(getSubjectKeyIdentifier()): Likewise and remove unneeded
	cast.
	(match(Certificate)): Add @Override. Rename cert to other
	to avoid shadowing.
	(setNameConstraints(byte[])): Remove unnecessary cast.
	Suppress warnings about NameConstraints instance being unused.
	(setPrivateKeyValid()): Suppress unused variable warning.
	Method is deliberately useless.
	(setSubjectPublicKey(PublicKey)): Remove unneeded cast.
	(toString()): Add @Override.
	* java/security/cert/X509Certificate.java:
	(getExtendedKeyUsage()): Suppress unthrown exception warning
	and static method suggestion. Overridden by subclasses.
	(getSubjectAlternativeNames()): Likewise.
	(getIssuerAlternativeNames()): Likewise.
	(getSubjectX500Principal()): Suppress static method suggestion.
	Overridden by subclasses.
	(getIssuerX500Principal()): Likewise.
	* java/security/spec/DSAParameterSpec.java:
	(getP()): Add @Override.
	(getQ()): Likewise.
	(getG()): Likewise.
	* java/security/spec/PKCS8EncodedKeySpec.java:
	(getEncoded()): Add @Override.
	(getFormat()): Likewise.
	* java/security/spec/RSAMultiPrimePrivateCrtKeySpec.java:
	(RSAMultiPrimePrivateCrtKeySpec(BigInteger,BigInteger,BigInteger,
	BigInteger,BigInteger,BigInteger,BigInteger,BigInteger,
	RSAOtherPrimeInfo[])): Remove unneeded else block.
	* java/security/spec/X509EncodedKeySpec.java:
	(getEncoded()): Add @Override.
	(getFormat()): Likewise.
	* javax/security/auth/Policy.java:
	Add @Deprecated.
	* javax/security/auth/PrivateCredentialPermission.java:
	Remove unneeded Serializable reference.
	(equals(Object)): Add @Override. Rename principals to
	thisPrincipals to avoid shadowing.
	(getActions()): Add @Override.
	(hashCode()): Likewise.
	(implies(Permission)): Likewise. Rename principals to
	thisPrincipals to avoid shadowing.
	(newPermissionCollection()): Add @Override to method
	and anonymous inner class implementations of equals(Object) &
	hashCode().
	* javax/security/auth/SubjectDomainCombiner.java:
	(combine(ProtectionDomain[],ProtectionDomain[])): Add @Override.
	* javax/security/auth/callback/ConfirmationCallback.java:
	(setOptions(String[],int)): Move reference to options.length to
	after options null check.
	* javax/security/auth/kerberos/KerberosKey.java:
	Remove unneeded Serializable reference.
	(getAlgorithm()): Add @Override.
	(getFormat()): Likewise.
	(getEncoded()): Likewise and remove unnecessary cast.
	(destroy()): Add @Override.
	(isDestroyed()): Likewise.
	(toString()): Likewise.
	* javax/security/auth/kerberos/KerberosPrincipal.java:
	(getName()): Add @Override.
	(hashCode()): Likewise.
	(equals(Object)): Likewise.
	(toString()): Likewise.
	* javax/security/auth/kerberos/KerberosTicket.java:
	(asn1Encoding): Remove @SuppressWarnings.
	(KerberosTicket(byte[],KerberosPrincipal,KerberosPrincipal,
	byte[],int,boolean[],Date,Date,Date,Date,InetAddress[])):
	Remove unnecessary cast. Remove duplicate assignment to flags.
	(destroy()): Add @Override.
	(isDestroyed()): Likewise.
	(isCurrent()): Likewise.
	(refresh()): Likewise.
	(getFlags()): Remove unnecessary cast.
	(getEncoded()): Likewise.
	(toString()): Add @Override.
	* javax/security/auth/kerberos/KeyImpl.java:
	Remove unneeded Serializable reference.
	(KeyImpl(byte[],int)): Remove unnecessary cast.
	(getAlgorithm()): Add @Override.
	(getEncoded()): Likewise.
	(getFormat()): Likewise.
	(toString()): Likewise.
	* javax/security/auth/login/AppConfigurationEntry.java:
	(toString()): Add @Override.
	(LoginModuleControlFlag.toString()): Likewise.
	* javax/security/auth/login/Configuration.java:
	(getConfig()): Use GetSecurityPropertyAction rather than
	a bespoke PrivilegedAction implementation.
	* javax/security/auth/login/LoginContext.java:
	(LoginContext(String,Subject,CallbackHandler,Configuration)):
	Rename entries to appEntries to avoid shadowing.
	(lookupModule(AppConfigurationEntry,Subject,Map)): Rename
	subject to subj to avoid shadowing. Check module is null
	rather than cause is non-null.
	* javax/security/auth/login/NullConfiguration.java:
	(getAppConfigurationEntry(String)): Add @Override.
	(refresh()): Likewise.
	* javax/security/auth/x500/X500Principal.java:
	(hashCode()): Add @Override.
	(equals(Object)): Likewise.
	(getEncoded()): Remove unnecessary cast.
	(getName()): Add @Override.
	(toString()): Likewise.
	(readAttributeType(Reader)): Make static.
	(parseDer(InputStream)): Rename encoded to encodedStream to
	avoid shadowing.
	* javax/security/auth/x500/X500PrivateCredential.java:
	(destroy()): Add @Override.
	(isDestroyed()): Likewise.
	* javax/security/cert/Certificate.java:
	(equals(Object)): Add @Override.
	(hashCode()): Likewise.
	(toString()): Likewise.
	* javax/security/cert/X509CertBridge.java:
	(getEncoded()): Add @Override.
	(verify(PublicKey)): Likewise.
	(verify(PublicKey,String)): Likewise.
	(toString()): Likewise.
	(getPublicKey()): Likewise.
	(checkValidity()): Likewise.
	(checkValidity(Date)): Likewise.
	(getVersion()): Likewise.
	(getSerialNumber()): Likewise.
	(getIssuerDN()): Likewise.
	(getSubjectDN()): Likewise.
	(getNotBefore()): Likewise.
	(getNotAfter()): Likewise.
	(getSigAlgName()): Likewise.
	(getSigAlgOID()): Likewise.
	(getSigAlgParams()): Likewise.
	* javax/security/sasl/Sasl.java:
	(createSaslClient(String[],String,String,String,Map,CallbackHandler)):
	Remove unnecessary else clause and pointless result assignment.
	(createSaslServer(String,String,String,Map,CallbackHandler)): Likewise.
	* javax/security/sasl/SaslException.java:
	Remove unneeded Serializable reference.
	(SaslException(String,Throwable)): Add cause to superclass call.
	(getCause()): Add @Override.
	(printStackTrace()): Removed; provided by superclass.
	(printStackTrace(PrintStream)): Likewise.
	(printStackTrace(PrintWriter)): Likewise.
	(initCause(Throwable)): Call superclass version, then sync the
	local copy.
	(toString()): Add @Override.

188 files changed, 2349 insertions, 895 deletions

diff --git a/ChangeLog b/ChangeLog
index 0484be28d..80c70654f 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,3 +1,1050 @@
+2015-03-11  Andrew John Hughes  <gnu_andrew@member.fsf.org>
+
+	* configure.ac:
+	(ECJ_WARNINGS): Turn off parameter assignment,
+	autoboxing and overridding without a super method
+	call warnings for now.
+	* gnu/java/security/OID.java:
+	(OID(int[],boolean)): Remove unnecessary cast on clone() call.
+	(getIDs()): Likewise.
+	(getDER()): Likewise.
+	(clone()): Add @Override.
+	(toString()): Add @Override. Remove unncessary else clause.
+	(hashCode()): Add @Override.
+	(equals(Object)): Likewise.
+	(compareTo(OID)): Likewise.
+	* gnu/java/security/PolicyFile.java:
+	(getPermissions(CodeSource)): Add @Override.
+	(refresh()): Likewise and on anonymous inner class run() method.
+	(toString()): Add @Override.
+	(parse(URL)): Throw exception if p is null, and suppress associated
+	warning, as exception is thrown via error method. Add default
+	empty case to switch method. Call error method with the exception,
+	not the result of its toString() method. Remove unneeded else block.
+	(expand(String)): Avoid shadowing the prop variable.
+	(error(URL,StreamTokenizer,Throwable)): Add new variant that allows
+	the cause to be included.
+	* gnu/java/security/Properties.java:
+	(init()): Avoid unnecessary casts.
+	(handleBooleanProperty(String)): Make static.
+	* gnu/java/security/action/GetPropertyAction.java:
+	(run()): Add @Override.
+	* gnu/java/security/action/GetSecurityPropertyAction.java:
+	(run()): Add @Override.
+	* gnu/java/security/ber/BERReader.java:
+	(read()): Add @Override. Remove unnecessary else clause.
+	* gnu/java/security/ber/BERValue.java:
+	(getLength()): Add @Override.
+	* gnu/java/security/der/BitString.java:
+	(toByteArray()): Remove unnecessary cast on clone() call.
+	(getShiftedByteArray()): Likewise.
+	(toBooleanArray()): Likewise.
+	(clone(): Add @Override.
+	(hashCode()): Likewise.
+	(equals(Object)): Likewise.
+	(toString()): Likewise.
+	* gnu/java/security/der/DERReader.java:
+	(makeTime(int,byte[])): Make static. Mark fall-through
+	cases in switch statement. Add default case which throws
+	an exception.
+	* gnu/java/security/der/DERValue.java:
+	(DERValue(int,int,Object,byte[])): Remove unnecessary cast on clone() call.
+	(getValueAs(int)): Avoid shadowing of encoded variable.
+	(getEncoded()): Remove unnecessary cast on clone() call.
+	(toString()): Add @Override.
+	* gnu/java/security/hash/BaseHash.java:
+	(name()): Add @Override.
+	(hashSize()): Likewise.
+	(blockSize()): Likewise.
+	(update(byte)): Likewise.
+	(update(byte[])): Likewise.
+	(update(byte[],int,int)): Likewise.
+	(digest()): Likewise.
+	(reset()): Likewise.
+	(clone()): Likewise.
+	(selfTest()): Likewise.
+	* gnu/java/security/hash/Haval.java:
+	(Haval(Haval)): Remove unnecessary cast on clone() call.
+	(clone()): Add @Override.
+	(transform(byte[],int)): Likewise.
+	(padBuffer()): Likewise.
+	(getResult()): Likewise.
+	(resetContext()): Likewise.
+	(selfTest()): Likewise.
+	(tailorDigestBits()): Add empty default case to switch statement.
+	(FF5(int,int,int,int,int,int,int,int,int,int)): Make static.
+	(f1(int,int,int,int,int,int,int)): Likewise.
+	(f2(int,int,int,int,int,int,int)): Likewise.
+	(f3(int,int,int,int,int,int,int)): Likewise.
+	(f4(int,int,int,int,int,int,int)): Likewise.
+	(f5(int,int,int,int,int,int,int)): Likewise.
+	* gnu/java/security/hash/MD2.java:
+	(MD2(MD2)): Remove unnecessary casts on clone() call.
+	(clone()): Add @Override.
+	(getResult()): Likewise.
+	(resetContext()): Likewise.
+	(selfTest())): Likewise.
+	(padBuffer()): Likewise.
+	(transform(byte[],int)): LIkewise.
+	* gnu/java/security/hash/MD4.java:
+	(MD4(MD4)): Remove unncessary casts on clone() call.
+	(clone()): Add @Override.
+	(getResult()): Likewise.
+	(resetContext()): Likewise.
+	(selfTest())): Likewise. Avoid shadowing d variable.
+	(padBuffer()): Likewise.
+	(transform(byte[],int)): LIkewise.
+	* gnu/java/security/hash/MD5.java:
+	(MD5(MD5)): Remove unnecessary casts on clone() call.
+	(clone()): Add @Override.
+	(transform(byte[],int)): LIkewise.
+	(padBuffer()): Likewise.
+	(getResult()): Likewise.
+	(resetContext()): Likewise.
+	(selfTest())): Likewise.
+	* gnu/java/security/hash/RipeMD128.java:
+	(RipeMD128(RipeMD128)): Remove unnecessary casts on clone() call.
+	(clone()): Add @Override.
+	(transform(byte[],int)): LIkewise.
+	(padBuffer()): Likewise.
+	(getResult()): Likewise.
+	(resetContext()): Likewise.
+	(selfTest())): Likewise.
+	* gnu/java/security/hash/RipeMD160.java:
+	(RipeMD160(RipeMD160)): Remove unnecessary casts on clone() call.
+	(clone()): Add @Override.
+	(transform(byte[],int)): LIkewise.
+	(padBuffer()): Likewise.
+	(getResult()): Likewise.
+	(resetContext()): Likewise.
+	(selfTest())): Likewise.
+	* gnu/java/security/hash/Sha160.java:
+	(Sha160(Sha160)): Remove unnecessary casts on clone() call.
+	(clone()): Add @Override.
+	(transform(byte[],int)): LIkewise.
+	(padBuffer()): Likewise.
+	(getResult()): Likewise.
+	(resetContext()): Likewise.
+	(selfTest())): Likewise.
+	* gnu/java/security/hash/Sha256.java:
+	(Sha256(Sha256)): Remove unnecessary casts on clone() call.
+	(clone()): Add @Override.
+	(transform(byte[],int)): LIkewise.
+	(padBuffer()): Likewise.
+	(getResult()): Likewise.
+	(resetContext()): Likewise.
+	(selfTest())): Likewise.
+	* gnu/java/security/hash/Sha384.java:
+	(Sha384(Sha384)): Remove unnecessary casts on clone() call.
+	(clone()): Add @Override.
+	(transform(byte[],int)): LIkewise.
+	(padBuffer()): Likewise.
+	(getResult()): Likewise.
+	(resetContext()): Likewise.
+	(selfTest())): Likewise.
+	* gnu/java/security/hash/Sha512.java:
+	(Sha512(Sha512)): Remove unnecessary casts on clone() call.
+	(clone()): Add @Override.
+	(transform(byte[],int)): LIkewise.
+	(padBuffer()): Likewise.
+	(getResult()): Likewise.
+	(resetContext()): Likewise.
+	(selfTest())): Likewise.
+	* gnu/java/security/hash/Tiger.java:
+	(Tiger(Tiger)): Remove unnecessary casts on clone() call.
+	(clone()): Add @Override.
+	(selfTest())): Likewise.
+	(padBuffer()): Likewise.
+	(getResult()): Likewise.
+	(resetContext()): Likewise.
+	(transform(byte[],int)): LIkewise.
+	* gnu/java/security/hash/Whirlpool.java,
+	(Whirlpool(Whirlpool)): Remove unnecessary casts on clone() call.
+	(clone()): Add @Override.
+	(transform(byte[],int)): LIkewise.
+	(padBuffer()): Likewise.
+	(getResult()): Likewise.
+	(resetContext()): Likewise.
+	(selfTest())): Likewise.
+	* gnu/java/security/jce/hash/MessageDigestAdapter.java:
+	(clone()): Add @Override.
+	(engineGetDigestLength()): Likewise.
+	(engineUpdate(byte)): Likewise.
+	(engineUpdate(byte[],int,int)): Likewise.
+	(engineDigest()): Likewise.
+	(engineDigest(byte[],int,int)): Likewise.
+	(engineReset()): Likewise.
+	* gnu/java/security/jce/sig/DSSKeyPairGeneratorSpi.java:
+	(initialize(int,SecureRandom)): Add @Override.
+	(initialize(AlgorithmParameterSpec,SecureRandom)): Likewise.
+	* gnu/java/security/jce/sig/DSSParametersGenerator.java:
+	(engineInit(int,SecureRandom)): Add @Override.
+	(engineInit(AlgorithmParameterSpec,SecureRandom)): Likewise.
+	(engineGenerateParameters()): Likewise.
+	* gnu/java/security/jce/sig/EncodedKeyFactory.java:
+	(decodeDSSPublicKey(DSAPublicKeySpec)): Make static.
+	(decodeRSAPublicKey(RSAPublicKeySpec)): Likewise.
+	(decodeDHPublicKey(DHPublicKeySpec)): Likewise.
+	(decodeDHPublicKey(byte[]]): Likewise.
+	(decodeDSSPrivateKey(DSAPrivateKeySpec)): Likewise.
+	(decodeRSAPrivateKey(RSAPrivateCrtKeySpec)): Likewise.
+	(decodeDHPrivateKey(DHPrivateKeySpec)): Likewise.
+	(decodeDHPrivateKey(byte[])): Likewise.
+	* gnu/java/security/jce/sig/KeyPairGeneratorAdapter.java:
+	(initialize(int,SecureRandom)): Add Override.
+	(initialize(AlgorithmParameterSpec,SecureRandom)): Likewise.
+	(generateKeyPair()): Likewise.
+	(localiseName(String)): Uncomment conversion.
+	* gnu/java/security/jce/sig/RSAKeyPairGeneratorSpi.java:
+	(initialize(int,SecureRandom)): Add Override.
+	(initialize(AlgorithmParameterSpec,SecureRandom)): Likewise.
+	* gnu/java/security/jce/sig/SignatureAdapter.java:
+	Drop unneeded import of BaseSignature.
+	(clone()): Add @Override.
+	(engineInitVerify(PublicKey)): Reference VERIFIER_KEY via
+	interface ISignature where it is defined.
+	(engineInitSign(PrivateKey)): Likewise for SIGNER_KEY.
+	(engineInitSign(PrivateKey,SecureRandom)): Likewise for
+	SIGNER_KEY and SOURCE_OF_RANDOMNESS.
+	* gnu/java/security/key/KeyPairCodecFactory.java:
+	(getInstance(String,int)): Add default case which returns null.
+	(getInstance(Key)): Likewise and fix typo in documentation.
+	* gnu/java/security/key/dss/DSSKey.java:
+	(getParams()): Add @Override.
+	(getAlgorithm()): Likewise.
+	(getEncoded()): Likewise.
+	(getFormat()): LIkewise.
+	(equals(Object)): Likewise.
+	(hashCode()): Add implementation using java.util.Objects.hash
+	(toString()): Remove unneeded cast.
+	* gnu/java/security/key/dss/DSSKeyPairGenerator.java:
+	(setup(MAp)): Remove unnecessary else clause.
+	(generate()): Remove left-over debug statement.
+	* gnu/java/security/key/dss/DSSKeyPairRawCodec.java:
+	(getFormatID()): Add @Override.
+	(encodePublicKey(PublicKey)): Likewise.
+	(decodePublicKey(byte[])): Likewise.
+	(encodePrivateKey(PrivateKey)): Likewise.
+	(decodePrivateKey(byte[])): Likewise.
+	* gnu/java/security/key/dss/DSSKeyPairX509Codec.java:
+	(getFormatID()): Add @Override.
+	(encodePublicKey(PublicKey)): Likewise.
+	(encodePrivateKey(PrivateKey)): Likewise.
+	(decodePublicKey(byte[])): Likewise.
+	(decodePrivateKey(byte[])): Likewise.
+	* gnu/java/security/key/dss/DSSPrivateKey.java:
+	Drop unneeded reference to PrivateKey.
+	(getX()): Add @Override.
+	(getEncoded(int)): Likewise.
+	(equals(Object)): Likewise.
+	(hashCode()): Implemented.
+	(toString()): Add @Override and remove unneeded cast.
+	* gnu/java/security/key/dss/DSSPublicKey.java:
+	Drop unneeded reference to PublicKey.
+	(getY()): Add @Override.
+	(getEncoded(int)): Likewise.
+	(equals(Object)): Likewise.
+	(hashCode()): Implemented.
+	(toString()): Add @Override and remove unneeded cast.
+	* gnu/java/security/key/rsa/GnuRSAKey.java:
+	(getModulus()): Add @Override.
+	(getAlgorithm()): Likewise.
+	(getEncoded()): Likewise.
+	(getFormat()): Likewise.
+	(equals(Object)): Likewise.
+	(hashCode()): Implemented using java.util.Objects.hash
+	(toString()): Add @Override and remove unneeded cast.
+	* gnu/java/security/key/rsa/GnuRSAPrivateKey.java:
+	Drop unneeded reference to PrivateKey.
+	(getPrimeP()): Add @Override.
+	(getPrimeQ()): Likewise.
+	(getPrimeExponentP()): Likewise.
+	(getPrimeExponentQ()): Likewise.
+	(getCrtCoefficient()): Likewise.
+	(getPrivateExponent()): Likewise.
+	(getEncoded(int)): Likewise.
+	(equals(Object)): Likewise.
+	(hashCode()): Implemented using java.util.Objects.hash.
+	(toString()): Add @Override and remove unneeded cast.
+	* gnu/java/security/key/rsa/GnuRSAPublicKey.java:
+	Drop unneeded reference to PublicKey.
+	(getEncoded()): Add @Override.
+	(equals(Object)): Likewise.
+	(hashCode()): Implemented.
+	(toString()): Add @Override and remove unneeded cast.
+	* gnu/java/security/key/rsa/RSAKeyPairPKCS8Codec.java:
+	(getFormatID()): Add @Override.
+	(encodePublicKey(PublicKey)): Likewise.
+	(encodePrivateKey(PrivateKey)): Likewise.
+	(decodePublicKey(byte[])): Likewise.
+	(decodePrivateKey(byte[])): Likewise.
+	* gnu/java/security/key/rsa/RSAKeyPairRawCodec.java:
+	(getFormatID()): Add @Override.
+	(encodePublicKey(PublicKey)): Likewise.
+	(decodePublicKey(byte[])): Likewise.
+	(encodePrivateKey(PrivateKey)): Likewise.
+	(decodePrivateKey(byte[])): Likewise.
+	* gnu/java/security/pkcs/PKCS7SignedData.java:
+	(PKCS7SignedData(BERReader)): Refer to constants by
+	the interface where they are defined. Rename crls
+	to avoid shadowing the class variable.
+	* gnu/java/security/pkcs/SignerInfo.java:
+	(SignerInfo(BERReader)): Refer to constants by the
+	interface where they are defined.
+	* gnu/java/security/prng/BasePRNG.java:
+	(addRandomBytes(byte[])): Add @Override.
+	(addRandomBytes(byte[],int,int)): Likewise. Rename
+	buffer to buf to avoid shadowing.
+	(clone()): Remove unnecessary cast and this references.
+	* gnu/java/security/prng/MDGenerator.java:
+	Remove unneeded reference to Cloneable.
+	* gnu/java/security/prng/RandomEvent.java:
+	(RandomEvent(Object,byte,byte,byte[])): Remove unnecessary cast.
+	* gnu/java/security/provider/DefaultPolicy.java:
+	(getPermissions(CodeSource)): Add @Override.
+	(refresh()): Likewise.
+	* gnu/java/security/provider/Gnu.java:
+	(Gnu()): Add @Override to run implementation in anonymous inner
+	class.
+	* gnu/java/security/provider/PKIXCertPathValidatorImpl.java:
+	(engineValidate(CertPath,CertPathParameters)): Add @Override. Remove
+	unneeded cast and else clause.
+	(checkExplicitPolicy(int,List)): Make static.
+	* gnu/java/security/provider/X509CertificateFactory.java:
+	(generateCert(InputStream)): Make static. Remove unnecessary
+	else clause.
+	(generateCRL(InputStream)): Likewise.
+	* gnu/java/security/sig/SignatureCodecFactory.java:
+	(getInstance(String,int)): Add default case to switch statement.
+	* gnu/java/security/sig/dss/DSSSignature.java:
+	(encodeSignature(BigInteger,BigInteger)): Make static.
+	(decodeSignature(Object)): Likewise.
+	* gnu/java/security/sig/dss/DSSSignatureRawCodec.java:
+	(getFormatID()): Add @Override.
+	(encodeSignature(Object)): Likewise.
+	(decodeSignature(byte[])): Likewise.
+	* gnu/java/security/sig/dss/DSSSignatureX509Codec.java:
+	(getFormatID()): Add @Override.
+	(encodeSignature(Object)): Likewise.
+	(decodeSignature(byte[])): Likewise.
+	* gnu/java/security/sig/rsa/EMSA_PKCS1_V1_5.java:
+	(clone()): Add @Override.
+	* gnu/java/security/sig/rsa/EMSA_PSS.java:
+	(clone()): Add @Override.
+	* gnu/java/security/sig/rsa/RSA.java:
+	(RSADP(RSAPrivateKey, BigInteger)): Suppress null warning
+	as r is always non-null if rsaBlinding is true.
+	* gnu/java/security/sig/rsa/RSAPKCS1V1_5Signature.java:
+	(clone()): Add @Override.
+	(setupForVerification(PublicKey)): Likewise.
+	(setupForSigning(PrivateKey)): Likewise.
+	(generateSignature()): Likewise.
+	(verifySignature(Object)): Likewise.
+	* gnu/java/security/sig/rsa/RSAPKCS1V1_5SignatureRawCodec.java:
+	(getFormatID()): Add @Override.
+	(encodeSignature(Object)): Likewise.
+	(decodeSignature(byte[])): Likewise.
+	* gnu/java/security/sig/rsa/RSAPKCS1V1_5SignatureX509Codec.java:
+	(getFormatID()): Add @Override.
+	(encodeSignature(Object)): Likewise.
+	(decodeSignature(byte[])): Likewise.
+	* gnu/java/security/sig/rsa/RSAPSSSignature.java:
+	(clone()): Add @Override.
+	(setupForVerification(PublicKey)): Likewise. Remove unnecessary
+	cast.
+	(setupForSigning(PrivateKey)): Likewise.
+	(generateSignature()): Add @Override.
+	(verifySignature(Object)): Likewise.
+	* gnu/java/security/sig/rsa/RSAPSSSignatureRawCodec.java:
+	(getFormatID()): Add @Override.
+	(encodeSignature(Object)): Likewise.
+	(decodeSignature(byte[])): Likewise.
+	* gnu/java/security/util/ByteArray.java:
+	(toString()): Add @Override.
+	* gnu/java/security/util/ByteBufferOutputStream.java:
+	(toString()): Add @Override.
+	* gnu/java/security/util/ExpirableObject.java:
+	(destroy()): Add @Override.
+	(Destroyer.run()): Likewise.
+	* gnu/java/security/util/FormatUtil.java:
+	(getEncodingName(int)): Add default case for switch statement.
+	(getEncodingShortName(int)): Likewise.
+	* gnu/java/security/util/Sequence.java:
+	(size()): Add @Override.
+	(toArray()): Likewise. Remove unnecessary cast.
+	* gnu/java/security/util/SimpleList.java:
+	(size()): Add @Override.
+	(get(int)): Likewise.
+	(toString()): Likewise.
+	* gnu/java/security/util/Util.java:
+	(toBase64(byte[])): Add default case to switch statement which
+	does nothing. Remove unnecessary else clause.
+	* gnu/java/security/x509/PolicyNodeImpl.java:
+	(addExpectedPolicy(String)): Rename variable to expectedPolicy
+	to avoid shadowing policy variable.
+	(addAllPolicyQualifiers(Collection)): Rename variable to
+	policyQualifiers to avoid shadowing qualifiers variable.
+	Rewrite collection check to catch ClassCastException as,
+	if it.next() returns normally, it will always be an instance
+	of PolicyQualifierInfo.
+	(toString()): Add @Override.
+	* gnu/java/security/x509/X500DistinguishedName.java:
+	(X500DistinguishedName(String)): Throw IOException rather
+	than catching it as calling methods in X509CRLSelector
+	implementations, addIssuerName(String), expect an
+	IOException to be thrown if there is a parsing error.
+	(getName()): Add @Override.
+	(hashCode()): Likewise.
+	(equals(Object)): Likewise.
+	(toString()): Likewise.
+	(getDer()): Remove unnecessary casts.
+	(readAttributeType(Reader)): Make static.
+	* gnu/java/security/x509/X509CRL.java:
+	(equals(Object)): Add @Override.
+	(hashCode()): Likewise.
+	(getEncoded()): Remove unnecessary cast.
+	(getIssuerX500Principal()): Add @Override.
+	(getTBSCertList()): Remove unnecessary cast.
+	(getSignature()): Likewise.
+	(getSigAlgParams()): Likewise.
+	(hasUnsupportedCriticalExtension()): Add @Override.
+	(getCriticialExtensionOIDs()): Likewise.
+	(getNonCriticalExtensionOIDs()): Likewise.
+	(getExtensionValue(String)): Likewise.
+	(isRevoked(Certificate)): Likewise. Remove unnecessary
+	cast.
+	(parse(InputStream)): Remove unnecessary cast.
+	* gnu/java/security/x509/X509CRLEntry.java:
+	(getEncoded()): Remove unncessary cast.
+	(hasUnsupportedCriticalExtension()): Add @Override.
+	(getCriticialExtensionOIDs()): Likewise.
+	(getNonCriticalExtensionOIDs()): Likewise.
+	(getExtensionValue(String)): Likewise.
+	* gnu/java/security/x509/X509CRLSelectorImpl.java:
+	(addIssuerName(String)): Throw IOException as specified.
+	* gnu/java/security/x509/X509CertPath.java:
+	(getCertificates()): Add @Override.
+	(getEncoded()): Likewise. Remove unnecessary casts.
+	(getEncodings()): Add @Override.
+	(parse(InputStream, String)): Rename path to parsedPath
+	to avoid shadowing.
+	* gnu/java/security/x509/X509CertSelectorImpl.java:
+	(addIssuerName(String)): Throw IOException as specified.
+	* gnu/java/security/x509/X509Certificate.java:
+	Remove unneeded Serializable reference.
+	(checkValidity()): Add @Override.
+	(checkValidity(Date)): Likewise.
+	(getVersion()): Likewise.
+	(getSerialNumber()): Likewise.
+	(getIssuerDN()): Likewise.
+	(getIssuerX500Principal()): Likewise.
+	(getSubjectDN()): Likewise.
+	(getSubjectX500Principal()): Likewise.
+	(getNotBefore()): Likewise.
+	(getNotAfter()): Likewise.
+	(getTBSCertificate()): Likewise. Remove unnecessary cast.
+	(getSignature()): Likewise.
+	(getSigAlgName()): Add @Override.
+	(getSigAlgOID()): Likewise.
+	(getSigAlgParams()): Likewise. Remove unnecessary cast.
+	(getIssuerUniqueID()): Add @Override.
+	(getSubjectUniqueID()): Likewise.
+	(getKeyUsage()): Likewise.
+	(getExtendedKeyUsage()): Likewise.
+	(getBasicConstraints()): Likewise.
+	(getSubjectAlternativeNames()): Likewise. Make conversion
+	from int to Integer explicit.
+	(getIssuerAlternativeNames()): Likewise.
+	(hasUnsupportedCriticalExtension()): Add @Override.
+	(getCriticialExtensionOIDs()): Likewise.
+	(getNonCriticalExtensionOIDs()): Likewise.
+	(getExtensionValue(String)): Likewise.
+	(getEncoded()): Likewise. Remove unnecessary cast.
+	(verify(PublicKey)): Add @Override.
+	(verify(PublicKey, String)): Likewise.
+	(toString()): Likewise.
+	(getPublicKey()): Likewise.
+	(parse(InputStream)): Rename encoded to enc to avoid shadowing.
+	Avoid unnecessary cast.
+	* gnu/java/security/x509/ext/AuthorityKeyIdentifier.java:
+	(toString()): Add @Override.
+	* gnu/java/security/x509/ext/BasicConstraints.java:
+	(getEncoded()): Add @Override. Remove unncessary casts.
+	(toString()): Add @Override.
+	* gnu/java/security/x509/ext/CRLNumber.java:
+	(getEncoded()): Add @Override. Remove unncessary casts.
+	(toString()): Add @Override.
+	* gnu/java/security/x509/ext/CertificatePolicies.java:
+	(CertificatePolicies(List,Map)): Swap empty for-loop
+	for a while loop.
+	(getEncoded()): Add @Override. Remove unnecessary cast.
+	(toString()): Add @Override.
+	* gnu/java/security/x509/ext/ExtendedKeyUsage.java:
+	(toString()): Add @Override.
+	* gnu/java/security/x509/ext/Extension.java:
+	(Extension(byte[])): Remove unnecessary cast.
+	(getEncoded()): Likewise.
+	(toString()): Add @Override.
+	(Value.Value(byte[])): Remove unnecessary cast.
+	(Value.getEncoded()): Likewise.
+	(hashCode()): Add @Override.
+	(equals(Object)): Likewise.
+	(toString()): Likewise.
+	* gnu/java/security/x509/ext/GeneralName.java:
+	(Kind.forTag(int)): Add default case.
+	(Kind): Remove unnecessary ; on closing brace.
+	(GeneralName(Kind,byte[])): Remove unnecessary cast.
+	(name()): Likewise.
+	(encoded()): Check for null rather than catching exception.
+	Remove unnecessary cast.
+	(equals(Object)): Add @Override. Avoid unnecessary method call.
+	(hashCode()): Implemented using java.util.Objects.hash.
+	(toString()): Add @Override.
+	* gnu/java/security/x509/ext/GeneralNames.java:
+	(toString()): Add @Override.
+	* gnu/java/security/x509/ext/GeneralSubtree.java:
+	(toString()): Add @Override.
+	* gnu/java/security/x509/ext/IssuerAlternativeNames.java:
+	(toString()): Add @Override.
+	* gnu/java/security/x509/ext/KeyUsage.java:
+	(toString()): Add @Override.
+	* gnu/java/security/x509/ext/NameConstraints.java:
+	(toString()): Add @Override.
+	* gnu/java/security/x509/ext/PolicyConstraint.java:
+	(toString()): Add @Override.
+	* gnu/java/security/x509/ext/PolicyMappings.java:
+	(toString()): Add @Override.
+	* gnu/java/security/x509/ext/PrivateKeyUsagePeriod.java:
+	(toString()): Add @Override.
+	* gnu/java/security/x509/ext/ReasonCode.java:
+	(toString()): Add @Override.
+	* gnu/java/security/x509/ext/SubjectAlternativeNames.java:
+	(toString()): Add @Override.
+	* gnu/java/security/x509/ext/SubjectKeyIdentifier.java:
+	(getKeyIdentifier()): Remove unnecessary cast.
+	(toString()): Add @Override.
+	* gnu/javax/security/auth/Password.java:
+	(doDestroy): Add @Override. Remove unneeded else block.
+	(isDestroyed): Add @Override.
+	* gnu/javax/security/auth/callback/AWTCallbackHandler.java:
+	(handleChoice(ChoiceCallback)): Add @Override.
+	(handleConfirmation(ConfirmationCallback)): Likewise.
+	(handleLanguage(LanguageCallback)): Likewise.
+	(handleName(NameCallback)): Likewise.
+	(handlePassword(PasswordCallback)): Likewise.
+	(handleTextInput(TextInputCallback)): Likewise.
+	(handleTextOutput(TextOutputCallback)): Likewise.
+	(actionPerformed(ActionEvent)): Likewise.
+	(windowClosing(WindowEvent)): Likewise.
+	(windowOpened(WindowEvent)): Likewise.
+	(windowClosed(WindowEvent)): Likewise.
+	(windowIconified(WindowEvent)): Likewise.
+	(windowDeiconified(WindowEvent)): Likewise.
+	(windowActivated(WindowEvent)): Likewise.
+	(windowDeactivated(WindowEvent)): Likewise.
+	* gnu/javax/security/auth/callback/AbstractCallbackHandler.java:
+	(AbstractCallbackHandler(String)): Reference getBundle by class
+	where it is implemented (ResourceBundle).
+	(handle(Callback[])): Add @Override.
+	(handleChoice(ChoiceCallback)): Allow and document an
+	UnsupportedCallbackException being thrown.
+	(handleConfirmation(ConfirmationCallback)): Likewise.
+	(handleLanguage(LanguageCallback)): Likewise.
+	(handleName(NameCallback)): Likewise.
+	(handlePassword(PasswordCallback)): Likewise.
+	(handleTextInput(TextInputCallback)): Likewise.
+	(handleTextOutput(TextOutputCallback)): Likewise.
+	(handleOther(Callback)): Suppress warnings resulting from
+	unused variables, unthrown exceptions and lack of IOException
+	being thrown. They are necessary for subclasses.
+	* gnu/javax/security/auth/callback/ConsoleCallbackHandler.java:
+	(handleChoice(ChoiceCallback)): Add @Override. Drop unnecessary
+	cast.
+	(handleConfirmation(ConfirmationCallback)): Add @Override.
+	(handleLanguage(LanguageCallback)): Likewise.
+	(handleName(NameCallback)): Likewise.
+	(handlePassword(PasswordCallback)): Likewise.
+	(handleTextInput(TextInputCallback)): Likewise.
+	(handleTextOutput(TextOutputCallback)): Likewise.
+	* gnu/javax/security/auth/callback/DefaultCallbackHandler.java:
+	(handleChoice(ChoiceCallback)): Add @Override.
+	(handleConfirmation(ConfirmationCallback)): Likewise.
+	(handleLanguage(LanguageCallback)): Likewise.
+	(handleName(NameCallback)): Likewise.
+	(handlePassword(PasswordCallback)): Likewise.
+	(handleTextInput(TextInputCallback)): Likewise.
+	(handleTextOutput(TextOutputCallback)): Likewise.
+	* gnu/javax/security/auth/callback/GnuCallbacks.java:
+	(GnuCallbacks()): Add @Override to run() implementation
+	in anonymous inner class.
+	* gnu/javax/security/auth/callback/SwingCallbackHandler.java:
+	(handleChoice(ChoiceCallback)): Add @Override to method
+	and methods of anonymous inner classes. Refer to
+	constants using interface where they appear.
+	(handleConfirmation(ConfirmationCallback)): Add @Override
+	to method and methods of anonymous inner class. Declare
+	UnsupportedCallbackException as thrown and add default
+	cases and fall-through markers to switch statements.
+	(handleLanguage(LanguageCallback)): Add @Override. Remove
+	unused variable defaultIndex.
+	(handleName(NameCallback)): Add @Override to method and
+	method of anonymous inner class.
+	(handlePassword(PasswordCallback)): Likewise.
+	(handleTextInput(TextInputCallback)): Likewise. Refer to
+	constants using interface where they appear.
+	(handleTextOutput(TextOutputCallback)): Likewise. Declare
+	UnsupportedCallbackException as thrown and add default
+	case to switch statement.
+	(waitForInput(JDialog, Callback)): Make static.
+	* gnu/javax/security/auth/login/ConfigFileParser.java:
+	(initParser(Reader)): Don't declare IOException as thrown
+	as one is never thrown.
+	(expandParamValue(String)): Make static.
+	* gnu/javax/security/auth/login/GnuConfiguration.java:
+	(getAppConfigurationEntry(String)): Add @Override.
+	(refresh()): Likewise.
+	(getInputStreamFromURL(String)): Make static.
+	(parseConfig(InputStream)): Remove unneeded variable.
+	(getUserName()): Make static.
+	(getConfigFromUserName(File,String)): Likewise.
+	* java/security/AccessControlContext.java:
+	(equals(Object)): Add @Override.
+	(hashCode()): Likewise.
+	* java/security/AlgorithmParameters.java:
+	(toString()): Add @Override.
+	* java/security/AllPermission.java:
+	(AllPermission(String,String)): Suppress
+	warning about actions variable being unused.
+	(implies(Permission)): Add @Override.
+	(equals(Object)): Likewise.
+	(hashCode()): Likewise.
+	(getActions()): Likewise.
+	(newPermissionCollection()): Likewise.
+	(AllPermissionCollection()): Add public constructor
+	to avoid generating a synthetic accessor method.
+	* java/security/BasicPermission.java:
+	Remove unneeded Serializable reference.
+	(BasicPermission(String,String)): Suppress
+	warnings about actions variable being unused.
+	(getActions()): Add @Override.
+	(newPermissionCollection()): Likewise.
+	* java/security/Certificate.java:
+	Mark with @Deprecated. Fix typo in documentation.
+	* java/security/DigestInputStream.java:
+	(read()): Add @Override.
+	(read(byte[],int,int)): Likewise.
+	(toString()): Likewise.
+	* java/security/DigestOutputStream.java:
+	(write(int)): Add @Override.
+	(write(byte[],int,int)): Likewise.
+	(toString()): Likewise.
+	* java/security/DummyKeyPairGenerator.java:
+	(clone()): Add @Override.
+	(initialize(int,SecureRandom)): Likewise.
+	(initialize(AlgorithmParameterSpec,SecureRandom)):
+	Likewise.
+	(generateKeyPair()): Likewise.
+	* java/security/DummyMessageDigest.java:
+	(clone()): Add @Override.
+	(engineDigest()): Likewise.
+	(engineDigest(byte[],int,int)): Likewise.
+	(engineGetDigestLength()): Likewise.
+	(engineReset()): Likewise.
+	(engineUpdate(byte)): Likewise.
+	(engineUpdate(byte[],int,int)): Likewise.
+	* java/security/Identity.java:
+	Mark as @Deprecated. Fix typo in documentation.
+	(getName()): Add @Override.
+	(equals(Object)): Likewise.
+	(toString()): Likewise.
+	(toString(boolean)): Remove unnecessary else clause.
+	(hashCode()): Add @Override.
+	* java/security/IdentityScope.java:
+	Mark as @Deprecated.
+	(toString()): Add @Override.
+	* java/security/IntersectingDomainCombiner.java:
+	(combine(ProtectionDomain[],ProtectionDomain[])):
+	Add @Override.
+	* java/security/KeyPairGenerator.java:
+	(generateKeyPair()): Add @Override.
+	* java/security/KeyPairGeneratorSpi.java:
+	(initialize(AlgorithmParameterSpec,SecureRandom)):
+	Suppress warning about making this method static.
+	Intended to be overridden by subclasses.
+	(clone()): Add @Override.
+	* java/security/KeyStore.java:
+	(getInstance(String,Provider)): Fix typo in documentation.
+	(getDefaultType()): Add @Override to run() in anonymous
+	inner class.
+	* java/security/MessageDigest.java:
+	(toString()): Add @Override.
+	(clone()): Likewise.
+	* java/security/MessageDigestSpi.java:
+	(engineGetDigestLength()): Suppress warning about
+	making this method static. Intended to be overridden
+	by subclasses.
+	(clone()): Add @Override.
+	* java/security/Permission.java:
+	(checkGuard(Object)): Add @Override.
+	(equals(Object)): Likewise.
+	(hashCode()): Likewise.
+	(newPermissionCollection()): Likewise.
+	(toString()): Likewise.
+	* java/security/PermissionCollection.java:
+	(toString()): Add @Override.
+	* java/security/Permissions.java:
+	Remove unneeded Serializable reference.
+	(elements()): Add @Override to hasMoreElements
+	and nextElement methods in anonymous inner class.
+	(PermissionsHash.PermissionsHash()): Add explicit
+	constructor to avoid a synthetic accessor method.
+	(add(Permission)): Mark synchronized.
+	(implies(Permission)): Likewise.
+	* java/security/Policy.java:
+	(implies(ProtectionDomain,Permission)): Remove
+	unnecessary cast.
+	* java/security/Principal.java:
+	(equals(Object)): Add @Override.
+	(toString()): Likewise.
+	(hashCode()): Likewise.
+	* java/security/PrivilegedActionException.java:
+	(getCause()): Add @Override.
+	(toString()): Removed; pointless as it just calls
+	superclass version.
+	* java/security/ProtectionDomain.java:
+	(ProtectionDomain(CodeSource,PermissionCollection,
+	ClassLoader,Principal[],boolean)): Remove unnecessary
+	cast.
+	(getPrincipals()): Add @Override.
+	(toString()): Likewise.
+	* java/security/Provider.java:
+	Remove unneeded Serializable reference.
+	(put(Object,Object)): Add @Override. Suppress warnings
+	about overridding a synchronized method as all collection
+	modifications are made in synchronized superclass method.
+	(get(Object)): Likewise.
+	(remove(Object)): Likewise.
+	(clear()): Likewise.
+	(toString()): Add @Override. Suppress warning about
+	overridding a synchronized method as the collection isn't
+	used.
+	(toCanonicalKey(Object)): Make static.
+	* java/security/SecureClassLoader.java:
+	(getPermissions(CodeSource)): Suppress warning about
+	making this method static; may potentially be overridden
+	by subclasses. Avoid unnecessary variable policy.
+	* java/security/SecureRandom.java:
+	(setSeed(byte[])): Make synchronized to prevent
+	concurrent access to secureRandomSpi.
+	(setSeed(long)): Add @Override and make synchronized.
+	(nextBytes(byte[])): Likewise.
+	(next(int)): Likewise.
+	(generateSeed(byte[])): Make synchronized.
+	* java/security/Security.java:
+	(getAlgorithmProperty(String,String)): Add @Deprecated.
+	(getProvider(String)): Remove unnecessary else clause.
+	(getAlgorithm(String)): Use provs instead of providers
+	to avoid shadowing class variable.
+	(provides(Provider,String,String,String,String)): Set
+	serviceDotAlgorithm to the empty string to avoid null
+	pointer issues.
+	* java/security/SecurityPermission.java:
+	(SecurityPermission(String,String)): Suppress warning
+	due to nothing being done with actions.
+	* java/security/Signature.java:
+	(sign()): Remove unnecessary else clause.
+	(sign(byte[],int,int)): Likewise.
+	(verify(byte[])): Likewise.
+	(toString()): Mark @Override.
+	(setParameter(String,Object)): Add @Deprecated.
+	(getParameter(String)): Likewise.
+	(clone()): Add @Override.
+	* java/security/SignatureSpi.java:
+	(engineSetParameter(String,Object)): Add @Deprecated.
+	(engineSetParameter(AlgorithmParameterSpec)): Suppress
+	warnings about unused variables, unthrown exceptions and
+	ability to be a static method. Subclasses override this.
+	(engineGetParameters()): Suppress warnings about making
+	this method static.
+	(engineGetParameter(String)): Add @Deprecated.
+	* java/security/SignedObject.java:
+	(getSignature()): Remove unnecessary cast.
+	(readObject(ObjectInputStream)): Likewise x 2.
+	* java/security/Signer.java:
+	Mark as @Deprecated.
+	(toString()): Add @Override.
+	* java/security/UnresolvedPermission.java:
+	(getUnresolvedCerts()): Remove unnecessaary cast.
+	(UnresolvedPermissionCollection.elements()):
+	Add @Override to hasMoreElements and nextElement.
+	* java/security/acl/Acl.java:
+	(toString()): Add @Override.
+	* java/security/acl/AclEntry.java:
+	(setPrincipal(Principal)): Fix formatting of documentation.
+	(addPermission(Permission)): Likewise.
+	(removePermission(Permission)): Likewise.
+	(checkPermission(Permission)): Likewise.
+	(toString()): Add @Override.
+	* java/security/acl/Permission.java:
+	(equals(Object)): Add @Override.
+	(toString()): Likewise.
+	* java/security/cert/CRL.java:
+	(toString()): Add @Override.
+	* java/security/cert/CertPath.java:
+	(equals(Object)): Add @Override.
+	(hashCode()): Likewise.
+	(toString()): Likewise.
+	* java/security/cert/CertPathBuilderException.java:
+	(CertPathBuilderException(Throwable)): Just call
+	superclass constructor.
+	(CertPathBuilderException(String,Throwable)): Likewise.
+	(getMessage()): Removed; provided by superclass.
+	(getCause()): Likewise.
+	(toString()): Likewise.
+	(printStackTrace()): Likewise.
+	(printStackTrace(PrintStream)): Likewise.
+	(printStackTrace(PrintWriter)): Likewise.
+	* java/security/cert/CertPathValidatorException.java:
+	(CertPathValidatorException(String,Throwable)): Just call
+	superclass with both arguments, rather than initCause.
+	(getMessage()): Removed; provided by superclass.
+	(getCause()): Likewise.
+	(toString()): Likewise.
+	(printStackTrace()): Likewise.
+	(printStackTrace(PrintStream)): Likewise.
+	(printStackTrace(PrintWriter)): Likewise.
+	* java/security/cert/CertStoreException.java:
+	(CertStoreException(Throwable)): Just call superclass
+	constructor.
+	(CertStoreException(String,Throwable)): Likewise.
+	(getMessage()): Removed; provided by superclass.
+	(getCause()): Likewise.
+	(toString()): Likewise.
+	(printStackTrace()): Likewise.
+	(printStackTrace(PrintStream)): Likewise.
+	(printStackTrace(PrintWriter)): Likewise.
+	* java/security/cert/CertStoreSpi.java:
+	(CertStoreSpi(CertStoreParameters)): Suppress warnings
+	about exception not being thrown. Present for subclasses.
+	* java/security/cert/Certificate.java:
+	(equals(Object)): Add @Override.
+	(hashCode()): Likewise.
+	(toString()): Likewise.
+	* java/security/cert/CertificateFactorySpi.java:
+	(engineGenerateCertPath(InputStream)): Suppress warnings
+	about unused arguments, exceptions not being thrown and
+	method can be static. Provided for subclass implementations.
+	(engineGenerateCertPath(InputStream,String)): Likewise.
+	(engineGenerateCertPath(List)): Likewise.
+	(engineGetCertPathEncodings()): Likewise.
+	* java/security/cert/CollectionCertStoreParameters.java:
+	(toString()): Add @Override.
+	* java/security/cert/LDAPCertStoreParameters.java:
+	(clone()): Add @Override.
+	(toString()): Likewise.
+	* java/security/cert/PKIXBuilderParameters.java:
+	(toString()): Likewise.
+	* java/security/cert/PKIXCertPathBuilderResult.java:
+	(getCertPath()): Add @Override.
+	(toString()): Likewise.
+	* java/security/cert/PKIXCertPathChecker.java:
+	(clone()): Add @Override.
+	* java/security/cert/PKIXCertPathValidatorResult.java:
+	(clone()): Add @Override.
+	(toString()): Likewise.
+	* java/security/cert/PKIXParameters.java:
+	(clone()): Add @Overrride.
+	(toString()): Likewise.
+	* java/security/cert/PolicyQualifierInfo.java:
+	(PolicyQualifierInfo(byte[])): Remove unnecessary cast.
+	(getEncoded()): Likewise.
+	(toString()): Add @Override.
+	* java/security/cert/TrustAnchor.java:
+	(TrustAnchor(X509Certificate,byte[])): Remove unnecessary cast.
+	(TrustAnchor(String,PublicKey,byte[])): Document exceptions.
+	Catch IOException and throw as IllegalArgumentException.
+	Remove unnecessary casts.
+	(toString()): Add @Override.
+	* java/security/cert/X509CRL.java:
+	(equals(Object)): Add @Override.
+	(hashCode()): Likewise.
+	(getIssuerX500Principal()): Suppress warning about making this
+	static. Should be overridden by subclasses.
+	* java/security/cert/X509CRLEntry.java:
+	(equals(Object):: Add @Override.
+	(hashCode()): Likewise.
+	(toString()): Likewise.
+	* java/security/cert/X509CRLSelector.java:
+	Remove unneeded Cloneable reference.
+	(getIssuerNames()): Remove unneeded else block.
+	(toString()): Add @Override.
+	(match(CRL)): Likewise.
+	(clone()): LIkewise.
+	* java/security/cert/X509CertSelector.java:
+	Remove unneeded Cloneable reference.
+	(makeName(int,String)): Re-use earlier result of Kind.forTag(id).
+	Add default case.
+	(clone()): Add @Override.
+	(getAuthorityKeyIdentifier()): Remove unneeded else block
+	and cast.
+	(getCertificateValid()): Remove unneeded else block.
+	(getExtendedKeyUsage()): Likewise.
+	(getIssuerAsBytes()): Likewise.
+	(getIssuerAsString()): Likewise.
+	(getKeyUsage()): Likewise and remove unneeded cast.
+	(getNameConstraints()): Likewise.
+	(getPathToNames()): Explicitly convert int to Integer.
+	(getPrivateKeyValid()): Suppress static method warning.
+	Method is deliberately useless.
+	(getSubjectAlternativeNames()): Explicitly convert int to
+	Integer.
+	(getSubjectAsBytes()): Remove unneeded else block.
+	(getSubjectAsString()): Likewise.
+	(getSubjectKeyIdentifier()): Likewise and remove unneeded
+	cast.
+	(match(Certificate)): Add @Override. Rename cert to other
+	to avoid shadowing.
+	(setNameConstraints(byte[])): Remove unnecessary cast.
+	Suppress warnings about NameConstraints instance being unused.
+	(setPrivateKeyValid()): Suppress unused variable warning.
+	Method is deliberately useless.
+	(setSubjectPublicKey(PublicKey)): Remove unneeded cast.
+	(toString()): Add @Override.
+	* java/security/cert/X509Certificate.java:
+	(getExtendedKeyUsage()): Suppress unthrown exception warning
+	and static method suggestion. Overridden by subclasses.
+	(getSubjectAlternativeNames()): Likewise.
+	(getIssuerAlternativeNames()): Likewise.
+	(getSubjectX500Principal()): Suppress static method suggestion.
+	Overridden by subclasses.
+	(getIssuerX500Principal()): Likewise.
+	* java/security/spec/DSAParameterSpec.java:
+	(getP()): Add @Override.
+	(getQ()): Likewise.
+	(getG()): Likewise.
+	* java/security/spec/PKCS8EncodedKeySpec.java:
+	(getEncoded()): Add @Override.
+	(getFormat()): Likewise.
+	* java/security/spec/RSAMultiPrimePrivateCrtKeySpec.java:
+	(RSAMultiPrimePrivateCrtKeySpec(BigInteger,BigInteger,BigInteger,
+	BigInteger,BigInteger,BigInteger,BigInteger,BigInteger,
+	RSAOtherPrimeInfo[])): Remove unneeded else block.
+	* java/security/spec/X509EncodedKeySpec.java:
+	(getEncoded()): Add @Override.
+	(getFormat()): Likewise.
+	* javax/security/auth/Policy.java:
+	Add @Deprecated.
+	* javax/security/auth/PrivateCredentialPermission.java:
+	Remove unneeded Serializable reference.
+	(equals(Object)): Add @Override. Rename principals to
+	thisPrincipals to avoid shadowing.
+	(getActions()): Add @Override.
+	(hashCode()): Likewise.
+	(implies(Permission)): Likewise. Rename principals to
+	thisPrincipals to avoid shadowing.
+	(newPermissionCollection()): Add @Override to method
+	and anonymous inner class implementations of equals(Object) &
+	hashCode().
+	* javax/security/auth/SubjectDomainCombiner.java:
+	(combine(ProtectionDomain[],ProtectionDomain[])): Add @Override.
+	* javax/security/auth/callback/ConfirmationCallback.java:
+	(setOptions(String[],int)): Move reference to options.length to
+	after options null check.
+	* javax/security/auth/kerberos/KerberosKey.java:
+	Remove unneeded Serializable reference.
+	(getAlgorithm()): Add @Override.
+	(getFormat()): Likewise.
+	(getEncoded()): Likewise and remove unnecessary cast.
+	(destroy()): Add @Override.
+	(isDestroyed()): Likewise.
+	(toString()): Likewise.
+	* javax/security/auth/kerberos/KerberosPrincipal.java:
+	(getName()): Add @Override.
+	(hashCode()): Likewise.
+	(equals(Object)): Likewise.
+	(toString()): Likewise.
+	* javax/security/auth/kerberos/KerberosTicket.java:
+	(asn1Encoding): Remove @SuppressWarnings.
+	(KerberosTicket(byte[],KerberosPrincipal,KerberosPrincipal,
+	byte[],int,boolean[],Date,Date,Date,Date,InetAddress[])):
+	Remove unnecessary cast. Remove duplicate assignment to flags.
+	(destroy()): Add @Override.
+	(isDestroyed()): Likewise.
+	(isCurrent()): Likewise.
+	(refresh()): Likewise.
+	(getFlags()): Remove unnecessary cast.
+	(getEncoded()): Likewise.
+	(toString()): Add @Override.
+	* javax/security/auth/kerberos/KeyImpl.java:
+	Remove unneeded Serializable reference.
+	(KeyImpl(byte[],int)): Remove unnecessary cast.
+	(getAlgorithm()): Add @Override.
+	(getEncoded()): Likewise.
+	(getFormat()): Likewise.
+	(toString()): Likewise.
+	* javax/security/auth/login/AppConfigurationEntry.java:
+	(toString()): Add @Override.
+	(LoginModuleControlFlag.toString()): Likewise.
+	* javax/security/auth/login/Configuration.java:
+	(getConfig()): Use GetSecurityPropertyAction rather than
+	a bespoke PrivilegedAction implementation.
+	* javax/security/auth/login/LoginContext.java:
+	(LoginContext(String,Subject,CallbackHandler,Configuration)):
+	Rename entries to appEntries to avoid shadowing.
+	(lookupModule(AppConfigurationEntry,Subject,Map)): Rename
+	subject to subj to avoid shadowing. Check module is null
+	rather than cause is non-null.
+	* javax/security/auth/login/NullConfiguration.java:
+	(getAppConfigurationEntry(String)): Add @Override.
+	(refresh()): Likewise.
+	* javax/security/auth/x500/X500Principal.java:
+	(hashCode()): Add @Override.
+	(equals(Object)): Likewise.
+	(getEncoded()): Remove unnecessary cast.
+	(getName()): Add @Override.
+	(toString()): Likewise.
+	(readAttributeType(Reader)): Make static.
+	(parseDer(InputStream)): Rename encoded to encodedStream to
+	avoid shadowing.
+	* javax/security/auth/x500/X500PrivateCredential.java:
+	(destroy()): Add @Override.
+	(isDestroyed()): Likewise.
+	* javax/security/cert/Certificate.java:
+	(equals(Object)): Add @Override.
+	(hashCode()): Likewise.
+	(toString()): Likewise.
+	* javax/security/cert/X509CertBridge.java:
+	(getEncoded()): Add @Override.
+	(verify(PublicKey)): Likewise.
+	(verify(PublicKey,String)): Likewise.
+	(toString()): Likewise.
+	(getPublicKey()): Likewise.
+	(checkValidity()): Likewise.
+	(checkValidity(Date)): Likewise.
+	(getVersion()): Likewise.
+	(getSerialNumber()): Likewise.
+	(getIssuerDN()): Likewise.
+	(getSubjectDN()): Likewise.
+	(getNotBefore()): Likewise.
+	(getNotAfter()): Likewise.
+	(getSigAlgName()): Likewise.
+	(getSigAlgOID()): Likewise.
+	(getSigAlgParams()): Likewise.
+	* javax/security/sasl/Sasl.java:
+	(createSaslClient(String[],String,String,String,Map,CallbackHandler)):
+	Remove unnecessary else clause and pointless result assignment.
+	(createSaslServer(String,String,String,Map,CallbackHandler)): Likewise.
+	* javax/security/sasl/SaslException.java:
+	Remove unneeded Serializable reference.
+	(SaslException(String,Throwable)): Add cause to superclass call.
+	(getCause()): Add @Override.
+	(printStackTrace()): Removed; provided by superclass.
+	(printStackTrace(PrintStream)): Likewise.
+	(printStackTrace(PrintWriter)): Likewise.
+	(initCause(Throwable)): Call superclass version, then sync the
+	local copy.
+	(toString()): Add @Override.
+
 2015-02-02  Andrew John Hughes  <gnu_andrew@member.fsf.org>
 
 	PR classpath/64902
diff --git a/configure.ac b/configure.ac
index 2a4177893..547ca1dcc 100644
--- a/configure.ac
+++ b/configure.ac
@@ -872,7 +872,7 @@ AC_ARG_ENABLE([warnings],
 AC_MSG_RESULT(${WARNINGS})
 if test "x$WARNINGS" = "xtrue"; then
   JAVAC_WARNINGS="-Xlint:unchecked,cast,divzero,empty,finally,overrides"
-  ECJ_WARNINGS="-warn:+all -warn:-deprecation,emptyBlock,nls,resource,serial,unavoidableGenericProblems,unqualifiedField,unusedPrivate"
+  ECJ_WARNINGS="-warn:+all -warn:-deprecation,emptyBlock,nls,resource,serial,unavoidableGenericProblems,unqualifiedField,unusedPrivate,paramAssign,super,boxing"
   AC_SUBST(JAVAC_WARNINGS)
   AC_SUBST(ECJ_WARNINGS)
 else
diff --git a/gnu/java/security/OID.java b/gnu/java/security/OID.java
index c6b977e00..2a5355490 100644
--- a/gnu/java/security/OID.java
+++ b/gnu/java/security/OID.java
@@ -1,5 +1,5 @@
 /* OID.java -- numeric representation of an object identifier
-   Copyright (C) 2003, 2004, 2005, 2006, 2014  Free Software Foundation, Inc.
+   Copyright (C) 2003, 2004, 2005, 2006, 2014, 2015  Free Software Foundation, Inc.
 
 This file is part of GNU Classpath.
 
@@ -125,7 +125,7 @@ public class OID implements Cloneable, Comparable<OID>, java.io.Serializable
   {
     if (components == null || components.length == 0)
       throw new IllegalArgumentException();
-    this.components = (int[]) components.clone();
+    this.components = components.clone();
     this.relative = relative;
   }
 
@@ -221,7 +221,7 @@ public class OID implements Cloneable, Comparable<OID>, java.io.Serializable
    */
   public OID(byte[] encoded, boolean relative) throws IOException
   {
-    der = (byte[]) encoded.clone();
+    der = encoded.clone();
     this.relative = relative;
     try
       {
@@ -245,7 +245,7 @@ public class OID implements Cloneable, Comparable<OID>, java.io.Serializable
    */
   public int[] getIDs()
   {
-    return (int[]) components.clone();
+    return components.clone();
   }
 
   /**
@@ -269,7 +269,7 @@ public class OID implements Cloneable, Comparable<OID>, java.io.Serializable
           encodeSubID(bout, components[i]);
         der = bout.toByteArray();
       }
-    return (byte[]) der.clone();
+    return der.clone();
   }
 
   /**
@@ -321,6 +321,7 @@ public class OID implements Cloneable, Comparable<OID>, java.io.Serializable
    *
    * @return The copy.
    */
+  @Override
   public Object clone()
   {
     try
@@ -355,21 +356,19 @@ public class OID implements Cloneable, Comparable<OID>, java.io.Serializable
    *
    * @return The string representation.
    */
+  @Override
   public String toString()
   {
     if (strRep != null)
       return strRep;
-    else
+    CPStringBuilder buf = new CPStringBuilder();
+    for (int i = 0; i < components.length; i++)
       {
-        CPStringBuilder buf = new CPStringBuilder();
-        for (int i = 0; i < components.length; i++)
-          {
-            buf.append((long) components[i] & 0xFFFFFFFFL);
-            if (i < components.length - 1)
-              buf.append('.');
-          }
-        return (strRep = buf.toString());
+	buf.append(components[i] & 0xFFFFFFFFL);
+	if (i < components.length - 1)
+	  buf.append('.');
       }
+    return (strRep = buf.toString());
   }
 
   /**
@@ -377,6 +376,7 @@ public class OID implements Cloneable, Comparable<OID>, java.io.Serializable
    *
    * @return The hash code.
    */
+  @Override
   public int hashCode()
   {
     int ret = 0;
@@ -390,6 +390,7 @@ public class OID implements Cloneable, Comparable<OID>, java.io.Serializable
    *
    * @return Whether or not this OID equals the other.
    */
+  @Override
   public boolean equals(Object o)
   {
     if (!(o instanceof OID))
@@ -410,6 +411,7 @@ public class OID implements Cloneable, Comparable<OID>, java.io.Serializable
    *         argument.
    * @throws ClassCastException If <i>o</i> is not an OID.
    */
+  @Override
   public int compareTo(OID o)
   {
     if (equals(o))
diff --git a/gnu/java/security/PolicyFile.java b/gnu/java/security/PolicyFile.java
index 96957b0ed..ff066c29d 100644
--- a/gnu/java/security/PolicyFile.java
+++ b/gnu/java/security/PolicyFile.java
@@ -1,5 +1,5 @@
 /* PolicyFile.java -- policy file reader
-   Copyright (C) 2004, 2005, 2006  Free Software Foundation, Inc.
+   Copyright (C) 2004, 2005, 2006, 2015  Free Software Foundation, Inc.
 
 This file is part of GNU Classpath.
 
@@ -176,6 +176,7 @@ public final class PolicyFile extends Policy
   // Instance methods.
   // -------------------------------------------------------------------------
 
+  @Override
   public PermissionCollection getPermissions(CodeSource codeSource)
   {
     Permissions perms = new Permissions();
@@ -201,6 +202,7 @@ public final class PolicyFile extends Policy
     return perms;
   }
 
+  @Override
   public void refresh()
   {
     cs2pc.clear();
@@ -213,6 +215,7 @@ public final class PolicyFile extends Policy
         AccessController.doPrivileged(
           new PrivilegedExceptionAction<Void>()
           {
+	    @Override
             public Void run() throws Exception
             {
               String allow = Security.getProperty ("policy.allowSystemProperty");
@@ -270,6 +273,7 @@ public final class PolicyFile extends Policy
       }
   }
 
+  @Override
   public String toString()
   {
     return super.toString() + " [ " + cs2pc.toString() + " ]";
@@ -290,6 +294,7 @@ public final class PolicyFile extends Policy
    * @throws IOException if an I/O error occurs, or if the policy file
    * cannot be parsed.
    */
+  @SuppressWarnings("null") // Exception is thrown if p == null
   private void parse(final URL url) throws IOException
   {
     logger.log (Component.POLICY, "reading policy file from {0}", url);
@@ -343,6 +348,7 @@ public final class PolicyFile extends Policy
             if (tok != ';')
               in.pushBack();
             continue;
+	  default: // do nothing
           }
         if (tok != StreamTokenizer.TT_WORD)
           {
@@ -376,7 +382,7 @@ public final class PolicyFile extends Policy
               }
             catch (Exception x)
               {
-                error(url, in, x.toString());
+                error(url, in, x);
               }
           }
         else if (in.sval.equalsIgnoreCase("grant"))
@@ -408,7 +414,7 @@ public final class PolicyFile extends Policy
                       }
                     catch (KeyStoreException kse)
                       {
-                        error(url, in, kse.toString());
+                        error(url, in, kse);
                       }
                   }
               }
@@ -436,7 +442,7 @@ public final class PolicyFile extends Policy
               }
             catch (MalformedURLException mue)
               {
-                error(url, in, mue.toString());
+                error(url, in, mue);
               }
             tok = in.nextToken();
             if (tok != ',')
@@ -463,8 +469,9 @@ public final class PolicyFile extends Policy
                   }
                 catch (Exception x)
                   {
-                    error(url, in, x.toString());
+                    error(url, in, x);
                   }
+		if (p == null) error(url, in, "Principal object not created");
                 for (Iterator<KeyStore> it = keystores.iterator(); it.hasNext(); )
                   {
                     KeyStore ks = it.next();
@@ -479,14 +486,14 @@ public final class PolicyFile extends Policy
                                 if (!(cert instanceof X509Certificate))
                                   continue;
                                 if (p.equals(((X509Certificate) cert).getSubjectDN()) ||
-                                    p.equals(((X509Certificate) cert).getSubjectX500Principal()))
+				    p.equals(((X509Certificate) cert).getSubjectX500Principal()))
                                   currentCerts.add(cert);
                               }
                           }
                       }
                     catch (KeyStoreException kse)
                       {
-                        error(url, in, kse.toString());
+                        error(url, in, kse);
                       }
                   }
               }
@@ -503,7 +510,7 @@ public final class PolicyFile extends Policy
                       }
                     catch (KeyStoreException kse)
                       {
-                        error(url, in, kse.toString());
+                        error(url, in, kse);
                       }
                   }
               }
@@ -535,7 +542,7 @@ public final class PolicyFile extends Policy
                 if (clazz == null)
                   {
                     currentPerms.add(new UnresolvedPermission(className,
-                      null, null, (Certificate[]) currentCerts.toArray(new Certificate[currentCerts.size()])));
+                      null, null, currentCerts.toArray(new Certificate[currentCerts.size()])));
                     continue;
                   }
                 try
@@ -544,7 +551,7 @@ public final class PolicyFile extends Policy
                   }
                 catch (Exception x)
                   {
-                    error(url, in, x.toString());
+                    error(url, in, x);
                   }
                 continue;
               }
@@ -557,7 +564,7 @@ public final class PolicyFile extends Policy
                 if (clazz == null)
                   {
                     currentPerms.add(new UnresolvedPermission(className,
-                      target, null, (Certificate[]) currentCerts.toArray(new Certificate[currentCerts.size()])));
+                      target, null, currentCerts.toArray(new Certificate[currentCerts.size()])));
                     continue;
                   }
                 try
@@ -569,7 +576,7 @@ public final class PolicyFile extends Policy
                   }
                 catch (Exception x)
                   {
-                    error(url, in, x.toString());
+                    error(url, in, x);
                   }
                 continue;
               }
@@ -589,7 +596,7 @@ public final class PolicyFile extends Policy
                   }
                 catch (Exception x)
                   {
-                    error(url, in, x.toString());
+                    error(url, in, x);
                   }
                 in.pushBack();
                 continue;
@@ -603,20 +610,17 @@ public final class PolicyFile extends Policy
 		  target, action, (currentCerts.toArray(new Certificate[currentCerts.size()]))));
                 continue;
               }
-            else
-              {
-                try
-                  {
-                    Constructor<?> c = clazz.getConstructor(
-                      new Class[] { String.class, String.class });
-                    currentPerms.add((Permission) c.newInstance(
-                      new Object[] { target, action }));
-                  }
-                catch (Exception x)
-                  {
-                    error(url, in, x.toString());
-                  }
-              }
+	    try
+	      {
+		Constructor<?> c = clazz.getConstructor(
+                    new Class[] { String.class, String.class });
+		currentPerms.add((Permission) c.newInstance(
+                    new Object[] { target, action }));
+	      }
+	    catch (Exception x)
+	      {
+		error(url, in, x);
+	      }
             tok = in.nextToken();
             if (tok != ';' && tok != ',')
               error(url, in, "expecting ';' or ','");
@@ -631,7 +635,7 @@ public final class PolicyFile extends Policy
   private static String expand(final String s)
   {
     final CPStringBuilder result = new CPStringBuilder();
-    final CPStringBuilder prop = new CPStringBuilder();
+    final CPStringBuilder propBuf = new CPStringBuilder();
     int state = 0;
     for (int i = 0; i < s.length(); i++)
       {
@@ -655,32 +659,41 @@ public final class PolicyFile extends Policy
           case 2:
             if (s.charAt(i) == '}')
               {
-                String p = prop.toString();
+                String p = propBuf.toString();
                 if (p.equals("/"))
                   p = "file.separator";
                 p = System.getProperty(p);
                 if (p == null)
                   p = "";
                 result.append(p);
-                prop.setLength(0);
+                propBuf.setLength(0);
                 state = 0;
               }
             else
-              prop.append(s.charAt(i));
+              propBuf.append(s.charAt(i));
             break;
+	  default:
+	    // State is never set to anything else
           }
       }
     if (state != 0)
-      result.append('$').append('{').append(prop);
+      result.append('$').append('{').append(propBuf);
     return result.toString();
   }
 
   /**
    * I miss macros.
    */
+  private static void error(URL base, StreamTokenizer in, Throwable cause)
+    throws IOException
+  {
+    throw new IOException(base+":"+in.lineno()+": "+cause.toString(), cause);
+  }
+
   private static void error(URL base, StreamTokenizer in, String msg)
     throws IOException
   {
     throw new IOException(base+":"+in.lineno()+": "+msg);
   }
+
 }
diff --git a/gnu/java/security/Properties.java b/gnu/java/security/Properties.java
index 7a664fc74..2ecb87a06 100644
--- a/gnu/java/security/Properties.java
+++ b/gnu/java/security/Properties.java
@@ -1,5 +1,5 @@
 /* Properties.java -- run-time configuration properties.
-   Copyright (C) 2003, 2004, 2006, 2010, 2014  Free Software Foundation, Inc.
+   Copyright (C) 2003, 2004, 2006, 2010, 2014, 2015  Free Software Foundation, Inc.
 
 This file is a part of GNU Classpath.
 
@@ -312,14 +312,14 @@ public final class Properties
     handleBooleanProperty(CHECK_WEAK_KEYS);
     handleBooleanProperty(DO_RSA_BLINDING);
     // re-sync the 'known' properties
-    reproducible = Boolean.valueOf((String) props.get(REPRODUCIBLE_PRNG)).booleanValue();
-    checkForWeakKeys = Boolean.valueOf((String) props.get(CHECK_WEAK_KEYS)).booleanValue();
-    doRSABlinding = Boolean.valueOf((String) props.get(DO_RSA_BLINDING)).booleanValue();
+    reproducible = Boolean.valueOf(props.get(REPRODUCIBLE_PRNG)).booleanValue();
+    checkForWeakKeys = Boolean.valueOf(props.get(CHECK_WEAK_KEYS)).booleanValue();
+    doRSABlinding = Boolean.valueOf(props.get(DO_RSA_BLINDING)).booleanValue();
     // This does not change.
     props.put(VERSION, Registry.VERSION_STRING);
   }
 
-  private void handleBooleanProperty(final String name)
+  private static void handleBooleanProperty(final String name)
   {
     String s = null;
     try
diff --git a/gnu/java/security/action/GetPropertyAction.java b/gnu/java/security/action/GetPropertyAction.java
index 7295d8d5a..248bb32ec 100644
--- a/gnu/java/security/action/GetPropertyAction.java
+++ b/gnu/java/security/action/GetPropertyAction.java
@@ -1,5 +1,5 @@
 /* GetPropertyAction.java
-   Copyright (C) 2004 Free Software Foundation, Inc.
+   Copyright (C) 2004, 2015 Free Software Foundation, Inc.
 
 This file is part of GNU Classpath.
 
@@ -68,6 +68,7 @@ public class GetPropertyAction implements PrivilegedAction<String>
     setParameters(propName, defaultValue);
   }
 
+  @Override
   public String run()
   {
     return System.getProperty(name, value);
diff --git a/gnu/java/security/action/GetSecurityPropertyAction.java b/gnu/java/security/action/GetSecurityPropertyAction.java
index ac928ca33..46484e9f8 100644
--- a/gnu/java/security/action/GetSecurityPropertyAction.java
+++ b/gnu/java/security/action/GetSecurityPropertyAction.java
@@ -1,5 +1,5 @@
 /* GetSecurityPropertyAction.java
-   Copyright (C) 2004 Free Software Foundation, Inc.
+   Copyright (C) 2004, 2015 Free Software Foundation, Inc.
 
 This file is part of GNU Classpath.
 
@@ -83,6 +83,7 @@ public class GetSecurityPropertyAction implements PrivilegedAction<String>
     return this;
   }
 
+  @Override
   public String run()
   {
     String val = Security.getProperty(name);
diff --git a/gnu/java/security/ber/BERReader.java b/gnu/java/security/ber/BERReader.java
index 53a3f3ee9..bb653600d 100644
--- a/gnu/java/security/ber/BERReader.java
+++ b/gnu/java/security/ber/BERReader.java
@@ -1,5 +1,5 @@
 /* BERReader.java -- basic encoding rules (BER) reader.
-   Copyright (C) 2004  Free Software Foundation, Inc.
+   Copyright (C) 2004, 2015  Free Software Foundation, Inc.
 
 This file is part of GNU Classpath.
 
@@ -73,6 +73,7 @@ public class BERReader extends DERReader implements BER
     super(in);
   }
 
+  @Override
   public DERValue read() throws IOException
   {
     in.mark(2);
@@ -86,11 +87,8 @@ public class BERReader extends DERReader implements BER
           return END_OF_SEQUENCE;
         return new BERValue(tag, CONSTRUCTED_VALUE, new byte[] { (byte) tag, 0 });
       }
-    else
-      {
-        in.reset();
-        return super.read();
-      }
+    in.reset();
+    return super.read();
   }
 
   public int peek() throws IOException
diff --git a/gnu/java/security/ber/BERValue.java b/gnu/java/security/ber/BERValue.java
index aeaef39bf..b9acd222d 100644
--- a/gnu/java/security/ber/BERValue.java
+++ b/gnu/java/security/ber/BERValue.java
@@ -1,5 +1,5 @@
 /* BERReader.java -- basic encoding rules (BER) value.
-   Copyright (C) 2004  Free Software Foundation, Inc.
+   Copyright (C) 2004, 2015  Free Software Foundation, Inc.
 
 This file is part of GNU Classpath.
 
@@ -73,6 +73,7 @@ public class BERValue extends DERValue
     return indefinite;
   }
 
+  @Override
   public int getLength()
   {
     if (indefinite)
diff --git a/gnu/java/security/der/BitString.java b/gnu/java/security/der/BitString.java
index c7032ccfc..f44480385 100644
--- a/gnu/java/security/der/BitString.java
+++ b/gnu/java/security/der/BitString.java
@@ -1,5 +1,5 @@
 /* BitString.java -- Java representation of the BIT STRING type.
-   Copyright (C) 2003, 2014 Free Software Foundation, Inc.
+   Copyright (C) 2003, 2014, 2015 Free Software Foundation, Inc.
 
 This file is part of GNU Classpath.
 
@@ -197,10 +197,10 @@ public class BitString implements Cloneable, Comparable<BitString>
   public byte[] toByteArray()
   {
     if (ignoredBits == 0)
-      return (byte[]) bytes.clone();
+      return bytes.clone();
     if (externBytes == null)
       externBytes = new BigInteger(bytes).shiftRight(ignoredBits).toByteArray();
-    return (byte[]) externBytes.clone();
+    return externBytes.clone();
   }
 
   /**
@@ -212,7 +212,7 @@ public class BitString implements Cloneable, Comparable<BitString>
    */
   public byte[] getShiftedByteArray()
   {
-    return (byte[]) bytes.clone();
+    return bytes.clone();
   }
 
   /**
@@ -258,9 +258,10 @@ public class BitString implements Cloneable, Comparable<BitString>
               }
           }
       }
-    return (boolean[]) boolVal.clone();
+    return boolVal.clone();
   }
 
+  @Override
   public Object clone()
   {
     try
@@ -288,6 +289,7 @@ public class BitString implements Cloneable, Comparable<BitString>
     return 0; // not reached.
   }
 
+  @Override
   public int hashCode()
   {
     int result = 0;
@@ -301,6 +303,7 @@ public class BitString implements Cloneable, Comparable<BitString>
     return result;
   }
 
+  @Override
   public boolean equals(Object o)
   {
     if (!(o instanceof BitString))
@@ -314,6 +317,7 @@ public class BitString implements Cloneable, Comparable<BitString>
     return false;
   }
 
+  @Override
   public String toString()
   {
     CPStringBuilder sb = new CPStringBuilder();
diff --git a/gnu/java/security/der/DERReader.java b/gnu/java/security/der/DERReader.java
index cd552c8be..b061a27e2 100644
--- a/gnu/java/security/der/DERReader.java
+++ b/gnu/java/security/der/DERReader.java
@@ -1,5 +1,5 @@
 /* DERReader.java -- parses ASN.1 DER sequences
-   Copyright (C) 2003 Free Software Foundation, Inc.
+   Copyright (C) 2003, 2014, 2015 Free Software Foundation, Inc.
 
 This file is part of GNU Classpath.
 
@@ -346,7 +346,7 @@ public class DERReader implements DER
     return str.toString();
   }
 
-  private Date makeTime(int tag, byte[] value) throws IOException
+  private static Date makeTime(int tag, byte[] value) throws IOException
   {
     Calendar calendar = Calendar.getInstance();
     String str = makeString(PRINTABLE_STRING, value);
@@ -415,18 +415,23 @@ public class DERReader implements DER
               Integer.parseInt(date.substring(8, 10)), 0); // hour, min
             switch (date.length())
               {
-                case 19:
+	        case 19:
                 case 18:
                 case 17:
                 case 16:
                   calendar.set(Calendar.MILLISECOND,
                     Integer.parseInt(date.substring(15)));
+		  //$FALL-THROUGH$
                 case 14:
                   calendar.set(Calendar.SECOND,
                     Integer.parseInt(date.substring(12, 14)));
+		  //$FALL-THROUGH$
                 case 12:
                   calendar.set(Calendar.MINUTE,
                     Integer.parseInt(date.substring(10, 12)));
+		  break;
+	        default: // length of 15, 13 or 11
+		  throw new DEREncodingException("cannot parse date"); 
               }
           }
         catch (NumberFormatException nfe)
diff --git a/gnu/java/security/der/DERValue.java b/gnu/java/security/der/DERValue.java
index 2cbe34573..1cc6d4e39 100644
--- a/gnu/java/security/der/DERValue.java
+++ b/gnu/java/security/der/DERValue.java
@@ -1,5 +1,5 @@
 /* DERValue.java -- a value read or written to a DER encoding.
-   Copyright (C) 2003 Free Software Foundation, Inc.
+   Copyright (C) 2003, 2014, 2015 Free Software Foundation, Inc.
 
 This file is part of GNU Classpath.
 
@@ -67,7 +67,7 @@ public class DERValue implements DER
     this.length = length;
     this.value = value;
     if (encoded != null)
-      this.encoded = (byte[]) encoded.clone();
+      this.encoded = encoded.clone();
   }
 
   public DERValue(int tag, Object value)
@@ -125,9 +125,9 @@ public class DERValue implements DER
 
   public Object getValueAs (final int derType) throws IOException
   {
-    byte[] encoded = getEncoded ();
-    encoded[0] = (byte) derType;
-    return DERReader.read (encoded).getValue ();
+    byte[] enc = getEncoded();
+    enc[0] = (byte) derType;
+    return DERReader.read(enc).getValue();
   }
 
   public byte[] getEncoded()
@@ -147,7 +147,7 @@ public class DERValue implements DER
             throw iae;
           }
       }
-    return (byte[]) encoded.clone();
+    return encoded.clone();
   }
 
   public int getEncodedLength()
@@ -170,6 +170,7 @@ public class DERValue implements DER
     return encoded.length;
   }
 
+  @Override
   public String toString()
   {
     String start = "DERValue ( [";
diff --git a/gnu/java/security/hash/BaseHash.java b/gnu/java/security/hash/BaseHash.java
index bab930f28..ab41b7175 100644
--- a/gnu/java/security/hash/BaseHash.java
+++ b/gnu/java/security/hash/BaseHash.java
@@ -1,5 +1,5 @@
 /* BaseHash.java --
-   Copyright (C) 2001, 2002, 2006 Free Software Foundation, Inc.
+   Copyright (C) 2001, 2002, 2006, 2014 Free Software Foundation, Inc.
 
 This file is a part of GNU Classpath.
 
@@ -78,21 +78,25 @@ public abstract class BaseHash
     resetContext();
   }
 
+  @Override
   public String name()
   {
     return name;
   }
-
+  
+  @Override
   public int hashSize()
   {
     return hashSize;
   }
 
+  @Override
   public int blockSize()
   {
     return blockSize;
   }
 
+  @Override
   public void update(byte b)
   {
     // compute number of bytes still unhashed; ie. present in buffer
@@ -103,11 +107,13 @@ public abstract class BaseHash
       transform(buffer, 0);
   }
 
+  @Override
   public void update(byte[] b)
   {
     update(b, 0, b.length);
   }
 
+  @Override
   public void update(byte[] b, int offset, int len)
   {
     int n = (int) (count % blockSize);
@@ -128,7 +134,8 @@ public abstract class BaseHash
     if (i < len)
       System.arraycopy(b, offset + i, buffer, n, len - i);
   }
-
+  
+  @Override
   public byte[] digest()
   {
     byte[] tail = padBuffer(); // pad remaining bytes in buffer
@@ -140,6 +147,7 @@ public abstract class BaseHash
     return result;
   }
 
+  @Override
   public void reset()
   { // reset this instance for future re-use
     count = 0L;
@@ -149,8 +157,10 @@ public abstract class BaseHash
     resetContext();
   }
 
+  @Override
   public abstract Object clone();
 
+  @Override
   public abstract boolean selfTest();
 
   /**
diff --git a/gnu/java/security/hash/Haval.java b/gnu/java/security/hash/Haval.java
index 15c303934..0d6635da1 100644
--- a/gnu/java/security/hash/Haval.java
+++ b/gnu/java/security/hash/Haval.java
@@ -1,5 +1,5 @@
 /* Haval.java --
-   Copyright (C) 2003, 2006 Free Software Foundation, Inc.
+   Copyright (C) 2003, 2006, 2015 Free Software Foundation, Inc.
 
 This file is a part of GNU Classpath.
 
@@ -176,14 +176,16 @@ public class Haval
     this.h6 = md.h6;
     this.h7 = md.h7;
     this.count = md.count;
-    this.buffer = (byte[]) md.buffer.clone();
+    this.buffer = md.buffer.clone();
   }
 
+  @Override
   public Object clone()
   {
     return new Haval(this);
   }
 
+  @Override
   protected synchronized void transform(byte[] in, int i)
   {
     int X0 = (in[i++] & 0xFF)
@@ -511,6 +513,7 @@ public class Haval
     h0 += t0;
   }
 
+  @Override
   protected byte[] padBuffer()
   {
     // pad out to 118 mod 128. other 10 bytes have special use.
@@ -540,6 +543,7 @@ public class Haval
     return result;
   }
 
+  @Override
   protected byte[] getResult()
   {
     tailorDigestBits(); // tailor context for the designated output size
@@ -592,6 +596,7 @@ public class Haval
     return result;
   }
 
+  @Override
   protected void resetContext()
   {
     h0 = 0x243F6A88;
@@ -604,6 +609,7 @@ public class Haval
     h7 = 0xEC4E6C89;
   }
 
+  @Override
   public boolean selfTest()
   {
     if (valid == null)
@@ -676,6 +682,9 @@ public class Haval
         h4 += ((h7 >>>  9) & 0x0F);
         h5 += ((h7 >>>  4) & 0x1F);
         h6 +=  (h7         & 0x0F);
+	break;
+      default:
+	// do nothing
       }
   }
 
@@ -772,35 +781,35 @@ public class Haval
     return (t >>> 7 | t << 25) + (x7 >>> 11 | x7 << 21) + w + c;
   }
 
-  private int FF5(int x7, int x6, int x5, int x4, int x3, int x2, int x1,
-                  int x0, int w, int c)
+  private static int FF5(int x7, int x6, int x5, int x4, int x3, int x2, int x1,
+			 int x0, int w, int c)
   {
     int t = f5(x2, x5, x0, x6, x4, x3, x1);
     return (t >>> 7 | t << 25) + (x7 >>> 11 | x7 << 21) + w + c;
   }
 
-  private int f1(int x6, int x5, int x4, int x3, int x2, int x1, int x0)
+  private static int f1(int x6, int x5, int x4, int x3, int x2, int x1, int x0)
   {
     return x1 & (x0 ^ x4) ^ x2 & x5 ^ x3 & x6 ^ x0;
   }
 
-  private int f2(int x6, int x5, int x4, int x3, int x2, int x1, int x0)
+  private static int f2(int x6, int x5, int x4, int x3, int x2, int x1, int x0)
   {
     return x2 & (x1 & ~x3 ^ x4 & x5 ^ x6 ^ x0) ^ x4 & (x1 ^ x5) ^ x3 & x5 ^ x0;
   }
 
-  private int f3(int x6, int x5, int x4, int x3, int x2, int x1, int x0)
+  private static int f3(int x6, int x5, int x4, int x3, int x2, int x1, int x0)
   {
     return x3 & (x1 & x2 ^ x6 ^ x0) ^ x1 & x4 ^ x2 & x5 ^ x0;
   }
 
-  private int f4(int x6, int x5, int x4, int x3, int x2, int x1, int x0)
+  private static int f4(int x6, int x5, int x4, int x3, int x2, int x1, int x0)
   {
     return x4 & (x5 & ~x2 ^ x3 & ~x6 ^ x1 ^ x6 ^ x0) ^ x3
            & (x1 & x2 ^ x5 ^ x6) ^ x2 & x6 ^ x0;
   }
 
-  private int f5(int x6, int x5, int x4, int x3, int x2, int x1, int x0)
+  private static int f5(int x6, int x5, int x4, int x3, int x2, int x1, int x0)
   {
     return x0 & (x1 & x2 & x3 ^ ~x5) ^ x1 & x4 ^ x2 & x5 ^ x3 & x6;
   }
diff --git a/gnu/java/security/hash/MD2.java b/gnu/java/security/hash/MD2.java
index d78af93fa..7f84dd542 100644
--- a/gnu/java/security/hash/MD2.java
+++ b/gnu/java/security/hash/MD2.java
@@ -1,5 +1,5 @@
 /* MD2.java --
-   Copyright (C) 2001, 2002, 2006 Free Software Foundation, Inc.
+   Copyright (C) 2001, 2002, 2006, 2015 Free Software Foundation, Inc.
 
 This file is a part of GNU Classpath.
 
@@ -132,17 +132,19 @@ public class MD2
 
     // superclass field
     this.count = md2.count;
-    this.buffer = (byte[]) md2.buffer.clone();
+    this.buffer = md2.buffer.clone();
     // private field
-    this.checksum = (byte[]) md2.checksum.clone();
-    this.work = (byte[]) md2.work.clone();
+    this.checksum = md2.checksum.clone();
+    this.work = md2.work.clone();
   }
 
+  @Override
   public Object clone()
   {
     return new MD2(this);
   }
 
+  @Override
   protected byte[] getResult()
   {
     byte[] result = new byte[DIGEST_LENGTH];
@@ -154,12 +156,14 @@ public class MD2
     return result;
   }
 
+  @Override
   protected void resetContext()
   {
     checksum = new byte[BLOCK_LENGTH];
     work = new byte[BLOCK_LENGTH * 3];
   }
 
+  @Override
   public boolean selfTest()
   {
     if (valid == null)
@@ -180,6 +184,7 @@ public class MD2
    * @return the bytes to pad the remaining bytes in the buffer before
    * completing a hash operation.
    */
+  @Override
   protected byte[] padBuffer()
   {
     int length = BLOCK_LENGTH - (int) (count % BLOCK_LENGTH);
@@ -199,6 +204,7 @@ public class MD2
    * @param in the byte array to take the <code>BLOCK_LENGTH</code> bytes from.
    * @param off the offset to start from in the given byte array.
    */
+  @Override
   protected void transform(byte[] in, int off)
   {
     updateCheckSumAndEncryptBlock(in, off);
diff --git a/gnu/java/security/hash/MD4.java b/gnu/java/security/hash/MD4.java
index e6ac11bc8..c01c938e8 100644
--- a/gnu/java/security/hash/MD4.java
+++ b/gnu/java/security/hash/MD4.java
@@ -1,5 +1,5 @@
 /* MD4.java --
-   Copyright (C) 2001, 2002, 2006 Free Software Foundation, Inc.
+   Copyright (C) 2001, 2002, 2006, 2014 Free Software Foundation, Inc.
 
 This file is a part of GNU Classpath.
 
@@ -105,14 +105,16 @@ public class MD4
     this.c = that.c;
     this.d = that.d;
     this.count = that.count;
-    this.buffer = (byte[]) that.buffer.clone();
+    this.buffer = that.buffer.clone();
   }
-
+  
+  @Override
   public Object clone()
   {
     return new MD4(this);
   }
 
+  @Override
   protected byte[] getResult()
   {
     return new byte[] {
@@ -122,6 +124,7 @@ public class MD4
         (byte) d, (byte)(d >>> 8), (byte)(d >>> 16), (byte)(d >>> 24) };
   }
 
+  @Override
   protected void resetContext()
   {
     a = A;
@@ -130,16 +133,18 @@ public class MD4
     d = D;
   }
 
+  @Override
   public boolean selfTest()
   {
     if (valid == null)
       {
-        String d = Util.toString(new MD4().digest());
-        valid = Boolean.valueOf(DIGEST0.equals(d));
+        String digest = Util.toString(new MD4().digest());
+        valid = Boolean.valueOf(DIGEST0.equals(digest));
       }
     return valid.booleanValue();
   }
 
+  @Override
   protected byte[] padBuffer()
   {
     int n = (int)(count % BLOCK_LENGTH);
@@ -158,6 +163,7 @@ public class MD4
     return pad;
   }
 
+  @Override
   protected void transform(byte[] in, int i)
   {
     int X0 = (in[i++] & 0xFF)
diff --git a/gnu/java/security/hash/MD5.java b/gnu/java/security/hash/MD5.java
index dfffd3c80..045ccf04e 100644
--- a/gnu/java/security/hash/MD5.java
+++ b/gnu/java/security/hash/MD5.java
@@ -1,5 +1,5 @@
 /* MD5.java --
-   Copyright (C) 2001, 2002, 2006 Free Software Foundation, Inc.
+   Copyright (C) 2001, 2002, 2006, 2015 Free Software Foundation, Inc.
 
 This file is a part of GNU Classpath.
 
@@ -88,14 +88,16 @@ public class MD5
     this.h2 = md.h2;
     this.h3 = md.h3;
     this.count = md.count;
-    this.buffer = (byte[]) md.buffer.clone();
+    this.buffer = md.buffer.clone();
   }
 
+  @Override
   public Object clone()
   {
     return new MD5(this);
   }
 
+  @Override
   protected synchronized void transform(byte[] in, int i)
   {
     int X0 = (in[i++] & 0xFF)
@@ -321,6 +323,7 @@ public class MD5
     h3 += D;
   }
 
+  @Override
   protected byte[] padBuffer()
   {
     int n = (int)(count % BLOCK_SIZE);
@@ -341,6 +344,7 @@ public class MD5
     return result;
   }
 
+  @Override
   protected byte[] getResult()
   {
     return new byte[] {
@@ -350,6 +354,7 @@ public class MD5
         (byte) h3, (byte)(h3 >>> 8), (byte)(h3 >>> 16), (byte)(h3 >>> 24) };
   }
 
+  @Override
   protected void resetContext()
   {
     // magic MD5/RIPEMD128 initialisation constants
@@ -359,6 +364,7 @@ public class MD5
     h3 = 0x10325476;
   }
 
+  @Override
   public boolean selfTest()
   {
     if (valid == null)
diff --git a/gnu/java/security/hash/RipeMD128.java b/gnu/java/security/hash/RipeMD128.java
index bd0adc5e0..9751ed707 100644
--- a/gnu/java/security/hash/RipeMD128.java
+++ b/gnu/java/security/hash/RipeMD128.java
@@ -1,5 +1,5 @@
 /* RipeMD128.java --
-   Copyright (C) 2001, 2002, 2006 Free Software Foundation, Inc.
+   Copyright (C) 2001, 2002, 2006, 2015 Free Software Foundation, Inc.
 
 This file is a part of GNU Classpath.
 
@@ -114,14 +114,16 @@ public class RipeMD128
     this.h2 = md.h2;
     this.h3 = md.h3;
     this.count = md.count;
-    this.buffer = (byte[]) md.buffer.clone();
+    this.buffer = md.buffer.clone();
   }
 
+  @Override
   public Object clone()
   {
     return new RipeMD128(this);
   }
 
+  @Override
   protected void transform(byte[] in, int offset)
   {
     int A, B, C, D, Ap, Bp, Cp, Dp, T, s, i;
@@ -206,6 +208,7 @@ public class RipeMD128
     h0 = T;
   }
 
+  @Override
   protected byte[] padBuffer()
   {
     int n = (int)(count % BLOCK_SIZE);
@@ -226,6 +229,7 @@ public class RipeMD128
     return result;
   }
 
+  @Override
   protected byte[] getResult()
   {
     return new byte[] {
@@ -236,6 +240,7 @@ public class RipeMD128
     };
   }
 
+  @Override
   protected void resetContext()
   {
     // magic RIPEMD128 initialisation constants
@@ -245,6 +250,7 @@ public class RipeMD128
     h3 = 0x10325476;
   }
 
+  @Override
   public boolean selfTest()
   {
     if (valid == null)
diff --git a/gnu/java/security/hash/RipeMD160.java b/gnu/java/security/hash/RipeMD160.java
index 795f5a4b0..ea503c79f 100644
--- a/gnu/java/security/hash/RipeMD160.java
+++ b/gnu/java/security/hash/RipeMD160.java
@@ -1,5 +1,5 @@
 /* RipeMD160.java --
-   Copyright (C) 2001, 2002, 2006 Free Software Foundation, Inc.
+   Copyright (C) 2001, 2002, 2006, 2015 Free Software Foundation, Inc.
 
 This file is a part of GNU Classpath.
 
@@ -118,14 +118,16 @@ public class RipeMD160
     this.h3 = md.h3;
     this.h4 = md.h4;
     this.count = md.count;
-    this.buffer = (byte[]) md.buffer.clone();
+    this.buffer = md.buffer.clone();
   }
 
+  @Override
   public Object clone()
   {
     return (new RipeMD160(this));
   }
 
+  @Override
   protected void transform(byte[] in, int offset)
   {
     int A, B, C, D, E, Ap, Bp, Cp, Dp, Ep, T, s, i;
@@ -238,6 +240,7 @@ public class RipeMD160
     h0 = T;
   }
 
+  @Override
   protected byte[] padBuffer()
   {
     int n = (int)(count % BLOCK_SIZE);
@@ -258,6 +261,7 @@ public class RipeMD160
     return result;
   }
 
+  @Override
   protected byte[] getResult()
   {
     return new byte[] {
@@ -269,6 +273,7 @@ public class RipeMD160
     };
   }
 
+  @Override
   protected void resetContext()
   {
     // magic RIPEMD160 initialisation constants
@@ -279,6 +284,7 @@ public class RipeMD160
     h4 = 0xC3D2E1F0;
   }
 
+  @Override
   public boolean selfTest()
   {
     if (valid == null)
diff --git a/gnu/java/security/hash/Sha160.java b/gnu/java/security/hash/Sha160.java
index 88bf0e405..981a36db1 100644
--- a/gnu/java/security/hash/Sha160.java
+++ b/gnu/java/security/hash/Sha160.java
@@ -1,5 +1,5 @@
 /* Sha160.java --
-   Copyright (C) 2001, 2002, 2006 Free Software Foundation, Inc.
+   Copyright (C) 2001, 2002, 2006, 2015 Free Software Foundation, Inc.
 
 This file is a part of GNU Classpath.
 
@@ -102,7 +102,7 @@ public class Sha160
     this.h3 = md.h3;
     this.h4 = md.h4;
     this.count = md.count;
-    this.buffer = (byte[]) md.buffer.clone();
+    this.buffer = md.buffer.clone();
   }
 
   public static final int[] G(int hh0, int hh1, int hh2, int hh3, int hh4,
@@ -111,11 +111,13 @@ public class Sha160
     return sha(hh0, hh1, hh2, hh3, hh4, in, offset);
   }
 
+  @Override
   public Object clone()
   {
     return new Sha160(this);
   }
 
+  @Override
   protected void transform(byte[] in, int offset)
   {
     int[] result = sha(h0, h1, h2, h3, h4, in, offset);
@@ -126,6 +128,7 @@ public class Sha160
     h4 = result[4];
   }
 
+  @Override
   protected byte[] padBuffer()
   {
     int n = (int)(count % BLOCK_SIZE);
@@ -146,6 +149,7 @@ public class Sha160
     return result;
   }
 
+  @Override
   protected byte[] getResult()
   {
     return new byte[] {
@@ -156,6 +160,7 @@ public class Sha160
         (byte)(h4 >>> 24), (byte)(h4 >>> 16), (byte)(h4 >>> 8), (byte) h4 };
   }
 
+  @Override
   protected void resetContext()
   {
     // magic SHA-1/RIPEMD160 initialisation constants
@@ -166,6 +171,7 @@ public class Sha160
     h4 = 0xC3D2E1F0;
   }
 
+  @Override
   public boolean selfTest()
   {
     if (valid == null)
diff --git a/gnu/java/security/hash/Sha256.java b/gnu/java/security/hash/Sha256.java
index 76e28d4e0..b411851ac 100644
--- a/gnu/java/security/hash/Sha256.java
+++ b/gnu/java/security/hash/Sha256.java
@@ -1,5 +1,5 @@
 /* Sha256.java --
-   Copyright (C) 2003, 2006 Free Software Foundation, Inc.
+   Copyright (C) 2003, 2006, 2015 Free Software Foundation, Inc.
 
 This file is a part of GNU Classpath.
 
@@ -110,7 +110,7 @@ public class Sha256
     this.h6 = md.h6;
     this.h7 = md.h7;
     this.count = md.count;
-    this.buffer = (byte[]) md.buffer.clone();
+    this.buffer = md.buffer.clone();
   }
 
   public static final int[] G(int hh0, int hh1, int hh2, int hh3, int hh4,
@@ -118,12 +118,14 @@ public class Sha256
   {
     return sha(hh0, hh1, hh2, hh3, hh4, hh5, hh6, hh7, in, offset);
   }
-
+  
+  @Override
   public Object clone()
   {
     return new Sha256(this);
   }
 
+  @Override
   protected void transform(byte[] in, int offset)
   {
     int[] result = sha(h0, h1, h2, h3, h4, h5, h6, h7, in, offset);
@@ -137,6 +139,7 @@ public class Sha256
     h7 = result[7];
   }
 
+  @Override
   protected byte[] padBuffer()
   {
     int n = (int)(count % BLOCK_SIZE);
@@ -157,6 +160,7 @@ public class Sha256
     return result;
   }
 
+  @Override
   protected byte[] getResult()
   {
     return new byte[] {
@@ -170,6 +174,7 @@ public class Sha256
         (byte)(h7 >>> 24), (byte)(h7 >>> 16), (byte)(h7 >>> 8), (byte) h7 };
   }
 
+  @Override
   protected void resetContext()
   {
     // magic SHA-256 initialisation constants
@@ -183,6 +188,7 @@ public class Sha256
     h7 = 0x5be0cd19;
   }
 
+  @Override
   public boolean selfTest()
   {
     if (valid == null)
diff --git a/gnu/java/security/hash/Sha384.java b/gnu/java/security/hash/Sha384.java
index 5fea4f3b1..4fb3d6b0f 100644
--- a/gnu/java/security/hash/Sha384.java
+++ b/gnu/java/security/hash/Sha384.java
@@ -1,5 +1,5 @@
 /* Sha384.java --
-   Copyright (C) 2003, 2006 Free Software Foundation, Inc.
+   Copyright (C) 2003, 2006, 2015 Free Software Foundation, Inc.
 
 This file is a part of GNU Classpath.
 
@@ -121,7 +121,7 @@ public class Sha384
     this.h6 = md.h6;
     this.h7 = md.h7;
     this.count = md.count;
-    this.buffer = (byte[]) md.buffer.clone();
+    this.buffer = md.buffer.clone();
   }
 
   public static final long[] G(long hh0, long hh1, long hh2, long hh3,
@@ -131,11 +131,13 @@ public class Sha384
     return sha(hh0, hh1, hh2, hh3, hh4, hh5, hh6, hh7, in, offset);
   }
 
+  @Override
   public Object clone()
   {
     return new Sha384(this);
   }
 
+  @Override
   protected void transform(byte[] in, int offset)
   {
     long[] result = sha(h0, h1, h2, h3, h4, h5, h6, h7, in, offset);
@@ -149,6 +151,7 @@ public class Sha384
     h7 = result[7];
   }
 
+  @Override
   protected byte[] padBuffer()
   {
     int n = (int)(count % BLOCK_SIZE);
@@ -171,6 +174,7 @@ public class Sha384
     return result;
   }
 
+  @Override
   protected byte[] getResult()
   {
     return new byte[] {
@@ -188,6 +192,7 @@ public class Sha384
         (byte)(h5 >>> 24), (byte)(h5 >>> 16), (byte)(h5 >>>  8), (byte) h5 };
   }
 
+  @Override
   protected void resetContext()
   {
     // magic SHA-384 initialisation constants
@@ -201,6 +206,7 @@ public class Sha384
     h7 = 0x47b5481dbefa4fa4L;
   }
 
+  @Override
   public boolean selfTest()
   {
     if (valid == null)
diff --git a/gnu/java/security/hash/Sha512.java b/gnu/java/security/hash/Sha512.java
index 17c4323fa..65c486737 100644
--- a/gnu/java/security/hash/Sha512.java
+++ b/gnu/java/security/hash/Sha512.java
@@ -1,5 +1,5 @@
 /* Sha512.java --
-   Copyright (C) 2003, 2006 Free Software Foundation, Inc.
+   Copyright (C) 2003, 2006, 2015 Free Software Foundation, Inc.
 
 This file is a part of GNU Classpath.
 
@@ -121,7 +121,7 @@ public class Sha512
     this.h6 = md.h6;
     this.h7 = md.h7;
     this.count = md.count;
-    this.buffer = (byte[]) md.buffer.clone();
+    this.buffer = md.buffer.clone();
   }
 
   public static final long[] G(long hh0, long hh1, long hh2, long hh3,
@@ -131,11 +131,13 @@ public class Sha512
     return sha(hh0, hh1, hh2, hh3, hh4, hh5, hh6, hh7, in, offset);
   }
 
+  @Override
   public Object clone()
   {
     return new Sha512(this);
   }
 
+  @Override
   protected void transform(byte[] in, int offset)
   {
     long[] result = sha(h0, h1, h2, h3, h4, h5, h6, h7, in, offset);
@@ -149,6 +151,7 @@ public class Sha512
     h7 = result[7];
   }
 
+  @Override
   protected byte[] padBuffer()
   {
     int n = (int)(count % BLOCK_SIZE);
@@ -171,6 +174,7 @@ public class Sha512
     return result;
   }
 
+  @Override
   protected byte[] getResult()
   {
     return new byte[] {
@@ -192,6 +196,7 @@ public class Sha512
         (byte)(h7 >>> 24), (byte)(h7 >>> 16), (byte)(h7 >>>  8), (byte) h7 };
   }
 
+  @Override
   protected void resetContext()
   {
     // magic SHA-512 initialisation constants
@@ -205,6 +210,7 @@ public class Sha512
     h7 = 0x5be0cd19137e2179L;
   }
 
+  @Override
   public boolean selfTest()
   {
     if (valid == null)
diff --git a/gnu/java/security/hash/Tiger.java b/gnu/java/security/hash/Tiger.java
index d2993db9f..d62cf7ba1 100644
--- a/gnu/java/security/hash/Tiger.java
+++ b/gnu/java/security/hash/Tiger.java
@@ -1,5 +1,5 @@
 /* Tiger.java --
-   Copyright (C) 2003, 2006 Free Software Foundation, Inc.
+   Copyright (C) 2003, 2006, 2015 Free Software Foundation, Inc.
 
 This file is a part of GNU Classpath.
 
@@ -456,14 +456,16 @@ public class Tiger
     this.b = that.b;
     this.c = that.c;
     this.count = that.count;
-    this.buffer = (that.buffer != null) ? (byte[]) that.buffer.clone() : null;
+    this.buffer = (that.buffer != null) ? that.buffer.clone() : null;
   }
 
+  @Override
   public Object clone()
   {
     return new Tiger(this);
   }
 
+  @Override
   public boolean selfTest()
   {
     if (valid == null)
@@ -474,6 +476,7 @@ public class Tiger
     return valid.booleanValue();
   }
 
+  @Override
   protected byte[] padBuffer()
   {
     int n = (int)(count % BLOCK_SIZE);
@@ -492,6 +495,7 @@ public class Tiger
     return pad;
   }
 
+  @Override
   protected byte[] getResult()
   {
     return new byte[] {
@@ -503,6 +507,7 @@ public class Tiger
         (byte)(c >>> 32), (byte)(c >>> 40), (byte)(c >>> 48), (byte)(c >>> 56) };
   }
 
+  @Override
   protected void resetContext()
   {
     a = A;
@@ -510,6 +515,7 @@ public class Tiger
     c = C;
   }
 
+  @Override
   protected void transform(byte[] in, int offset)
   {
     long x0, x1, x2, x3, x4, x5, x6, x7;
diff --git a/gnu/java/security/hash/Whirlpool.java b/gnu/java/security/hash/Whirlpool.java
index bb1174e2e..720f17f06 100644
--- a/gnu/java/security/hash/Whirlpool.java
+++ b/gnu/java/security/hash/Whirlpool.java
@@ -1,5 +1,5 @@
 /* Whirlpool.java --
-   Copyright (C) 2001, 2002, 2006, 2010, 2014 Free Software Foundation, Inc.
+   Copyright (C) 2001, 2002, 2006, 2010, 2014, 2015 Free Software Foundation, Inc.
 
 This file is a part of GNU Classpath.
 
@@ -284,14 +284,16 @@ public final class Whirlpool
     this.H6 = md.H6;
     this.H7 = md.H7;
     this.count = md.count;
-    this.buffer = (byte[]) md.buffer.clone();
+    this.buffer = md.buffer.clone();
   }
 
+  @Override
   public Object clone()
   {
     return (new Whirlpool(this));
   }
 
+  @Override
   protected void transform(byte[] in, int offset)
   {
     // apply mu to the input
@@ -539,6 +541,7 @@ public final class Whirlpool
     H7 ^= w7 ^ n7;
   }
 
+  @Override
   protected byte[] padBuffer()
   {
     // [WHIRLPOOL] p. 6:
@@ -569,6 +572,7 @@ public final class Whirlpool
     return result;
   }
 
+  @Override
   protected byte[] getResult()
   {
     // apply inverse mu to the context
@@ -592,11 +596,13 @@ public final class Whirlpool
 
   }
 
+  @Override
   protected void resetContext()
   {
     H0 = H1 = H2 = H3 = H4 = H5 = H6 = H7 = 0L;
   }
 
+  @Override
   public boolean selfTest()
   {
     if (valid == null)
diff --git a/gnu/java/security/jce/hash/MessageDigestAdapter.java b/gnu/java/security/jce/hash/MessageDigestAdapter.java
index 2651ecf92..d0947b86f 100644
--- a/gnu/java/security/jce/hash/MessageDigestAdapter.java
+++ b/gnu/java/security/jce/hash/MessageDigestAdapter.java
@@ -1,5 +1,5 @@
 /* MessageDigestAdapter.java --
-   Copyright (C) 2001, 2002, 2006 Free Software Foundation, Inc.
+   Copyright (C) 2001, 2002, 2006, 2015 Free Software Foundation, Inc.
 
 This file is a part of GNU Classpath.
 
@@ -89,31 +89,37 @@ class MessageDigestAdapter
     this.adaptee = adaptee;
   }
 
+  @Override
   public Object clone()
   {
     return new MessageDigestAdapter((IMessageDigest) adaptee.clone());
   }
 
+  @Override
   public int engineGetDigestLength()
   {
     return adaptee.hashSize();
   }
-
+  
+  @Override
   public void engineUpdate(byte input)
   {
     adaptee.update(input);
   }
 
+  @Override
   public void engineUpdate(byte[] input, int offset, int len)
   {
     adaptee.update(input, offset, len);
   }
 
+  @Override
   public byte[] engineDigest()
   {
     return adaptee.digest();
   }
 
+  @Override
   public int engineDigest(byte[] buf, int offset, int len)
       throws DigestException
   {
@@ -126,6 +132,7 @@ class MessageDigestAdapter
     return result;
   }
 
+  @Override
   public void engineReset()
   {
     adaptee.reset();
diff --git a/gnu/java/security/jce/sig/DSSKeyPairGeneratorSpi.java b/gnu/java/security/jce/sig/DSSKeyPairGeneratorSpi.java
index 971cffe92..9ab5a53f7 100644
--- a/gnu/java/security/jce/sig/DSSKeyPairGeneratorSpi.java
+++ b/gnu/java/security/jce/sig/DSSKeyPairGeneratorSpi.java
@@ -1,5 +1,5 @@
 /* DSSKeyPairGeneratorSpi.java --
-   Copyright 2001, 2002, 2006, 2014 Free Software Foundation, Inc.
+   Copyright 2001, 2002, 2006, 2014, 2015 Free Software Foundation, Inc.
 
 This file is a part of GNU Classpath.
 
@@ -67,11 +67,13 @@ public class DSSKeyPairGeneratorSpi
     super(Registry.DSS_KPG);
   }
 
+  @Override
   public void initialize(int keysize, SecureRandom random)
   {
     this.initialize(keysize, false, random);
   }
 
+  @Override
   public void initialize(AlgorithmParameterSpec params, SecureRandom random)
       throws InvalidAlgorithmParameterException
   {
diff --git a/gnu/java/security/jce/sig/DSSParametersGenerator.java b/gnu/java/security/jce/sig/DSSParametersGenerator.java
index 09c138610..cad1fb380 100644
--- a/gnu/java/security/jce/sig/DSSParametersGenerator.java
+++ b/gnu/java/security/jce/sig/DSSParametersGenerator.java
@@ -1,5 +1,5 @@
 /* DSSParametersGenerator.java -- JCE Adapter for a generator of DSS parameters
-   Copyright (C) 2006 Free Software Foundation, Inc.
+   Copyright (C) 2006, 2015 Free Software Foundation, Inc.
 
 This file is part of GNU Classpath.
 
@@ -73,7 +73,7 @@ public class DSSParametersGenerator
   private FIPS186 fips;
 
   // default 0-arguments constructor
-
+  @Override
   protected void engineInit(int size, SecureRandom random)
   {
     if ((size % 64) != 0 || size < 512 || size > 1024)
@@ -85,6 +85,7 @@ public class DSSParametersGenerator
     this.rnd = random;
   }
 
+  @Override
   protected void engineInit(AlgorithmParameterSpec spec, SecureRandom random)
       throws InvalidAlgorithmParameterException
   {
@@ -97,6 +98,7 @@ public class DSSParametersGenerator
     this.engineInit(size, random);
   }
 
+  @Override
   protected AlgorithmParameters engineGenerateParameters()
   {
     if (modulusLength < 1)
diff --git a/gnu/java/security/jce/sig/EncodedKeyFactory.java b/gnu/java/security/jce/sig/EncodedKeyFactory.java
index df8bb14b1..9f866fa07 100644
--- a/gnu/java/security/jce/sig/EncodedKeyFactory.java
+++ b/gnu/java/security/jce/sig/EncodedKeyFactory.java
@@ -1,5 +1,5 @@
 /* EncodedKeyFactory.java -- JCE Encoded key factory Adapter
-   Copyright (C) 2006, 2010, 2014  Free Software Foundation, Inc.
+   Copyright (C) 2006, 2010, 2014, 2015  Free Software Foundation, Inc.
 
 This file is part of GNU Classpath.
 
@@ -305,7 +305,7 @@ public class EncodedKeyFactory
    * @return an instance of {@link DSSPublicKey} constructed from the
    *         information in the designated key-specification.
    */
-  private DSSPublicKey decodeDSSPublicKey(DSAPublicKeySpec spec)
+  private static DSSPublicKey decodeDSSPublicKey(DSAPublicKeySpec spec)
   {
     BigInteger p = spec.getP();
     BigInteger q = spec.getQ();
@@ -319,7 +319,7 @@ public class EncodedKeyFactory
    * @return an instance of {@link GnuRSAPublicKey} constructed from the
    *         information in the designated key-specification.
    */
-  private GnuRSAPublicKey decodeRSAPublicKey(RSAPublicKeySpec spec)
+  private static GnuRSAPublicKey decodeRSAPublicKey(RSAPublicKeySpec spec)
   {
     BigInteger n = spec.getModulus();
     BigInteger e = spec.getPublicExponent();
@@ -334,7 +334,7 @@ public class EncodedKeyFactory
    *           {@link DHPublicKey} interface exists at run-time, or if an
    *           exception occurs during its instantiation.
    */
-  private DHPublicKey decodeDHPublicKey(DHPublicKeySpec spec)
+  private static DHPublicKey decodeDHPublicKey(DHPublicKeySpec spec)
       throws InvalidKeySpecException
   {
     BigInteger p = spec.getP();
@@ -355,7 +355,7 @@ public class EncodedKeyFactory
    *           {@link DHPublicKey} interface exists at run-time, or if an
    *           exception occurs during its instantiation.
    */
-  private DHPublicKey decodeDHPublicKey(byte[] encoded)
+  private static DHPublicKey decodeDHPublicKey(byte[] encoded)
       throws InvalidKeySpecException
   {
     Object obj = invokeValueOf("gnu.javax.crypto.key.dh.GnuDHPublicKey",
@@ -368,7 +368,7 @@ public class EncodedKeyFactory
    * @return an instance of {@link DSSPrivateKey} constructed from the
    *         information in the designated key-specification.
    */
-  private PrivateKey decodeDSSPrivateKey(DSAPrivateKeySpec spec)
+  private static PrivateKey decodeDSSPrivateKey(DSAPrivateKeySpec spec)
   {
     BigInteger p = spec.getP();
     BigInteger q = spec.getQ();
@@ -382,7 +382,7 @@ public class EncodedKeyFactory
    * @return an instance of {@link GnuRSAPrivateKey} constructed from the
    *         information in the designated key-specification.
    */
-  private PrivateKey decodeRSAPrivateKey(RSAPrivateCrtKeySpec spec)
+  private static PrivateKey decodeRSAPrivateKey(RSAPrivateCrtKeySpec spec)
   {
     BigInteger n = spec.getModulus();
     BigInteger e = spec.getPublicExponent();
@@ -404,7 +404,7 @@ public class EncodedKeyFactory
    *           {@link DHPrivateKey} interface exists at run-time, or if an
    *           exception occurs during its instantiation.
    */
-  private DHPrivateKey decodeDHPrivateKey(DHPrivateKeySpec spec)
+  private static DHPrivateKey decodeDHPrivateKey(DHPrivateKeySpec spec)
       throws InvalidKeySpecException
   {
     BigInteger p = spec.getP();
@@ -425,7 +425,7 @@ public class EncodedKeyFactory
    *           {@link DHPrivateKey} interface exists at run-time, or if an
    *           exception occurs during its instantiation.
    */
-  private DHPrivateKey decodeDHPrivateKey(byte[] encoded)
+  private static DHPrivateKey decodeDHPrivateKey(byte[] encoded)
       throws InvalidKeySpecException
   {
     Object obj = invokeValueOf("gnu.javax.crypto.key.dh.GnuDHPrivateKey",
diff --git a/gnu/java/security/jce/sig/KeyPairGeneratorAdapter.java b/gnu/java/security/jce/sig/KeyPairGeneratorAdapter.java
index cd612aaa5..8ad0c3d8b 100644
--- a/gnu/java/security/jce/sig/KeyPairGeneratorAdapter.java
+++ b/gnu/java/security/jce/sig/KeyPairGeneratorAdapter.java
@@ -83,12 +83,15 @@ public abstract class KeyPairGeneratorAdapter
     this.adaptee = KeyPairGeneratorFactory.getInstance(localiseName(kpgName));
   }
 
+  @Override
   public abstract void initialize(int keysize, SecureRandom random);
 
+  @Override
   public abstract void initialize(AlgorithmParameterSpec params,
                                   SecureRandom random)
       throws InvalidAlgorithmParameterException;
 
+  @Override
   public KeyPair generateKeyPair()
   {
     if (!adaptee.isInitialized())
@@ -133,7 +136,6 @@ public abstract class KeyPairGeneratorAdapter
    */
   private static String localiseName(String kpgName)
   {
-    /**
     if ("DiffieHellman".equals(kpgName))
       return Registry.DH_KPG;
     if ("DH".equals(kpgName))
@@ -142,7 +144,6 @@ public abstract class KeyPairGeneratorAdapter
       return Registry.DSA_KPG;
     if ("RSA".equals(kpgName))
       return Registry.RSA_KPG;
-    */
     return kpgName;
   }
 
diff --git a/gnu/java/security/jce/sig/RSAKeyPairGeneratorSpi.java b/gnu/java/security/jce/sig/RSAKeyPairGeneratorSpi.java
index fa3cbd5a8..aab10ff98 100644
--- a/gnu/java/security/jce/sig/RSAKeyPairGeneratorSpi.java
+++ b/gnu/java/security/jce/sig/RSAKeyPairGeneratorSpi.java
@@ -1,5 +1,5 @@
 /* RSAKeyPairGeneratorSpi.java -- JCE RSA KeyPairGenerator Adapter
-   Copyright (C) 2001, 2002, 2006, 2014 Free Software Foundation, Inc.
+   Copyright (C) 2001, 2002, 2006, 2014, 2015 Free Software Foundation, Inc.
 
 This file is a part of GNU Classpath.
 
@@ -63,6 +63,7 @@ public class RSAKeyPairGeneratorSpi
     super(Registry.RSA_KPG);
   }
 
+  @Override
   public void initialize(int keysize, SecureRandom random)
   {
     HashMap<String,Object> attributes = new HashMap<String,Object>();
@@ -75,6 +76,7 @@ public class RSAKeyPairGeneratorSpi
     adaptee.setup(attributes);
   }
 
+  @Override
   public void initialize(AlgorithmParameterSpec params, SecureRandom random)
       throws InvalidAlgorithmParameterException
   {
diff --git a/gnu/java/security/jce/sig/SignatureAdapter.java b/gnu/java/security/jce/sig/SignatureAdapter.java
index 7f7c1569f..7fe391ee2 100644
--- a/gnu/java/security/jce/sig/SignatureAdapter.java
+++ b/gnu/java/security/jce/sig/SignatureAdapter.java
@@ -1,5 +1,5 @@
 /* SignatureAdapter.java --
-   Copyright 2001, 2002, 2006, 2010, 2014 Free Software Foundation, Inc.
+   Copyright 2001, 2002, 2006, 2010, 2014, 2015 Free Software Foundation, Inc.
 
 This file is a part of GNU Classpath.
 
@@ -39,7 +39,6 @@ exception statement from your version.  */
 package gnu.java.security.jce.sig;
 
 import gnu.java.security.Configuration;
-import gnu.java.security.sig.BaseSignature;
 import gnu.java.security.sig.ISignature;
 import gnu.java.security.sig.ISignatureCodec;
 import gnu.java.security.sig.SignatureFactory;
@@ -109,6 +108,7 @@ class SignatureAdapter
     this.codec = codec;
   }
 
+  @Override
   public Object clone()
   {
     return new SignatureAdapter((ISignature) adaptee.clone(), codec);
@@ -118,7 +118,7 @@ class SignatureAdapter
   public void engineInitVerify(PublicKey publicKey) throws InvalidKeyException
   {
     HashMap<String,Object> attributes = new HashMap<String,Object>();
-    attributes.put(BaseSignature.VERIFIER_KEY, publicKey);
+    attributes.put(ISignature.VERIFIER_KEY, publicKey);
     try
       {
         adaptee.setupVerify(attributes);
@@ -133,7 +133,7 @@ class SignatureAdapter
   public void engineInitSign(PrivateKey privateKey) throws InvalidKeyException
   {
     HashMap<String,Object> attributes = new HashMap<String,Object>();
-    attributes.put(BaseSignature.SIGNER_KEY, privateKey);
+    attributes.put(ISignature.SIGNER_KEY, privateKey);
     try
       {
         adaptee.setupSign(attributes);
@@ -149,8 +149,8 @@ class SignatureAdapter
       throws InvalidKeyException
   {
     HashMap<String,Object> attributes = new HashMap<String,Object>();
-    attributes.put(BaseSignature.SIGNER_KEY, privateKey);
-    attributes.put(BaseSignature.SOURCE_OF_RANDOMNESS, random);
+    attributes.put(ISignature.SIGNER_KEY, privateKey);
+    attributes.put(ISignature.SOURCE_OF_RANDOMNESS, random);
     try
       {
         adaptee.setupSign(attributes);
diff --git a/gnu/java/security/key/KeyPairCodecFactory.java b/gnu/java/security/key/KeyPairCodecFactory.java
index b4d96e2e2..70d8ea44c 100644
--- a/gnu/java/security/key/KeyPairCodecFactory.java
+++ b/gnu/java/security/key/KeyPairCodecFactory.java
@@ -1,5 +1,5 @@
 /* KeyPairCodecFactory.java --
-   Copyright 2001, 2002, 2006, 2014 Free Software Foundation, Inc.
+   Copyright 2001, 2002, 2006, 2014, 2015 Free Software Foundation, Inc.
 
 This file is a part of GNU Classpath.
 
@@ -154,13 +154,14 @@ public class KeyPairCodecFactory
         return getX509Codec(name);
       case Registry.PKCS8_ENCODING_ID:
         return getPKCS8Codec(name);
+      default:
+	return null;
       }
 
-    return null;
   }
 
   /**
-   * Returns an instance of a keypair codec given a key.
+   * Returns an instance of a keypair codec, given a key.
    *
    * @param key the key to encode.
    * @return an instance of the keypair codec, or <code>null</code> if none
@@ -184,9 +185,10 @@ public class KeyPairCodecFactory
         return getX509Codec(key);
       case Registry.PKCS8_ENCODING_ID:
         return getPKCS8Codec(key);
+      default:
+	return null;
       }
 
-    return null;
   }
 
   /**
diff --git a/gnu/java/security/key/dss/DSSKey.java b/gnu/java/security/key/dss/DSSKey.java
index ed356ef38..e46ec0a72 100644
--- a/gnu/java/security/key/dss/DSSKey.java
+++ b/gnu/java/security/key/dss/DSSKey.java
@@ -1,5 +1,5 @@
 /* DSSKey.java --
-   Copyright 2001, 2002, 2003, 2006, 2014 Free Software Foundation, Inc.
+   Copyright 2001, 2002, 2003, 2006, 2014, 2015 Free Software Foundation, Inc.
 
 This file is a part of GNU Classpath.
 
@@ -50,6 +50,7 @@ import java.security.Key;
 import java.security.interfaces.DSAKey;
 import java.security.interfaces.DSAParams;
 import java.security.spec.DSAParameterSpec;
+import java.util.Objects;
 
 /**
  * A base asbtract class for both public and private DSS (Digital Signature
@@ -128,22 +129,26 @@ public abstract class DSSKey
     this.g = g;
   }
 
+  @Override
   public DSAParams getParams()
   {
     return new DSAParameterSpec(p, q, g);
   }
 
+  @Override
   public String getAlgorithm()
   {
     return "DSA";
   }
 
   /** @deprecated see getEncoded(int). */
+  @Override @Deprecated
   public byte[] getEncoded()
   {
     return getEncoded(defaultFormat);
   }
 
+  @Override
   public String getFormat()
   {
     return FormatUtil.getEncodingShortName(defaultFormat);
@@ -163,6 +168,7 @@ public abstract class DSSKey
    * @return <code>true</code> if the designated object is of the same type
    *         and value as this one.
    */
+  @Override
   public boolean equals(Object obj)
   {
     if (hasInheritedParameters())
@@ -180,11 +186,24 @@ public abstract class DSSKey
            && g.equals(that.getParams().getG());
   }
 
+  /**
+   * Returns the hash code of the key, computed from its
+   * parameter values.
+   *
+   * @return the hash code.
+   */
+  @Override
+  public int hashCode()
+  {
+    return Objects.hash(p, q, g);
+  }
+
+  @Override
   public String toString()
   {
     if (str == null)
       {
-        String ls = (String) AccessController.doPrivileged(new GetPropertyAction("line.separator"));
+        String ls = AccessController.doPrivileged(new GetPropertyAction("line.separator"));
         CPStringBuilder sb = new CPStringBuilder(ls)
             .append("defaultFormat=").append(defaultFormat).append(",")
             .append(ls);
diff --git a/gnu/java/security/key/dss/DSSKeyPairGenerator.java b/gnu/java/security/key/dss/DSSKeyPairGenerator.java
index fe1eeb683..439377d6b 100644
--- a/gnu/java/security/key/dss/DSSKeyPairGenerator.java
+++ b/gnu/java/security/key/dss/DSSKeyPairGenerator.java
@@ -288,12 +288,9 @@ public class DSSKeyPairGenerator
 		  throw new IllegalArgumentException(
                     "Does not provide default parameters for " + L
                     + "-bit modulus length");
-		else
-		  {
-		    p = null;
-		    q = null;
-		    g = null;
-		  }
+		p = null;
+		q = null;
+		g = null;
 	      }
 	  }
 	else
@@ -326,7 +323,6 @@ public class DSSKeyPairGenerator
   {
     if (p == null)
       {
-	System.err.println("Attempting to generate parameters for modulus of length " + L);
         BigInteger[] params = new FIPS186(L, rnd).generateParameters();
         seed = params[FIPS186.DSA_PARAMS_SEED];
         counter = params[FIPS186.DSA_PARAMS_COUNTER];
diff --git a/gnu/java/security/key/dss/DSSKeyPairRawCodec.java b/gnu/java/security/key/dss/DSSKeyPairRawCodec.java
index 5b93c6b1e..f0dc0d7a3 100644
--- a/gnu/java/security/key/dss/DSSKeyPairRawCodec.java
+++ b/gnu/java/security/key/dss/DSSKeyPairRawCodec.java
@@ -1,5 +1,6 @@
 /* DSSKeyPairRawCodec.java --
-   Copyright 2001, 2002, 2003, 2006 Free Software Foundation, Inc.
+   Copyright 2001, 2002, 2003, 2006, 2015
+   Free Software Foundation, Inc.
 
 This file is a part of GNU Classpath.
 
@@ -55,6 +56,7 @@ public class DSSKeyPairRawCodec
 {
   // implicit 0-arguments constructor
 
+  @Override
   public int getFormatID()
   {
     return RAW_FORMAT;
@@ -99,6 +101,7 @@ public class DSSKeyPairRawCodec
    *           (Digital Signature Standard) one.
    * @see Registry#MAGIC_RAW_DSS_PUBLIC_KEY
    */
+  @Override
   public byte[] encodePublicKey(PublicKey key)
   {
     if (! (key instanceof DSSPublicKey))
@@ -148,6 +151,7 @@ public class DSSKeyPairRawCodec
     return baos.toByteArray();
   }
 
+  @Override
   public PublicKey decodePublicKey(byte[] k)
   {
     // magic
@@ -241,6 +245,7 @@ public class DSSKeyPairRawCodec
    * @throws IllegalArgumentException if the designated key is not a DSS
    *           (Digital Signature Standard) one.
    */
+  @Override
   public byte[] encodePrivateKey(PrivateKey key)
   {
     if (! (key instanceof DSSPrivateKey))
@@ -290,6 +295,7 @@ public class DSSKeyPairRawCodec
     return baos.toByteArray();
   }
 
+  @Override
   public PrivateKey decodePrivateKey(byte[] k)
   {
     // magic
diff --git a/gnu/java/security/key/dss/DSSKeyPairX509Codec.java b/gnu/java/security/key/dss/DSSKeyPairX509Codec.java
index 678924851..11bd22ef1 100644
--- a/gnu/java/security/key/dss/DSSKeyPairX509Codec.java
+++ b/gnu/java/security/key/dss/DSSKeyPairX509Codec.java
@@ -1,5 +1,5 @@
 /* DSSKeyPairX509Codec.java -- X.509 Encoding/Decoding handler
-   Copyright (C) 2006, 2014 Free Software Foundation, Inc.
+   Copyright (C) 2006, 2014, 2015 Free Software Foundation, Inc.
 
 This file is part of GNU Classpath.
 
@@ -67,6 +67,7 @@ public class DSSKeyPairX509Codec
 
   // implicit 0-arguments constructor
 
+  @Override
   public int getFormatID()
   {
     return X509_FORMAT;
@@ -116,6 +117,7 @@ public class DSSKeyPairX509Codec
    *        of {@link DSSPublicKey} or if an exception occurs during the
    *        marshalling process.
    */
+  @Override
   public byte[] encodePublicKey(PublicKey key)
   {
     if (! (key instanceof DSSPublicKey))
@@ -179,6 +181,7 @@ public class DSSKeyPairX509Codec
   /**
    * @throws InvalidParameterException ALWAYS.
    */
+  @Override
   public byte[] encodePrivateKey(PrivateKey key)
   {
     throw new InvalidParameterException("Wrong format for private keys");
@@ -192,6 +195,7 @@ public class DSSKeyPairX509Codec
    * @throw InvalidParameterException if an exception occurs during the
    *        unmarshalling process.
    */
+  @Override
   public PublicKey decodePublicKey(byte[] input)
   {
     if (input == null)
@@ -269,6 +273,7 @@ public class DSSKeyPairX509Codec
   /**
    * @throws InvalidParameterException ALWAYS.
    */
+  @Override
   public PrivateKey decodePrivateKey(byte[] input)
   {
     throw new InvalidParameterException("Wrong format for private keys");
diff --git a/gnu/java/security/key/dss/DSSPrivateKey.java b/gnu/java/security/key/dss/DSSPrivateKey.java
index 4b3ccc72d..134c977ec 100644
--- a/gnu/java/security/key/dss/DSSPrivateKey.java
+++ b/gnu/java/security/key/dss/DSSPrivateKey.java
@@ -1,5 +1,6 @@
 /* DSSPrivateKey.java --
-   Copyright 2001, 2002, 2003, 2006, 2014 Free Software Foundation, Inc.
+   Copyright 2001, 2002, 2003, 2006, 2014, 2015
+   Free Software Foundation, Inc.
 
 This file is a part of GNU Classpath.
 
@@ -47,7 +48,6 @@ import gnu.java.security.key.IKeyPairCodec;
 
 import java.math.BigInteger;
 import java.security.AccessController;
-import java.security.PrivateKey;
 import java.security.interfaces.DSAPrivateKey;
 
 /**
@@ -57,7 +57,7 @@ import java.security.interfaces.DSAPrivateKey;
  */
 public class DSSPrivateKey
     extends DSSKey
-    implements PrivateKey, DSAPrivateKey
+    implements DSAPrivateKey
 {
   private static final long serialVersionUID = -4273348785094844114L;
 
@@ -135,6 +135,7 @@ public class DSSPrivateKey
     return (DSSPrivateKey) new DSSKeyPairPKCS8Codec().decodePrivateKey(k);
   }
 
+  @Override
   public BigInteger getX()
   {
     return x;
@@ -150,6 +151,7 @@ public class DSSPrivateKey
    * @exception IllegalArgumentException if the format is not supported.
    * @see DSSKeyPairRawCodec
    */
+  @Override
   public byte[] getEncoded(int format)
   {
     byte[] result;
@@ -177,6 +179,7 @@ public class DSSPrivateKey
    * @return <code>true</code> if the designated object is of the same type
    *         and value as this one.
    */
+  @Override
   public boolean equals(Object obj)
   {
     if (obj == null)
@@ -189,11 +192,26 @@ public class DSSPrivateKey
     return super.equals(that) && x.equals(that.getX());
   }
 
+  /**
+   * Provides a hash code for this object using the DSA
+   * parameter values, mirroring the {@link #equals(Object)}
+   * implementation.
+   *
+   * @return the hash code of this object.
+   * @see #equals(Object)
+   */
+  @Override
+  public int hashCode()
+  {
+    return 31 * super.hashCode() + x.hashCode();
+  }
+
+  @Override
   public String toString()
   {
     if (str == null)
       {
-        String ls = (String) AccessController.doPrivileged
+        String ls = AccessController.doPrivileged
             (new GetPropertyAction("line.separator"));
         str = new CPStringBuilder(this.getClass().getName()).append("(")
             .append(super.toString()).append(",").append(ls)
diff --git a/gnu/java/security/key/dss/DSSPublicKey.java b/gnu/java/security/key/dss/DSSPublicKey.java
index 0f4c08e78..91031c9e7 100644
--- a/gnu/java/security/key/dss/DSSPublicKey.java
+++ b/gnu/java/security/key/dss/DSSPublicKey.java
@@ -1,5 +1,6 @@
 /* DSSPublicKey.java --
-   Copyright 2001, 2002, 2003, 2006, 2014 Free Software Foundation, Inc.
+   Copyright 2001, 2002, 2003, 2006, 2014, 2015
+   Free Software Foundation, Inc.
 
 This file is a part of GNU Classpath.
 
@@ -46,7 +47,6 @@ import gnu.java.security.key.IKeyPairCodec;
 
 import java.math.BigInteger;
 import java.security.AccessController;
-import java.security.PublicKey;
 import java.security.interfaces.DSAPublicKey;
 
 /**
@@ -56,7 +56,7 @@ import java.security.interfaces.DSAPublicKey;
  */
 public class DSSPublicKey
     extends DSSKey
-    implements PublicKey, DSAPublicKey
+    implements DSAPublicKey
 {
   private  static final long serialVersionUID = 4662188565230532792L;
 
@@ -134,6 +134,7 @@ public class DSSPublicKey
     return (DSSPublicKey) new DSSKeyPairX509Codec().decodePublicKey(k);
   }
 
+  @Override
   public BigInteger getY()
   {
     return y;
@@ -149,6 +150,7 @@ public class DSSPublicKey
    * @exception IllegalArgumentException if the format is not supported.
    * @see DSSKeyPairRawCodec
    */
+  @Override
   public byte[] getEncoded(int format)
   {
     byte[] result;
@@ -176,6 +178,7 @@ public class DSSPublicKey
    * @return <code>true</code> if the designated object is of the same type
    *         and value as this one.
    */
+  @Override
   public boolean equals(Object obj)
   {
     if (obj == null)
@@ -188,11 +191,26 @@ public class DSSPublicKey
     return super.equals(that) && y.equals(that.getY());
   }
 
+  /**
+   * Provides a hash code for this object using the DSA
+   * parameter values, mirroring the {@link #equals(Object)}
+   * implementation.
+   *
+   * @return the hash code of this object.
+   * @see #equals(Object)
+   */
+  @Override
+  public int hashCode()
+  {
+    return 31 * super.hashCode() + y.hashCode();
+  }
+
+  @Override
   public String toString()
   {
     if (str == null)
       {
-        String ls = (String) AccessController.doPrivileged
+        String ls = AccessController.doPrivileged
             (new GetPropertyAction("line.separator"));
         str = new CPStringBuilder(this.getClass().getName()).append("(")
             .append(super.toString()).append(",").append(ls)
diff --git a/gnu/java/security/key/rsa/GnuRSAKey.java b/gnu/java/security/key/rsa/GnuRSAKey.java
index 543ebdc56..8954f7574 100644
--- a/gnu/java/security/key/rsa/GnuRSAKey.java
+++ b/gnu/java/security/key/rsa/GnuRSAKey.java
@@ -48,6 +48,7 @@ import java.math.BigInteger;
 import java.security.AccessController;
 import java.security.Key;
 import java.security.interfaces.RSAKey;
+import java.util.Objects;
 
 /**
  * A base asbtract class for both public and private RSA keys.
@@ -90,22 +91,26 @@ public abstract class GnuRSAKey
     this.e = e;
   }
 
+  @Override
   public BigInteger getModulus()
   {
     return getN();
   }
 
+  @Override
   public String getAlgorithm()
   {
     return "RSA";
   }
 
   /** @deprecated see getEncoded(int). */
+  @Override @Deprecated
   public byte[] getEncoded()
   {
     return getEncoded(defaultFormat);
   }
 
+  @Override
   public String getFormat()
   {
     return FormatUtil.getEncodingShortName(defaultFormat);
@@ -149,6 +154,7 @@ public abstract class GnuRSAKey
    * @return <code>true</code> if the designated object is of the same type
    *         and value as this one.
    */
+  @Override
   public boolean equals(final Object obj)
   {
     if (obj == null)
@@ -161,11 +167,24 @@ public abstract class GnuRSAKey
     return n.equals(that.getModulus());
   }
 
+  /**
+   * Provides a hash code for this object using the RSA
+   * modulus.
+   *
+   * @return the hash code of this object.
+   */
+  @Override
+  public int hashCode()
+  {
+    return Objects.hash(n);
+  }
+
+  @Override
   public String toString()
   {
     if (str == null)
       {
-        String ls = (String) AccessController.doPrivileged
+        String ls = AccessController.doPrivileged
             (new GetPropertyAction("line.separator"));
         str = new CPStringBuilder(ls)
             .append("defaultFormat=").append(defaultFormat).append(",").append(ls)
diff --git a/gnu/java/security/key/rsa/GnuRSAPrivateKey.java b/gnu/java/security/key/rsa/GnuRSAPrivateKey.java
index 379650a81..5bc4dd878 100644
--- a/gnu/java/security/key/rsa/GnuRSAPrivateKey.java
+++ b/gnu/java/security/key/rsa/GnuRSAPrivateKey.java
@@ -1,5 +1,6 @@
 /* GnuRSAPrivateKey.java --
-   Copyright 2001, 2002, 2003, 2006, 2014 Free Software Foundation, Inc.
+   Copyright 2001, 2002, 2003, 2006, 2014, 2015
+   Free Software Foundation, Inc.
 
 This file is a part of GNU Classpath.
 
@@ -47,9 +48,9 @@ import gnu.java.security.key.IKeyPairCodec;
 
 import java.math.BigInteger;
 import java.security.AccessController;
-import java.security.PrivateKey;
 import java.security.interfaces.RSAPrivateCrtKey;
 import java.security.interfaces.RSAPrivateKey;
+import java.util.Objects;
 
 /**
  * An object that embodies an RSA private key.
@@ -65,7 +66,7 @@ import java.security.interfaces.RSAPrivateKey;
  */
 public class GnuRSAPrivateKey
     extends GnuRSAKey
-    implements PrivateKey, RSAPrivateCrtKey
+    implements RSAPrivateCrtKey
 {
   private static final long serialVersionUID = -2208207842306185913L;
 
@@ -198,31 +199,37 @@ public class GnuRSAPrivateKey
     return (GnuRSAPrivateKey) new RSAKeyPairPKCS8Codec().decodePrivateKey(k);
   }
 
+  @Override
   public BigInteger getPrimeP()
   {
     return p;
   }
 
+  @Override
   public BigInteger getPrimeQ()
   {
     return q;
   }
 
+  @Override
   public BigInteger getPrimeExponentP()
   {
     return dP;
   }
 
+  @Override
   public BigInteger getPrimeExponentQ()
   {
     return dQ;
   }
 
+  @Override
   public BigInteger getCrtCoefficient()
   {
     return qInv;
   }
 
+  @Override
   public BigInteger getPrivateExponent()
   {
     return d;
@@ -239,6 +246,7 @@ public class GnuRSAPrivateKey
    * @see RSAKeyPairRawCodec
    * @see RSAKeyPairPKCS8Codec
    */
+  @Override
   public byte[] getEncoded(int format)
   {
     final byte[] result;
@@ -265,6 +273,7 @@ public class GnuRSAPrivateKey
    * @return <code>true</code> if the designated object is of the same type
    *         and value as this one.
    */
+  @Override
   public boolean equals(final Object obj)
   {
     if (obj == null)
@@ -287,11 +296,24 @@ public class GnuRSAPrivateKey
     return false;
   }
 
+  /**
+   * Provides a hash code for this object using the RSA
+   * parameter values.
+   *
+   * @return the hash code of this object.
+   */
+  @Override
+  public int hashCode()
+  {
+    return Objects.hash(p, q, dP, dQ, qInv);
+  }
+
+  @Override
   public String toString()
   {
     if (str == null)
       {
-        String ls = (String) AccessController.doPrivileged
+        String ls = AccessController.doPrivileged
             (new GetPropertyAction("line.separator"));
         str = new CPStringBuilder(this.getClass().getName()).append("(")
             .append(super.toString()).append(",").append(ls)
diff --git a/gnu/java/security/key/rsa/GnuRSAPublicKey.java b/gnu/java/security/key/rsa/GnuRSAPublicKey.java
index b8e1ea5b1..917012ce3 100644
--- a/gnu/java/security/key/rsa/GnuRSAPublicKey.java
+++ b/gnu/java/security/key/rsa/GnuRSAPublicKey.java
@@ -1,5 +1,6 @@
 /* GnuRSAPublicKey.java --
-   Copyright 2001, 2002, 2003, 2006, 2014 Free Software Foundation, Inc.
+   Copyright 2001, 2002, 2003, 2006, 2014, 2015
+   Free Software Foundation, Inc.
 
 This file is a part of GNU Classpath.
 
@@ -46,7 +47,6 @@ import gnu.java.security.key.IKeyPairCodec;
 
 import java.math.BigInteger;
 import java.security.AccessController;
-import java.security.PublicKey;
 import java.security.interfaces.RSAPublicKey;
 
 /**
@@ -63,7 +63,7 @@ import java.security.interfaces.RSAPublicKey;
  */
 public class GnuRSAPublicKey
     extends GnuRSAKey
-    implements PublicKey, RSAPublicKey
+    implements RSAPublicKey
 {
   private static final long serialVersionUID = -1206860366945100193L;
 
@@ -137,6 +137,7 @@ public class GnuRSAPublicKey
    * @throws IllegalArgumentException if the format is not supported.
    * @see RSAKeyPairRawCodec
    */
+  @Override
   public byte[] getEncoded(final int format)
   {
     final byte[] result;
@@ -163,6 +164,7 @@ public class GnuRSAPublicKey
    * @return <code>true</code> if the designated object is of the same type
    *         and value as this one.
    */
+  @Override
   public boolean equals(final Object obj)
   {
     if (obj == null)
@@ -176,11 +178,27 @@ public class GnuRSAPublicKey
            && getPublicExponent().equals(that.getPublicExponent());
   }
 
+  /**
+   * Provides a hash code for this object using the RSA
+   * modulus and public exponent, matching the comparisons
+   * used for the {@link #equals(Object)} implementation.
+   *
+   * @return the hash code of this object.
+   * @see #equals(Object)
+   */
+
+  @Override
+  public int hashCode()
+  {
+    return 31 * super.hashCode() + getPublicExponent().hashCode();
+  }
+
+  @Override
   public String toString()
   {
     if (str == null)
       {
-        String ls = (String) AccessController.doPrivileged
+        String ls = AccessController.doPrivileged
             (new GetPropertyAction("line.separator"));
         str = new CPStringBuilder(this.getClass().getName()).append("(")
             .append(super.toString()).append(",").append(ls)
diff --git a/gnu/java/security/key/rsa/RSAKeyPairPKCS8Codec.java b/gnu/java/security/key/rsa/RSAKeyPairPKCS8Codec.java
index ec9874d80..0eece5645 100644
--- a/gnu/java/security/key/rsa/RSAKeyPairPKCS8Codec.java
+++ b/gnu/java/security/key/rsa/RSAKeyPairPKCS8Codec.java
@@ -1,5 +1,5 @@
 /* RSAKeyPairPKCS8Codec.java -- PKCS#8 Encoding/Decoding handler
-   Copyright (C) 2006, 2010, 2014  Free Software Foundation, Inc.
+   Copyright (C) 2006, 2010, 2014, 2015  Free Software Foundation, Inc.
 
 This file is part of GNU Classpath.
 
@@ -71,6 +71,7 @@ public class RSAKeyPairPKCS8Codec
 
   // implicit 0-arguments constructor
 
+  @Override
   public int getFormatID()
   {
     return PKCS8_FORMAT;
@@ -79,6 +80,7 @@ public class RSAKeyPairPKCS8Codec
   /**
    * @throws InvalidParameterException ALWAYS.
    */
+  @Override
   public byte[] encodePublicKey(PublicKey key)
   {
     throw new InvalidParameterException("Wrong format for public keys");
@@ -124,6 +126,7 @@ public class RSAKeyPairPKCS8Codec
    * @throw InvalidParameterException if an error occurs during the marshalling
    *        process.
    */
+  @Override
   public byte[] encodePrivateKey(PrivateKey key)
   {
     if (Configuration.DEBUG)
@@ -203,6 +206,7 @@ public class RSAKeyPairPKCS8Codec
   /**
    * @throws InvalidParameterException ALWAYS.
    */
+  @Override
   public PublicKey decodePublicKey(byte[] input)
   {
     throw new InvalidParameterException("Wrong format for public keys");
@@ -216,6 +220,7 @@ public class RSAKeyPairPKCS8Codec
    * @throw InvalidParameterException if an exception occurs during the
    *        unmarshalling process.
    */
+  @Override
   public PrivateKey decodePrivateKey(byte[] input)
   {
     if (Configuration.DEBUG)
diff --git a/gnu/java/security/key/rsa/RSAKeyPairRawCodec.java b/gnu/java/security/key/rsa/RSAKeyPairRawCodec.java
index f088e794e..b3fb95334 100644
--- a/gnu/java/security/key/rsa/RSAKeyPairRawCodec.java
+++ b/gnu/java/security/key/rsa/RSAKeyPairRawCodec.java
@@ -1,5 +1,6 @@
 /* RSAKeyPairRawCodec.java --
-   Copyright 2001, 2002, 2003, 2006 Free Software Foundation, Inc.
+   Copyright 2001, 2002, 2003, 2006, 2015
+   Free Software Foundation, Inc.
 
 This file is a part of GNU Classpath.
 
@@ -55,6 +56,7 @@ public class RSAKeyPairRawCodec
 {
   // implicit 0-arguments constructor
 
+  @Override
   public int getFormatID()
   {
     return RAW_FORMAT;
@@ -87,6 +89,7 @@ public class RSAKeyPairRawCodec
    * @exception IllegalArgumentException if the designated key is not an RSA
    *                                     one.
    */
+  @Override
   public byte[] encodePublicKey(PublicKey key)
   {
     if (! (key instanceof GnuRSAPublicKey))
@@ -120,6 +123,7 @@ public class RSAKeyPairRawCodec
     return baos.toByteArray();
   }
 
+  @Override
   public PublicKey decodePublicKey(byte[] k)
   {
     // magic
@@ -194,6 +198,7 @@ public class RSAKeyPairRawCodec
    * @param key the key to encode.
    * @return the <i>Raw</i> format encoding of the designated key.
    */
+  @Override
   public byte[] encodePrivateKey(PrivateKey key)
   {
     if (! (key instanceof GnuRSAPrivateKey))
@@ -243,6 +248,7 @@ public class RSAKeyPairRawCodec
     return baos.toByteArray();
   }
 
+  @Override
   public PrivateKey decodePrivateKey(byte[] k)
   {
     // magic
diff --git a/gnu/java/security/pkcs/PKCS7SignedData.java b/gnu/java/security/pkcs/PKCS7SignedData.java
index eccd69141..ea62ec9dc 100644
--- a/gnu/java/security/pkcs/PKCS7SignedData.java
+++ b/gnu/java/security/pkcs/PKCS7SignedData.java
@@ -1,5 +1,6 @@
 /* PKCS7SignedData.java -- reader/writer for PKCS#7 signedData objects
-   Copyright (C) 2004, 2005, 2006, 2010, 2014  Free Software Foundation, Inc.
+   Copyright (C) 2004, 2005, 2006, 2010, 2014, 2015
+   Free Software Foundation, Inc.
 
 This file is part of GNU Classpath.
 
@@ -161,7 +162,7 @@ public class PKCS7SignedData
       throw new BEREncodingException("malformed ContentInfo");
 
     val = ber.read();
-    if (val.getTag() != BER.OBJECT_IDENTIFIER)
+    if (val.getTag() != DER.OBJECT_IDENTIFIER)
       throw new BEREncodingException("malformed ContentType");
 
     if (!PKCS7_SIGNED_DATA.equals(val.getValue()))
@@ -179,7 +180,7 @@ public class PKCS7SignedData
       log.fine("SignedData: " + val);
 
     val = ber.read();
-    if (val.getTag() != BER.INTEGER)
+    if (val.getTag() != DER.INTEGER)
       throw new BEREncodingException("expecting Version");
     version = (BigInteger) val.getValue();
     if (Configuration.DEBUG)
@@ -238,7 +239,7 @@ public class PKCS7SignedData
     if (Configuration.DEBUG)
       log.fine("  ContentInfo: " + val);
     val2 = ber.read();
-    if (val2.getTag() != BER.OBJECT_IDENTIFIER)
+    if (val2.getTag() != DER.OBJECT_IDENTIFIER)
       throw new BEREncodingException("malformed ContentType");
 
     contentType = (OID) val2.getValue();
@@ -295,20 +296,20 @@ public class PKCS7SignedData
           log.fine("  CertificateRevocationLists: " + val);
         count = 0;
         val2 = ber.read();
-        List<CRL> crls = new LinkedList<CRL>();
+        List<CRL> generatedCRLs = new LinkedList<CRL>();
         while (val2 != BER.END_OF_SEQUENCE &&
                (val.getLength() > 0 && val.getLength() > count))
           {
             CRL crl = x509.generateCRL(new ByteArrayInputStream(val2.getEncoded()));
             if (Configuration.DEBUG)
               log.fine("    CRL: " + crl);
-            crls.add(crl);
+            generatedCRLs.add(crl);
             count += val2.getEncodedLength();
             ber.skip(val2.getLength());
             if (BERValue.isIndefinite(val) || val.getLength() > count)
               val2 = ber.read();
           }
-        this.crls = crls.toArray(new CRL[crls.size()]);
+        crls = generatedCRLs.toArray(new CRL[generatedCRLs.size()]);
         val = ber.read();
       }
 
diff --git a/gnu/java/security/pkcs/SignerInfo.java b/gnu/java/security/pkcs/SignerInfo.java
index 155eaaefa..6547d437b 100644
--- a/gnu/java/security/pkcs/SignerInfo.java
+++ b/gnu/java/security/pkcs/SignerInfo.java
@@ -1,5 +1,6 @@
 /* SignerInfo.java -- a SignerInfo object, from PKCS #7
-   Copyright (C) 2004, 2005, 2010. 2014  Free Software Foundation, Inc.
+   Copyright (C) 2004, 2005, 2010. 2014, 2015
+   Free Software Foundation, Inc.
 
 This file is part of GNU Classpath.
 
@@ -108,7 +109,7 @@ public class SignerInfo
       throw new BEREncodingException("malformed SignerInfo");
 
     val = ber.read();
-    if (val.getTag() != BER.INTEGER)
+    if (val.getTag() != DER.INTEGER)
       throw new BEREncodingException("malformed Version");
 
     version = (BigInteger) val.getValue();
@@ -131,7 +132,7 @@ public class SignerInfo
       log.fine("    Issuer: " + issuer);
 
     val = ber.read();
-    if (val.getTag() != BER.INTEGER)
+    if (val.getTag() != DER.INTEGER)
       throw new BEREncodingException("malformed SerialNumber");
 
     serialNumber = (BigInteger) val.getValue();
@@ -145,7 +146,7 @@ public class SignerInfo
       log.fine("  DigestAlgorithmIdentifier: " + val);
 
     DERValue val2 = ber.read();
-    if (val2.getTag() != BER.OBJECT_IDENTIFIER)
+    if (val2.getTag() != DER.OBJECT_IDENTIFIER)
       throw new BEREncodingException("malformed AlgorithmIdentifier");
 
     digestAlgorithmId = (OID) val2.getValue();
@@ -205,7 +206,7 @@ public class SignerInfo
     if (Configuration.DEBUG)
       log.fine("  DigestEncryptionAlgorithmIdentifier: " + val);
     val2 = ber.read();
-    if (val2.getTag() != BER.OBJECT_IDENTIFIER)
+    if (val2.getTag() != DER.OBJECT_IDENTIFIER)
       throw new BEREncodingException("malformed AlgorithmIdentifier");
 
     digestEncryptionAlgorithmId = (OID) val2.getValue();
@@ -242,7 +243,7 @@ public class SignerInfo
                                  "    digestEncryptionAlgorithm params: "));
       }
     val = ber.read();
-    if (val.getTag() != BER.OCTET_STRING)
+    if (val.getTag() != DER.OCTET_STRING)
       throw new BEREncodingException("malformed EncryptedDigest");
 
     encryptedDigest = (byte[]) val.getValue();
diff --git a/gnu/java/security/prng/BasePRNG.java b/gnu/java/security/prng/BasePRNG.java
index 35b6c441a..d9453b558 100644
--- a/gnu/java/security/prng/BasePRNG.java
+++ b/gnu/java/security/prng/BasePRNG.java
@@ -1,5 +1,6 @@
 /* BasePRNG.java --
-   Copyright (C) 2001, 2002, 2006, 2014 Free Software Foundation, Inc.
+   Copyright (C) 2001, 2002, 2006, 2014, 2015
+   Free Software Foundation, Inc.
 
 This file is a part of GNU Classpath.
 
@@ -143,13 +144,13 @@ public abstract class BasePRNG
   }
 
   @Override  
-  public void addRandomBytes(byte[] buffer)
+  public void addRandomBytes(byte[] buf)
   {
-    addRandomBytes(buffer, 0, buffer.length);
+    addRandomBytes(buf, 0, buf.length);
   }
 
   @Override
-  public void addRandomBytes(byte[] buffer, int offset, int length)
+  public void addRandomBytes(byte[] buf, int offset, int length)
   {
     throw new UnsupportedOperationException("random state is non-modifiable");
   }
@@ -174,8 +175,8 @@ public abstract class BasePRNG
   public Object clone() throws CloneNotSupportedException
   {
     BasePRNG result = (BasePRNG) super.clone();
-    if (this.buffer != null)
-      result.buffer = (byte[]) this.buffer.clone();
+    if (buffer != null)
+      result.buffer = buffer.clone();
 
     return result;
   }
diff --git a/gnu/java/security/prng/MDGenerator.java b/gnu/java/security/prng/MDGenerator.java
index 66c1bd85a..781d139c8 100644
--- a/gnu/java/security/prng/MDGenerator.java
+++ b/gnu/java/security/prng/MDGenerator.java
@@ -1,5 +1,6 @@
 /* MDGenerator.java --
-   Copyright (C) 2001, 2002, 2006, 2014  Free Software Foundation, Inc.
+   Copyright (C) 2001, 2002, 2006, 2014, 2015
+   Free Software Foundation, Inc.
 
 This file is a part of GNU Classpath.
 
@@ -54,7 +55,6 @@ import java.util.Map;
  */
 public class MDGenerator
     extends BasePRNG
-    implements Cloneable
 {
   /** Property name of underlying hash algorithm for this generator. */
   public static final String MD_NAME = "gnu.crypto.prng.md.hash.name";
diff --git a/gnu/java/security/prng/RandomEvent.java b/gnu/java/security/prng/RandomEvent.java
index eea21b576..674b52959 100644
--- a/gnu/java/security/prng/RandomEvent.java
+++ b/gnu/java/security/prng/RandomEvent.java
@@ -1,5 +1,5 @@
 /* RandomEvent.java -- an event with random data.
-   Copyright (C) 2004, 2006, 2014 Free Software Foundation, Inc.
+   Copyright (C) 2004, 2006, 2014, 2015 Free Software Foundation, Inc.
 
 This file is a part of GNU Classpath.
 
@@ -63,7 +63,7 @@ public class RandomEvent
     if (data.length == 0 || data.length > 32)
       throw new IllegalArgumentException(
           "random events take between 1 and 32 bytes of data");
-    this.data = (byte[]) data.clone();
+    this.data = data.clone();
   }
 
   public byte getSourceNumber()
diff --git a/gnu/java/security/provider/DefaultPolicy.java b/gnu/java/security/provider/DefaultPolicy.java
index 566c949da..d54b6a5dc 100644
--- a/gnu/java/security/provider/DefaultPolicy.java
+++ b/gnu/java/security/provider/DefaultPolicy.java
@@ -1,5 +1,5 @@
 /* DefaultPolicy.java --
-   Copyright (C) 2001, 2002 Free Software Foundation, Inc.
+   Copyright (C) 2001, 2002, 2015 Free Software Foundation, Inc.
 
 This file is part of GNU Classpath.
 
@@ -54,6 +54,7 @@ public class DefaultPolicy extends Policy
 {
   static Permission allPermission = new AllPermission();
 
+  @Override
   public PermissionCollection getPermissions(CodeSource codesource)
   {
     Permissions perms = new Permissions();
@@ -61,6 +62,7 @@ public class DefaultPolicy extends Policy
     return perms;
   }
 
+  @Override
   public void refresh()
   {
     // Nothing.
diff --git a/gnu/java/security/provider/Gnu.java b/gnu/java/security/provider/Gnu.java
index 1410d9cbf..b1d5c80b2 100644
--- a/gnu/java/security/provider/Gnu.java
+++ b/gnu/java/security/provider/Gnu.java
@@ -57,6 +57,7 @@ public final class Gnu
           + "key pair generator");
     AccessController.doPrivileged (new PrivilegedAction<Void>()
     {
+      @Override
       public Void run()
       {
         // Note that all implementation class names are referenced by using
diff --git a/gnu/java/security/provider/PKIXCertPathValidatorImpl.java b/gnu/java/security/provider/PKIXCertPathValidatorImpl.java
index 7d6169175..e7504b013 100644
--- a/gnu/java/security/provider/PKIXCertPathValidatorImpl.java
+++ b/gnu/java/security/provider/PKIXCertPathValidatorImpl.java
@@ -1,5 +1,6 @@
 /* PKIXCertPathValidatorImpl.java -- PKIX certificate path validator.
-   Copyright (C) 2004, 2005, 2006, 2010, 2014 Free Software Foundation, Inc.
+   Copyright (C) 2004, 2005, 2006, 2010, 2014, 2015
+   Free Software Foundation, Inc.
 
 This file is part of GNU Classpath.
 
@@ -110,6 +111,7 @@ public class PKIXCertPathValidatorImpl
     super();
   }
 
+  @Override
   public CertPathValidatorResult engineValidate(CertPath path,
                                                 CertPathParameters params)
       throws CertPathValidatorException, InvalidAlgorithmParameterException
@@ -144,7 +146,7 @@ public class PKIXCertPathValidatorImpl
     X509Certificate[] p = null;
     try
       {
-        p = (X509Certificate[]) l.toArray(new X509Certificate[l.size()]);
+        p = l.toArray(new X509Certificate[l.size()]);
       }
     catch (ClassCastException cce)
       {
@@ -287,8 +289,7 @@ public class PKIXCertPathValidatorImpl
                   continue;
                 if (xcrl.isRevoked(p[i - 1]))
                   throw new CertPathValidatorException("certificate is revoked");
-                else
-                  certOk = true;
+		certOk = true;
               }
             if (! certOk)
               throw new CertPathValidatorException(
@@ -672,7 +673,7 @@ public class PKIXCertPathValidatorImpl
       throw new CertPathValidatorException("policy tree building failed");
   }
 
-  private boolean checkExplicitPolicy(int depth, List<int[]> explicitPolicies)
+  private static boolean checkExplicitPolicy(int depth, List<int[]> explicitPolicies)
   {
     if (Configuration.DEBUG)
       log.fine("checkExplicitPolicy depth=" + depth);
diff --git a/gnu/java/security/provider/X509CertificateFactory.java b/gnu/java/security/provider/X509CertificateFactory.java
index 4fc13d238..a76913da6 100644
--- a/gnu/java/security/provider/X509CertificateFactory.java
+++ b/gnu/java/security/provider/X509CertificateFactory.java
@@ -1,5 +1,5 @@
 /* X509CertificateFactory.java -- generates X.509 certificates.
-   Copyright (C) 2003, 2014 Free Software Foundation, Inc.
+   Copyright (C) 2003, 2014, 2015 Free Software Foundation, Inc.
 
 This file is part of GNU Classpath.
 
@@ -183,7 +183,7 @@ public class X509CertificateFactory
     return X509CertPath.ENCODINGS.iterator();
   }
 
-  private X509Certificate generateCert(InputStream inStream)
+  private static X509Certificate generateCert(InputStream inStream)
       throws IOException, CertificateException
   {
     if (inStream == null)
@@ -235,15 +235,12 @@ public class X509CertificateFactory
           throw new CertificateException("no end-of-certificate marker");
         return ret;
       }
-    else
-      {
-        inStream.reset();
-        return new X509Certificate(inStream);
-      }
+    inStream.reset();
+    return new X509Certificate(inStream);
   }
 
-  private X509CRL generateCRL(InputStream inStream) throws IOException,
-      CRLException
+  private static X509CRL generateCRL(InputStream inStream)
+    throws IOException, CRLException
   {
     if (inStream == null)
       throw new CRLException("missing input stream");
@@ -294,10 +291,7 @@ public class X509CertificateFactory
           throw new CRLException("no end-of-CRL marker");
         return ret;
       }
-    else
-      {
-        inStream.reset();
-        return new X509CRL(inStream);
-      }
+    inStream.reset();
+    return new X509CRL(inStream);
   }
 }
diff --git a/gnu/java/security/sig/SignatureCodecFactory.java b/gnu/java/security/sig/SignatureCodecFactory.java
index 7bf04ff40..59ef812ed 100644
--- a/gnu/java/security/sig/SignatureCodecFactory.java
+++ b/gnu/java/security/sig/SignatureCodecFactory.java
@@ -1,5 +1,5 @@
 /* SignatureCodecFactory.java -- Factory to instantiate Signature codecs
-   Copyright (C) 2006, 2014 Free Software Foundation, Inc.
+   Copyright (C) 2006, 2014, 2015 Free Software Foundation, Inc.
 
 This file is part of GNU Classpath.
 
@@ -145,9 +145,9 @@ public class SignatureCodecFactory
         return getRawCodec(name);
       case Registry.X509_ENCODING_ID:
         return getX509Codec(name);
+      default:
+	return null;
       }
-
-    return null;
   }
 
   /**
diff --git a/gnu/java/security/sig/dss/DSSSignature.java b/gnu/java/security/sig/dss/DSSSignature.java
index 5e098e337..9b65df54e 100644
--- a/gnu/java/security/sig/dss/DSSSignature.java
+++ b/gnu/java/security/sig/dss/DSSSignature.java
@@ -220,7 +220,7 @@ public class DSSSignature
    * @return an object encapsulating the DSS signature pair <code>r</code> and
    *         <code>s</code>.
    */
-  private Object encodeSignature(BigInteger r, BigInteger s)
+  private static Object encodeSignature(BigInteger r, BigInteger s)
   {
     return new BigInteger[] { r, s };
   }
@@ -231,7 +231,7 @@ public class DSSSignature
    *
    * @return the DSS signature pair <code>r</code> and <code>s</code>.
    */
-  private BigInteger[] decodeSignature(Object signature)
+  private static BigInteger[] decodeSignature(Object signature)
   {
     return (BigInteger[]) signature;
   }
diff --git a/gnu/java/security/sig/dss/DSSSignatureRawCodec.java b/gnu/java/security/sig/dss/DSSSignatureRawCodec.java
index 169f84bd1..1c21d5ef6 100644
--- a/gnu/java/security/sig/dss/DSSSignatureRawCodec.java
+++ b/gnu/java/security/sig/dss/DSSSignatureRawCodec.java
@@ -1,5 +1,6 @@
 /* DSSSignatureRawCodec.java --
-   Copyright (C) 2001, 2002, 2003, 2006 Free Software Foundation, Inc.
+   Copyright (C) 2001, 2002, 2003, 2006, 2015
+   Free Software Foundation, Inc.
 
 This file is a part of GNU Classpath.
 
@@ -51,6 +52,7 @@ import java.math.BigInteger;
 public class DSSSignatureRawCodec
     implements ISignatureCodec
 {
+  @Override
   public int getFormatID()
   {
     return RAW_FORMAT;
@@ -86,6 +88,7 @@ public class DSSSignatureRawCodec
    * @exception IllegalArgumentException if the designated signature is not a
    *              DSS (Digital Signature Standard) one.
    */
+  @Override
   public byte[] encodeSignature(Object signature)
   {
     BigInteger r, s;
@@ -126,6 +129,7 @@ public class DSSSignatureRawCodec
     return baos.toByteArray();
   }
 
+  @Override
   public Object decodeSignature(byte[] k)
   {
     // magic
diff --git a/gnu/java/security/sig/dss/DSSSignatureX509Codec.java b/gnu/java/security/sig/dss/DSSSignatureX509Codec.java
index f7aeda4f0..6d97ccac5 100644
--- a/gnu/java/security/sig/dss/DSSSignatureX509Codec.java
+++ b/gnu/java/security/sig/dss/DSSSignatureX509Codec.java
@@ -1,5 +1,5 @@
 /* DSSSignatureX509Codec.java -- X.509 encoder/decoder for DSS signatures
-   Copyright (C) 2006, 2014 Free Software Foundation, Inc.
+   Copyright (C) 2006, 2014, 2015 Free Software Foundation, Inc.
 
 This file is part of GNU Classpath.
 
@@ -103,6 +103,7 @@ public class DSSSignatureX509Codec
 {
   // implicit 0-arguments constructor
 
+  @Override
   public int getFormatID()
   {
     return Registry.X509_ENCODING_ID;
@@ -123,6 +124,7 @@ public class DSSSignatureX509Codec
    * @throws InvalidParameterException if an exception occurs during the
    *           marshalling process.
    */
+  @Override
   public byte[] encodeSignature(Object signature)
   {
     BigInteger[] rs = (BigInteger[]) signature;
@@ -162,6 +164,7 @@ public class DSSSignatureX509Codec
    * @throw InvalidParameterException if an exception occurs during the
    *        unmarshalling process.
    */
+  @Override
   public Object decodeSignature(byte[] input)
   {
     if (input == null)
diff --git a/gnu/java/security/sig/rsa/EMSA_PKCS1_V1_5.java b/gnu/java/security/sig/rsa/EMSA_PKCS1_V1_5.java
index fad0ac552..905413595 100644
--- a/gnu/java/security/sig/rsa/EMSA_PKCS1_V1_5.java
+++ b/gnu/java/security/sig/rsa/EMSA_PKCS1_V1_5.java
@@ -1,5 +1,6 @@
 /* EMSA_PKCS1_V1_5.java --
-   Copyright (C) 2003, 2006, 2014 Free Software Foundation, Inc.
+   Copyright (C) 2003, 2006, 2014, 2015
+   Free Software Foundation, Inc.
 
 This file is a part of GNU Classpath.
 
@@ -171,6 +172,7 @@ public class EMSA_PKCS1_V1_5
     return new EMSA_PKCS1_V1_5(hash);
   }
 
+  @Override
   public Object clone()
   {
     return getInstance(hash.name());
diff --git a/gnu/java/security/sig/rsa/EMSA_PSS.java b/gnu/java/security/sig/rsa/EMSA_PSS.java
index 7a8e591a3..38a0af1ff 100644
--- a/gnu/java/security/sig/rsa/EMSA_PSS.java
+++ b/gnu/java/security/sig/rsa/EMSA_PSS.java
@@ -1,5 +1,6 @@
 /* EMSA_PSS.java --
-   Copyright (C) 2001, 2002, 2003, 2006, 2010 Free Software Foundation, Inc.
+   Copyright (C) 2001, 2002, 2003, 2006, 2010, 2015
+   Free Software Foundation, Inc.
 
 This file is a part of GNU Classpath.
 
@@ -109,6 +110,7 @@ public class EMSA_PSS
     return new EMSA_PSS(hash);
   }
 
+  @Override
   public Object clone()
   {
     return getInstance(hash.name());
diff --git a/gnu/java/security/sig/rsa/RSA.java b/gnu/java/security/sig/rsa/RSA.java
index 343b2cf65..9a99e2404 100644
--- a/gnu/java/security/sig/rsa/RSA.java
+++ b/gnu/java/security/sig/rsa/RSA.java
@@ -242,6 +242,7 @@ public class RSA
     return result;
   }
 
+  @SuppressWarnings("null") // r != null if rsaBlinding = true
   private static final BigInteger RSADP(final RSAPrivateKey K, BigInteger c)
   {
     // 1. If the representative c is not between 0 and n - 1, output
diff --git a/gnu/java/security/sig/rsa/RSAPKCS1V1_5Signature.java b/gnu/java/security/sig/rsa/RSAPKCS1V1_5Signature.java
index 1420331de..9e350b50e 100644
--- a/gnu/java/security/sig/rsa/RSAPKCS1V1_5Signature.java
+++ b/gnu/java/security/sig/rsa/RSAPKCS1V1_5Signature.java
@@ -1,5 +1,5 @@
 /* RSAPKCS1V1_5Signature.java --
-   Copyright (C) 2001, 2002, 2003, 2006 Free Software Foundation, Inc.
+   Copyright (C) 2001, 2002, 2003, 2006, 2015 Free Software Foundation, Inc.
 
 This file is a part of GNU Classpath.
 
@@ -111,11 +111,13 @@ public class RSAPKCS1V1_5Signature
     this.pkcs1 = (EMSA_PKCS1_V1_5) that.pkcs1.clone();
   }
 
+  @Override
   public Object clone()
   {
     return new RSAPKCS1V1_5Signature(this);
   }
 
+  @Override
   protected void setupForVerification(final PublicKey k)
       throws IllegalArgumentException
   {
@@ -125,6 +127,7 @@ public class RSAPKCS1V1_5Signature
     publicKey = k;
   }
 
+  @Override
   protected void setupForSigning(final PrivateKey k)
       throws IllegalArgumentException
   {
@@ -134,6 +137,7 @@ public class RSAPKCS1V1_5Signature
     privateKey = k;
   }
 
+  @Override
   protected Object generateSignature() throws IllegalStateException
   {
     // 1. EMSA-PKCS1-v1_5 encoding: Apply the EMSA-PKCS1-v1_5 encoding
@@ -163,6 +167,7 @@ public class RSAPKCS1V1_5Signature
     return RSA.I2OSP(s, k);
   }
 
+  @Override
   protected boolean verifySignature(final Object sig)
       throws IllegalStateException
   {
diff --git a/gnu/java/security/sig/rsa/RSAPKCS1V1_5SignatureRawCodec.java b/gnu/java/security/sig/rsa/RSAPKCS1V1_5SignatureRawCodec.java
index 548dc3deb..f1e09718a 100644
--- a/gnu/java/security/sig/rsa/RSAPKCS1V1_5SignatureRawCodec.java
+++ b/gnu/java/security/sig/rsa/RSAPKCS1V1_5SignatureRawCodec.java
@@ -1,5 +1,5 @@
 /* RSAPKCS1V1_5SignatureRawCodec.java -- Raw RSA PKCS1 v1.5 signature codeec
-   Copyright (C) 2006 Free Software Foundation, Inc.
+   Copyright (C) 2006, 2015 Free Software Foundation, Inc.
 
 This file is part of GNU Classpath.
 
@@ -50,6 +50,7 @@ import gnu.java.security.sig.ISignatureCodec;
 public class RSAPKCS1V1_5SignatureRawCodec
     implements ISignatureCodec
 {
+  @Override
   public int getFormatID()
   {
     return RAW_FORMAT;
@@ -79,6 +80,7 @@ public class RSAPKCS1V1_5SignatureRawCodec
    * @exception IllegalArgumentException if the designated signature is not an
    *              RSA-PKCS#1 (v1.5) one.
    */
+  @Override
   public byte[] encodeSignature(Object signature)
   {
     byte[] buffer;
@@ -124,6 +126,7 @@ public class RSAPKCS1V1_5SignatureRawCodec
    *           with the right <i>magic</i> characters, or if the <i>version</i>
    *           is not supported.
    */
+  @Override
   public Object decodeSignature(byte[] input)
   {
     // magic
diff --git a/gnu/java/security/sig/rsa/RSAPKCS1V1_5SignatureX509Codec.java b/gnu/java/security/sig/rsa/RSAPKCS1V1_5SignatureX509Codec.java
index ee8586f7d..c6fd5d340 100644
--- a/gnu/java/security/sig/rsa/RSAPKCS1V1_5SignatureX509Codec.java
+++ b/gnu/java/security/sig/rsa/RSAPKCS1V1_5SignatureX509Codec.java
@@ -1,5 +1,5 @@
 /* RSAPSSSignatureX509Codec.java -- X.509 encoder/decoder for RSA signatures
-   Copyright (C) 2006 Free Software Foundation, Inc.
+   Copyright (C) 2006, 2015 Free Software Foundation, Inc.
 
 This file is part of GNU Classpath.
 
@@ -87,6 +87,7 @@ public class RSAPKCS1V1_5SignatureX509Codec
 {
   // default 0-arguments constructor
 
+  @Override
   public int getFormatID()
   {
     return Registry.X509_ENCODING_ID;
@@ -103,6 +104,7 @@ public class RSAPKCS1V1_5SignatureX509Codec
    * @return the raw bytes of an RSA signature which could be then used as the
    *         contents of a BIT STRING as per rfc-2459.
    */
+  @Override
   public byte[] encodeSignature(Object signature)
   {
     byte[] result = (byte[]) signature;
@@ -118,6 +120,7 @@ public class RSAPKCS1V1_5SignatureX509Codec
    *         case of RSA PKCS1 (v1.5) this is the same as the input.
    * @throw InvalidParameterException if the <code>input</code> array is null.
    */
+  @Override
   public Object decodeSignature(byte[] input)
   {
     if (input == null)
diff --git a/gnu/java/security/sig/rsa/RSAPSSSignature.java b/gnu/java/security/sig/rsa/RSAPSSSignature.java
index 7b042f77f..f9aaade48 100644
--- a/gnu/java/security/sig/rsa/RSAPSSSignature.java
+++ b/gnu/java/security/sig/rsa/RSAPSSSignature.java
@@ -1,5 +1,6 @@
 /* RSAPSSSignature.java --
-   Copyright (C) 2001, 2002, 2003, 2006, 2010 Free Software Foundation, Inc.
+   Copyright (C) 2001, 2002, 2003, 2006, 2010, 2015
+   Free Software Foundation, Inc.
 
 This file is a part of GNU Classpath.
 
@@ -136,28 +137,32 @@ public class RSAPSSSignature
     this.pss = (EMSA_PSS) that.pss.clone();
   }
 
+  @Override
   public Object clone()
   {
     return new RSAPSSSignature(this);
   }
 
+  @Override
   protected void setupForVerification(PublicKey k)
       throws IllegalArgumentException
   {
     if (! (k instanceof RSAPublicKey))
       throw new IllegalArgumentException();
 
-    publicKey = (RSAPublicKey) k;
+    publicKey = k;
   }
 
+  @Override
   protected void setupForSigning(PrivateKey k) throws IllegalArgumentException
   {
     if (! (k instanceof RSAPrivateKey))
       throw new IllegalArgumentException();
 
-    privateKey = (RSAPrivateKey) k;
+    privateKey = k;
   }
 
+  @Override
   protected Object generateSignature() throws IllegalStateException
   {
     // 1. Apply the EMSA-PSS encoding operation to the message M to produce an
@@ -189,6 +194,7 @@ public class RSAPSSSignature
     return RSA.I2OSP(s, k);
   }
 
+  @Override
   protected boolean verifySignature(Object sig) throws IllegalStateException
   {
     if (publicKey == null)
diff --git a/gnu/java/security/sig/rsa/RSAPSSSignatureRawCodec.java b/gnu/java/security/sig/rsa/RSAPSSSignatureRawCodec.java
index b147ea3ea..7b1166291 100644
--- a/gnu/java/security/sig/rsa/RSAPSSSignatureRawCodec.java
+++ b/gnu/java/security/sig/rsa/RSAPSSSignatureRawCodec.java
@@ -1,5 +1,5 @@
 /* RSAPSSSignatureRawCodec.java --
-   Copyright (C) 2001, 2002, 2003, 2006 Free Software Foundation, Inc.
+   Copyright (C) 2001, 2002, 2003, 2006, 2015 Free Software Foundation, Inc.
 
 This file is a part of GNU Classpath.
 
@@ -52,6 +52,7 @@ public class RSAPSSSignatureRawCodec
 {
   // implicit 0-arguments constructor
 
+  @Override
   public int getFormatID()
   {
     return RAW_FORMAT;
@@ -80,6 +81,7 @@ public class RSAPSSSignatureRawCodec
    * @exception IllegalArgumentException if the designated signature is not an
    *              RSA-PSS one.
    */
+  @Override
   public byte[] encodeSignature(Object signature)
   {
     byte[] buffer;
@@ -109,6 +111,7 @@ public class RSAPSSSignatureRawCodec
     return baos.toByteArray();
   }
 
+  @Override
   public Object decodeSignature(byte[] k)
   {
     // magic
diff --git a/gnu/java/security/util/ByteArray.java b/gnu/java/security/util/ByteArray.java
index a9b9e5d00..c7f8dce11 100644
--- a/gnu/java/security/util/ByteArray.java
+++ b/gnu/java/security/util/ByteArray.java
@@ -1,5 +1,5 @@
 /* ByteArray.java -- wrapper around a byte array, with nice toString output.
-   Copyright (C) 2005  Free Software Foundation, Inc.
+   Copyright (C) 2005, 2015  Free Software Foundation, Inc.
 
 This file is part of GNU Classpath.
 
@@ -57,6 +57,7 @@ public final class ByteArray
     return value;
   }
 
+  @Override
   public String toString ()
   {
     StringWriter str = new StringWriter ();
diff --git a/gnu/java/security/util/ByteBufferOutputStream.java b/gnu/java/security/util/ByteBufferOutputStream.java
index 642ccdf68..70dc909c7 100644
--- a/gnu/java/security/util/ByteBufferOutputStream.java
+++ b/gnu/java/security/util/ByteBufferOutputStream.java
@@ -1,6 +1,6 @@
 /* ByteBufferOutputStream.java -- output stream with a growable underlying
                                   byte buffer.
-   Copyright (C) 2006  Free Software Foundation, Inc.
+   Copyright (C) 2006, 2015  Free Software Foundation, Inc.
 
 This file is a part of GNU Classpath.
 
@@ -98,6 +98,7 @@ public class ByteBufferOutputStream extends OutputStream
     return ((ByteBuffer) buffer.duplicate().flip()).slice();
   }
 
+  @Override
   public String toString()
   {
     return super.toString() + " [ buffer: " + buffer + " ]";
diff --git a/gnu/java/security/util/ExpirableObject.java b/gnu/java/security/util/ExpirableObject.java
index e24af249a..c2551c70b 100644
--- a/gnu/java/security/util/ExpirableObject.java
+++ b/gnu/java/security/util/ExpirableObject.java
@@ -1,5 +1,5 @@
 /* ExpirableObject.java -- an object that is automatically destroyed.
-   Copyright (C) 2004, 2006 Free Software Foundation, Inc.
+   Copyright (C) 2004, 2006, 2015 Free Software Foundation, Inc.
 
 This file is a part of GNU Classpath.
 
@@ -107,6 +107,7 @@ public abstract class ExpirableObject
    *
    * @throws DestroyFailedException If this operation fails.
    */
+  @Override
   public final void destroy() throws DestroyFailedException
   {
     doDestroy();
@@ -135,6 +136,7 @@ public abstract class ExpirableObject
       this.target = target;
     }
 
+    @Override
     public void run()
     {
       try
diff --git a/gnu/java/security/util/FormatUtil.java b/gnu/java/security/util/FormatUtil.java
index 35da322b8..e9bb253f8 100644
--- a/gnu/java/security/util/FormatUtil.java
+++ b/gnu/java/security/util/FormatUtil.java
@@ -1,5 +1,5 @@
 /* FormatUtil.java -- Encoding and decoding format utility methods
-   Copyright (C) 2006 Free Software Foundation, Inc.
+   Copyright (C) 2006, 2015 Free Software Foundation, Inc.
 
 This file is part of GNU Classpath.
 
@@ -60,7 +60,7 @@ public class FormatUtil
    */
   public static final String getEncodingName(int formatID)
   {
-    String result = null;
+    String result;
     switch (formatID)
       {
       case Registry.RAW_ENCODING_ID:
@@ -75,6 +75,8 @@ public class FormatUtil
       case Registry.ASN1_ENCODING_ID:
         result = Registry.ASN1_ENCODING;
         break;
+      default:
+	result = null;
       }
 
     return result;
@@ -90,7 +92,7 @@ public class FormatUtil
    */
   public static final String getEncodingShortName(int formatID)
   {
-    String result = null;
+    String result;
     switch (formatID)
       {
       case Registry.RAW_ENCODING_ID:
@@ -105,6 +107,8 @@ public class FormatUtil
       case Registry.ASN1_ENCODING_ID:
         result = Registry.ASN1_ENCODING_SHORT_NAME;
         break;
+      default:
+	result = null;
       }
 
     return result;
diff --git a/gnu/java/security/util/Sequence.java b/gnu/java/security/util/Sequence.java
index 8069ce891..ac9427137 100644
--- a/gnu/java/security/util/Sequence.java
+++ b/gnu/java/security/util/Sequence.java
@@ -1,5 +1,5 @@
 /* Sequence.java -- a sequence of integers.
-   Copyright (C) 2004, 2006, 2014 Free Software Foundation, Inc.
+   Copyright (C) 2004, 2006, 2014, 2015 Free Software Foundation, Inc.
 
 This file is a part of GNU Classpath.
 
@@ -122,13 +122,15 @@ public final class Sequence
     return sequence[index];
   }
 
+  @Override
   public int size()
   {
     return sequence.length;
   }
 
+  @Override
   public Object[] toArray()
   {
-    return (Object[]) sequence.clone();
+    return sequence.clone();
   }
 }
diff --git a/gnu/java/security/util/SimpleList.java b/gnu/java/security/util/SimpleList.java
index 2d3bd3525..cf0d64b3c 100644
--- a/gnu/java/security/util/SimpleList.java
+++ b/gnu/java/security/util/SimpleList.java
@@ -1,5 +1,5 @@
 /* SimpleList.java -- simple way to make tuples.
-   Copyright (C) 2004, 2006, 2014 Free Software Foundation, Inc.
+   Copyright (C) 2004, 2006, 2014, 2015 Free Software Foundation, Inc.
 
 This file is a part of GNU Classpath.
 
@@ -131,6 +131,7 @@ public final class SimpleList
       elements[i++] = o;
   }
 
+  @Override
   public int size()
   {
     if (elements == null)
@@ -138,6 +139,7 @@ public final class SimpleList
     return elements.length;
   }
 
+  @Override
   public Object get(int index)
   {
     if (elements == null)
@@ -147,6 +149,7 @@ public final class SimpleList
     return elements[index];
   }
 
+  @Override
   public String toString()
   {
     return SimpleList.class.getName() + "(" + size() + ") " + super.toString();
diff --git a/gnu/java/security/util/Util.java b/gnu/java/security/util/Util.java
index ef3d480a0..5bbb7264b 100644
--- a/gnu/java/security/util/Util.java
+++ b/gnu/java/security/util/Util.java
@@ -1,5 +1,5 @@
 /* Util.java -- various utility routines.
-   Copyright (C) 2001, 2002, 2003, 2006 Free Software Foundation, Inc.
+   Copyright (C) 2001, 2002, 2003, 2006, 2015 Free Software Foundation, Inc.
 
 This file is a part of GNU Classpath.
 
@@ -467,6 +467,7 @@ public class Util
         b1 = buffer[0];
         b2 = buffer[1];
         break;
+      default: // do nothing
       }
     CPStringBuilder sb = new CPStringBuilder();
     int c;
@@ -499,19 +500,16 @@ public class Util
           }
         if (pos >= len)
           break;
-        else
-          {
-            try
-              {
-                b0 = buffer[pos++];
-                b1 = buffer[pos++];
-                b2 = buffer[pos++];
-              }
-            catch (ArrayIndexOutOfBoundsException x)
-              {
-                break;
-              }
-          }
+	try
+	  {
+	    b0 = buffer[pos++];
+	    b1 = buffer[pos++];
+	    b2 = buffer[pos++];
+	  }
+	catch (ArrayIndexOutOfBoundsException x)
+	  {
+	    break;
+	  }
       }
     while (true);
 
diff --git a/gnu/java/security/x509/PolicyNodeImpl.java b/gnu/java/security/x509/PolicyNodeImpl.java
index 65dd472c7..c5c74cd14 100644
--- a/gnu/java/security/x509/PolicyNodeImpl.java
+++ b/gnu/java/security/x509/PolicyNodeImpl.java
@@ -1,5 +1,5 @@
 /* PolicyNodeImpl.java -- An implementation of a policy tree node.
-   Copyright (C) 2004, 2014  Free Software Foundation, Inc.
+   Copyright (C) 2004, 2014, 2015  Free Software Foundation, Inc.
 
 This file is part of GNU Classpath.
 
@@ -116,11 +116,11 @@ public final class PolicyNodeImpl implements PolicyNode
     expectedPolicies.addAll(policies);
   }
 
-  public void addExpectedPolicy(String policy)
+  public void addExpectedPolicy(String expectedPolicy)
   {
     if (readOnly)
       throw new IllegalStateException("read only");
-    expectedPolicies.add(policy);
+    expectedPolicies.add(expectedPolicy);
   }
 
   @Override
@@ -135,14 +135,18 @@ public final class PolicyNodeImpl implements PolicyNode
     return parent;
   }
 
-  public void addAllPolicyQualifiers (Collection<? extends PolicyQualifierInfo> qualifiers)
+  public void addAllPolicyQualifiers (Collection<? extends PolicyQualifierInfo> policyQualifiers)
   {
-    for (Iterator<? extends PolicyQualifierInfo> it = qualifiers.iterator(); it.hasNext(); )
+    try
       {
-        if (!(it.next() instanceof PolicyQualifierInfo))
-          throw new IllegalArgumentException ("can only add PolicyQualifierInfos");
+	for (Iterator<? extends PolicyQualifierInfo> it = policyQualifiers.iterator(); it.hasNext();) { it.next(); }
       }
-    this.qualifiers.addAll (qualifiers);
+    catch (ClassCastException ex)
+      {
+	throw new IllegalArgumentException ("can only add PolicyQualifierInfos",
+					    ex);
+      }
+    qualifiers.addAll (policyQualifiers);
   }
 
   public void addPolicyQualifier (PolicyQualifierInfo qualifier)
@@ -192,7 +196,8 @@ public final class PolicyNodeImpl implements PolicyNode
     for (Iterator<? extends PolicyNode> it = getChildren(); it.hasNext(); )
       ((PolicyNodeImpl) it.next()).setReadOnly();
   }
-
+  
+  @Override
   public String toString()
   {
     CPStringBuilder buf = new CPStringBuilder();
diff --git a/gnu/java/security/x509/X500DistinguishedName.java b/gnu/java/security/x509/X500DistinguishedName.java
index ab7f99aa9..7c028444c 100644
--- a/gnu/java/security/x509/X500DistinguishedName.java
+++ b/gnu/java/security/x509/X500DistinguishedName.java
@@ -1,5 +1,5 @@
 /* X500DistinguishedName.java -- X.500 distinguished name.
-   Copyright (C) 2004, 2006, 2014  Free Software Foundation, Inc.
+   Copyright (C) 2004, 2006, 2014, 2015  Free Software Foundation, Inc.
 
 This file is part of GNU Classpath.
 
@@ -99,17 +99,10 @@ public class X500DistinguishedName implements Principal
     components.add(currentRdn);
   }
 
-  public X500DistinguishedName(String name)
+  public X500DistinguishedName(String name) throws IOException
   {
     this();
-    try
-      {
-        parseString(name);
-      }
-    catch (IOException ioe)
-      {
-        throw new IllegalArgumentException(ioe.toString());
-      }
+    parseString(name);
   }
 
   public X500DistinguishedName(byte[] encoded) throws IOException
@@ -127,6 +120,7 @@ public class X500DistinguishedName implements Principal
   // Instance methods.
   // -------------------------------------------------------------------------
 
+  @Override
   public String getName()
   {
     return toString();
@@ -246,6 +240,7 @@ public class X500DistinguishedName implements Principal
     currentRdn = Collections.emptyMap();
   }
 
+  @Override
   public int hashCode()
   {
     int sum = 0;
@@ -261,6 +256,7 @@ public class X500DistinguishedName implements Principal
     return sum;
   }
 
+  @Override
   public boolean equals(Object o)
   {
     if (!(o instanceof X500DistinguishedName))
@@ -282,6 +278,7 @@ public class X500DistinguishedName implements Principal
     return true;
   }
 
+  @Override
   public String toString()
   {
     if (fixed && stringRep != null)
@@ -332,7 +329,7 @@ public class X500DistinguishedName implements Principal
   public byte[] getDer()
   {
     if (fixed && encoded != null)
-      return (byte[]) encoded.clone();
+      return encoded.clone();
 
     ArrayList<DERValue> name = new ArrayList<DERValue>(components.size());
     for (Map<OID,String> m : components)
@@ -351,7 +348,7 @@ public class X500DistinguishedName implements Principal
         name.add(new DERValue(DER.SET|DER.CONSTRUCTED, rdn));
       }
     DERValue val = new DERValue(DER.SEQUENCE|DER.CONSTRUCTED, name);
-    return (byte[]) (encoded = val.getEncoded()).clone();
+    return (encoded = val.getEncoded()).clone();
   }
 
   // Own methods.
@@ -375,7 +372,7 @@ public class X500DistinguishedName implements Principal
     setUnmodifiable();
   }
 
-  private String readAttributeType(Reader in) throws IOException
+  private static String readAttributeType(Reader in) throws IOException
   {
     CPStringBuilder buf = new CPStringBuilder();
     int ch;
diff --git a/gnu/java/security/x509/X509CRL.java b/gnu/java/security/x509/X509CRL.java
index 9e1ed0f5c..b95c411ac 100644
--- a/gnu/java/security/x509/X509CRL.java
+++ b/gnu/java/security/x509/X509CRL.java
@@ -136,6 +136,7 @@ public class X509CRL extends java.security.cert.X509CRL
   // X509CRL methods.
   // ------------------------------------------------------------------------
 
+  @Override
   public boolean equals(Object o)
   {
     if (!(o instanceof X509CRL))
@@ -143,6 +144,7 @@ public class X509CRL extends java.security.cert.X509CRL
     return ((X509CRL) o).getRevokedCertificates().equals(revokedCerts.values());
   }
 
+  @Override
   public int hashCode()
   {
     return revokedCerts.hashCode();
@@ -151,7 +153,7 @@ public class X509CRL extends java.security.cert.X509CRL
   @Override
   public byte[] getEncoded() throws CRLException
   {
-    return (byte[]) encoded.clone();
+    return encoded.clone();
   }
 
   @Override
@@ -184,6 +186,7 @@ public class X509CRL extends java.security.cert.X509CRL
     return issuerDN;
   }
 
+  @Override
   public X500Principal getIssuerX500Principal()
   {
     return new X500Principal(issuerDN.getDer());
@@ -218,13 +221,13 @@ public class X509CRL extends java.security.cert.X509CRL
   @Override
   public byte[] getTBSCertList() throws CRLException
   {
-    return (byte[]) tbsCRLBytes.clone();
+    return tbsCRLBytes.clone();
   }
 
   @Override
   public byte[] getSignature()
   {
-    return (byte[]) rawSig.clone();
+    return rawSig.clone();
   }
 
   @Override
@@ -251,13 +254,14 @@ public class X509CRL extends java.security.cert.X509CRL
   public byte[] getSigAlgParams()
   {
     if (sigAlgParams != null)
-      return (byte[]) sigAlgParams.clone();
+      return sigAlgParams.clone();
     return null;
   }
 
   // X509Extension methods.
   // ------------------------------------------------------------------------
 
+  @Override
   public boolean hasUnsupportedCriticalExtension()
   {
     for (Extension e : extensions.values())
@@ -267,7 +271,8 @@ public class X509CRL extends java.security.cert.X509CRL
       }
     return false;
   }
-
+  
+  @Override
   public Set<String> getCriticalExtensionOIDs()
   {
     HashSet<String> s = new HashSet<String>();
@@ -279,6 +284,7 @@ public class X509CRL extends java.security.cert.X509CRL
     return Collections.unmodifiableSet(s);
   }
 
+  @Override
   public Set<String> getNonCriticalExtensionOIDs()
   {
     HashSet<String> s = new HashSet<String>();
@@ -290,6 +296,7 @@ public class X509CRL extends java.security.cert.X509CRL
     return Collections.unmodifiableSet(s);
   }
 
+  @Override
   public byte[] getExtensionValue(String oid)
   {
     Extension e = getExtension(new OID(oid));
@@ -324,13 +331,14 @@ public class X509CRL extends java.security.cert.X509CRL
     return X509CRL.class.getName();
   }
 
+  @Override
   public boolean isRevoked(Certificate cert)
   {
     if (!(cert instanceof java.security.cert.X509Certificate))
       throw new IllegalArgumentException("not a X.509 certificate");
     BigInteger certSerial =
       ((java.security.cert.X509Certificate) cert).getSerialNumber();
-    X509CRLEntry ent = (X509CRLEntry) revokedCerts.get(certSerial);
+    X509CRLEntry ent = revokedCerts.get(certSerial);
     if (ent == null)
       return false;
     return ent.getRevocationDate().compareTo(new Date()) < 0;
@@ -485,7 +493,7 @@ public class X509CRL extends java.security.cert.X509CRL
         if (Configuration.DEBUG)
           log.fine("sig params tag = " + val.getTag() + " len == "
                    + val.getEncodedLength());
-        sigAlgParams = (byte[]) val.getEncoded();
+        sigAlgParams = val.getEncoded();
         if (val.isConstructed())
           in.skip(val.getLength());
       }
diff --git a/gnu/java/security/x509/X509CRLEntry.java b/gnu/java/security/x509/X509CRLEntry.java
index b54f8eae6..d0c8da1d4 100644
--- a/gnu/java/security/x509/X509CRLEntry.java
+++ b/gnu/java/security/x509/X509CRLEntry.java
@@ -131,7 +131,7 @@ class X509CRLEntry extends java.security.cert.X509CRLEntry
   @Override
   public byte[] getEncoded() throws CRLException
   {
-    return (byte[]) encoded.clone();
+    return encoded.clone();
   }
 
   @Override
@@ -162,6 +162,7 @@ class X509CRLEntry extends java.security.cert.X509CRLEntry
   // X509Extension methods.
   // -------------------------------------------------------------------------
 
+  @Override
   public boolean hasUnsupportedCriticalExtension()
   {
     for (Extension e : extensions.values())
@@ -172,6 +173,7 @@ class X509CRLEntry extends java.security.cert.X509CRLEntry
     return false;
   }
 
+  @Override
   public Set<String> getCriticalExtensionOIDs()
   {
     HashSet<String> s = new HashSet<String>();
@@ -183,6 +185,7 @@ class X509CRLEntry extends java.security.cert.X509CRLEntry
     return Collections.unmodifiableSet(s);
   }
 
+  @Override
   public Set<String> getNonCriticalExtensionOIDs()
   {
     HashSet<String> s = new HashSet<String>();
@@ -194,6 +197,7 @@ class X509CRLEntry extends java.security.cert.X509CRLEntry
     return Collections.unmodifiableSet(s);
   }
 
+  @Override
   public byte[] getExtensionValue(String oid)
   {
     Extension e = getExtension(new OID(oid));
diff --git a/gnu/java/security/x509/X509CRLSelectorImpl.java b/gnu/java/security/x509/X509CRLSelectorImpl.java
index c8f25d58d..9112aabf1 100644
--- a/gnu/java/security/x509/X509CRLSelectorImpl.java
+++ b/gnu/java/security/x509/X509CRLSelectorImpl.java
@@ -1,5 +1,5 @@
 /* X509CRLSelectorImpl.java -- implementation of an X509CRLSelector.
-   Copyright (C) 2004, 2014  Free Software Foundation, Inc.
+   Copyright (C) 2004, 2014, 2015  Free Software Foundation, Inc.
 
 This file is part of GNU Classpath.
 
@@ -80,7 +80,7 @@ public class X509CRLSelectorImpl implements CRLSelector
     issuerNames.add(new X500DistinguishedName(issuerName));
   }
 
-  public void addIssuerName(String issuerName)
+  public void addIssuerName(String issuerName) throws IOException
   {
     issuerNames.add(new X500DistinguishedName(issuerName));
   }
diff --git a/gnu/java/security/x509/X509CertPath.java b/gnu/java/security/x509/X509CertPath.java
index d2e12d269..d1be2ee27 100644
--- a/gnu/java/security/x509/X509CertPath.java
+++ b/gnu/java/security/x509/X509CertPath.java
@@ -1,5 +1,5 @@
 /* X509CertPath.java -- an X.509 certificate path.
-   Copyright (C) 2004, 2014  Free Software Fonudation, Inc.
+   Copyright (C) 2004, 2014, 2015  Free Software Fonudation, Inc.
 
 This file is part of GNU Classpath.
 
@@ -117,16 +117,19 @@ public class X509CertPath extends CertPath
   // Instance methods.
   // -------------------------------------------------------------------------
 
+  @Override
   public List<Certificate> getCertificates()
   {
     return path; // already unmodifiable
   }
 
+  @Override
   public byte[] getEncoded() throws CertificateEncodingException
   {
     return getEncoded(ENCODINGS.get(0));
   }
 
+  @Override
   public byte[] getEncoded(String encoding) throws CertificateEncodingException
   {
     if (encoding.equalsIgnoreCase("PkiPath"))
@@ -142,7 +145,7 @@ public class X509CertPath extends CertPath
                 throw new CertificateEncodingException();
               }
           }
-        return (byte[]) pkiEncoded.clone();
+        return pkiEncoded.clone();
       }
     else if (encoding.equalsIgnoreCase("PKCS7"))
       {
@@ -157,12 +160,13 @@ public class X509CertPath extends CertPath
                 throw new CertificateEncodingException();
               }
           }
-        return (byte[]) pkcsEncoded.clone();
+        return pkcsEncoded.clone();
       }
     else
       throw new CertificateEncodingException("unknown encoding: " + encoding);
   }
 
+  @Override
   public Iterator<String> getEncodings()
   {
     return ENCODINGS.iterator(); // already unmodifiable
@@ -175,12 +179,12 @@ public class X509CertPath extends CertPath
     throws CertificateEncodingException, IOException
   {
     DERReader der = new DERReader(in);
-    DERValue path = null;
+    DERValue parsedPath = null;
     if (encoding.equalsIgnoreCase("PkiPath"))
       {
         // PKI encoding is just a SEQUENCE of X.509 certificates.
-        path = der.read();
-        if (!path.isConstructed())
+        parsedPath = der.read();
+        if (!parsedPath.isConstructed())
           throw new DEREncodingException("malformed PkiPath");
       }
     else if (encoding.equalsIgnoreCase("PKCS7"))
@@ -226,8 +230,8 @@ public class X509CertPath extends CertPath
         if (!value.isConstructed())
           throw new DEREncodingException("malformed ContentInfo");
         der.skip(value.getLength());
-        path = der.read();
-        if (!path.isConstructed() || path.getTag() != 0)
+        parsedPath = der.read();
+        if (!parsedPath.isConstructed() || parsedPath.getTag() != 0)
           throw new DEREncodingException("no certificates");
       }
     else
@@ -235,7 +239,7 @@ public class X509CertPath extends CertPath
 
     LinkedList<Certificate> certs = new LinkedList<Certificate>();
     int len = 0;
-    while (len < path.getLength())
+    while (len < parsedPath.getLength())
       {
         DERValue cert = der.read();
         try
@@ -250,7 +254,7 @@ public class X509CertPath extends CertPath
         der.skip(cert.getLength());
       }
 
-    this.path = Collections.unmodifiableList(certs);
+    path = Collections.unmodifiableList(certs);
   }
 
   private byte[] encodePki()
diff --git a/gnu/java/security/x509/X509CertSelectorImpl.java b/gnu/java/security/x509/X509CertSelectorImpl.java
index e7c7ff81b..7e778dda2 100644
--- a/gnu/java/security/x509/X509CertSelectorImpl.java
+++ b/gnu/java/security/x509/X509CertSelectorImpl.java
@@ -1,5 +1,5 @@
 /* X509CertSelectorImpl.java -- implementation of an X509CertSelector.
-   Copyright (C) 2004, 2014  Free Software Foundation, Inc.
+   Copyright (C) 2004, 2014, 2015  Free Software Foundation, Inc.
 
 This file is part of GNU Classpath.
 
@@ -81,7 +81,7 @@ public class X509CertSelectorImpl implements CertSelector
     issuerNames.add(new X500DistinguishedName(issuerName));
   }
 
-  public void addIssuerName(String issuerName)
+  public void addIssuerName(String issuerName) throws IOException
   {
     issuerNames.add(new X500DistinguishedName(issuerName));
   }
diff --git a/gnu/java/security/x509/X509Certificate.java b/gnu/java/security/x509/X509Certificate.java
index c7856bd0c..22e213d17 100644
--- a/gnu/java/security/x509/X509Certificate.java
+++ b/gnu/java/security/x509/X509Certificate.java
@@ -1,5 +1,5 @@
 /* X509Certificate.java -- X.509 certificate.
-   Copyright (C) 2003, 2004, 2006, 2014  Free Software Foundation, Inc.
+   Copyright (C) 2003, 2004, 2006, 2014, 2015  Free Software Foundation, Inc.
 
 This file is part of GNU Classpath.
 
@@ -56,7 +56,6 @@ import gnu.java.security.x509.ext.SubjectAlternativeNames;
 import java.io.IOException;
 import java.io.InputStream;
 import java.io.PrintWriter;
-import java.io.Serializable;
 import java.io.StringWriter;
 import java.math.BigInteger;
 import java.security.AlgorithmParameters;
@@ -97,7 +96,7 @@ import javax.security.auth.x500.X500Principal;
  * @author Casey Marshall (rsdio@metastatic.org)
  */
 public class X509Certificate extends java.security.cert.X509Certificate
-  implements Serializable, GnuPKIExtension
+  implements GnuPKIExtension
 {
 
   // Constants and fields.
@@ -185,12 +184,14 @@ public class X509Certificate extends java.security.cert.X509Certificate
   // X509Certificate methods.
   // ------------------------------------------------------------------------
 
+  @Override
   public void checkValidity()
     throws CertificateExpiredException, CertificateNotYetValidException
   {
     checkValidity(new Date());
   }
 
+  @Override
   public void checkValidity(Date date)
     throws CertificateExpiredException, CertificateNotYetValidException
   {
@@ -203,57 +204,68 @@ public class X509Certificate extends java.security.cert.X509Certificate
         throw new CertificateExpiredException();
       }
   }
-
+ 
+  @Override
   public int getVersion()
   {
     return version;
   }
 
+  @Override
   public BigInteger getSerialNumber()
   {
     return serialNo;
   }
 
+  @Override
   public Principal getIssuerDN()
   {
     return issuer;
   }
 
+  @Override
   public X500Principal getIssuerX500Principal()
   {
     return new X500Principal(issuer.getDer());
   }
 
+  @Override
   public Principal getSubjectDN()
   {
     return subject;
   }
 
+  @Override
   public X500Principal getSubjectX500Principal()
   {
     return new X500Principal(subject.getDer());
   }
 
+  @Override
   public Date getNotBefore()
   {
     return (Date) notBefore.clone();
   }
 
+  @Override
   public Date getNotAfter()
   {
     return (Date) notAfter.clone();
   }
 
+  @Override
   public byte[] getTBSCertificate() throws CertificateEncodingException
   {
-    return (byte[]) tbsCertBytes.clone();
+    return tbsCertBytes.clone();
   }
 
+  @Override
   public byte[] getSignature()
   {
-    return (byte[]) signature.clone();
+    return signature.clone();
   }
 
+  @Override
   public String getSigAlgName()
   {
     if (sigAlgId.equals(ID_DSA_WITH_SHA1))
@@ -275,16 +287,19 @@ public class X509Certificate extends java.security.cert.X509Certificate
     return "unknown";
   }
 
+  @Override
   public String getSigAlgOID()
   {
     return sigAlgId.toString();
   }
 
+  @Override
   public byte[] getSigAlgParams()
   {
-    return (byte[]) sigAlgVal.clone();
+    return sigAlgVal.clone();
   }
 
+  @Override
   public boolean[] getIssuerUniqueID()
   {
     if (issuerUniqueId != null)
@@ -294,6 +309,7 @@ public class X509Certificate extends java.security.cert.X509Certificate
     return null;
   }
 
+  @Override
   public boolean[] getSubjectUniqueID()
   {
     if (subjectUniqueId != null)
@@ -303,6 +319,7 @@ public class X509Certificate extends java.security.cert.X509Certificate
     return null;
   }
 
+  @Override
   public boolean[] getKeyUsage()
   {
     Extension e = getExtension(KeyUsage.ID);
@@ -317,6 +334,7 @@ public class X509Certificate extends java.security.cert.X509Certificate
     return null;
   }
 
+  @Override
   public List<String> getExtendedKeyUsage() throws CertificateParsingException
   {
     Extension e = getExtension(ExtendedKeyUsage.ID);
@@ -331,6 +349,7 @@ public class X509Certificate extends java.security.cert.X509Certificate
     return null;
   }
 
+  @Override
   public int getBasicConstraints()
   {
     Extension e = getExtension(BasicConstraints.ID);
@@ -341,6 +360,7 @@ public class X509Certificate extends java.security.cert.X509Certificate
     return -1;
   }
 
+  @Override
   public Collection<List<?>> getSubjectAlternativeNames()
     throws CertificateParsingException
   {
@@ -353,7 +373,7 @@ public class X509Certificate extends java.security.cert.X509Certificate
         for (GeneralName name : names)
           {
             List<Object> n = new ArrayList<Object>(2);
-            n.add(name.kind().tag());
+            n.add(Integer.valueOf(name.kind().tag()));
             n.add(name.name());
             list.add(n);
           }
@@ -362,6 +382,7 @@ public class X509Certificate extends java.security.cert.X509Certificate
     return null;
   }
 
+  @Override
   public Collection<List<?>> getIssuerAlternativeNames()
     throws CertificateParsingException
   {
@@ -374,7 +395,7 @@ public class X509Certificate extends java.security.cert.X509Certificate
         for (GeneralName name : names)
           {
             List<Object> n = new ArrayList<Object>(2);
-            n.add(name.kind().tag());
+            n.add(Integer.valueOf(name.kind().tag()));
             n.add(name.name());
             list.add(n);
           }
@@ -385,7 +406,8 @@ public class X509Certificate extends java.security.cert.X509Certificate
 
 // X509Extension methods.
   // ------------------------------------------------------------------------
-
+  
+  @Override
   public boolean hasUnsupportedCriticalExtension()
   {
     for (Extension e : extensions.values())
@@ -396,6 +418,7 @@ public class X509Certificate extends java.security.cert.X509Certificate
     return false;
   }
 
+  @Override
   public Set<String> getCriticalExtensionOIDs()
   {
     HashSet<String> s = new HashSet<String>();
@@ -407,6 +430,7 @@ public class X509Certificate extends java.security.cert.X509Certificate
     return Collections.unmodifiableSet(s);
   }
 
+  @Override
   public Set<String> getNonCriticalExtensionOIDs()
   {
     HashSet<String> s = new HashSet<String>();
@@ -418,6 +442,7 @@ public class X509Certificate extends java.security.cert.X509Certificate
     return Collections.unmodifiableSet(s);
   }
 
+  @Override
   public byte[] getExtensionValue(String oid)
   {
     Extension e = getExtension(new OID(oid));
@@ -446,11 +471,13 @@ public class X509Certificate extends java.security.cert.X509Certificate
   // Certificate methods.
   // -------------------------------------------------------------------------
 
+  @Override
   public byte[] getEncoded() throws CertificateEncodingException
   {
-    return (byte[]) encoded.clone();
+    return encoded.clone();
   }
 
+  @Override
   public void verify(PublicKey key)
     throws CertificateException, NoSuchAlgorithmException,
            InvalidKeyException, NoSuchProviderException, SignatureException
@@ -459,6 +486,7 @@ public class X509Certificate extends java.security.cert.X509Certificate
     doVerify(sig, key);
   }
 
+  @Override
   public void verify(PublicKey key, String provider)
     throws CertificateException, NoSuchAlgorithmException,
            InvalidKeyException, NoSuchProviderException, SignatureException
@@ -467,6 +495,7 @@ public class X509Certificate extends java.security.cert.X509Certificate
     doVerify(sig, key);
   }
 
+  @Override
   public String toString()
   {
     StringWriter str = new StringWriter();
@@ -515,6 +544,7 @@ public class X509Certificate extends java.security.cert.X509Certificate
     return str.toString();
   }
 
+  @Override
   public PublicKey getPublicKey()
   {
     return subjectKey;
@@ -562,11 +592,11 @@ public class X509Certificate extends java.security.cert.X509Certificate
   /**
    * Parse a DER stream into an X.509 certificate.
    *
-   * @param encoded The encoded bytes.
+   * @param enc The encoded bytes.
    */
-  private void parse(InputStream encoded) throws Exception
+  private void parse(InputStream enc) throws Exception
   {
-    DERReader der = new DERReader(encoded);
+    DERReader der = new DERReader(enc);
 
     // Certificate ::= SEQUENCE {
     DERValue cert = der.read();
@@ -635,7 +665,7 @@ public class X509Certificate extends java.security.cert.X509Certificate
             algVal = val.getEncoded();
 
             if (val.isConstructed())
-              encoded.skip(val.getLength());
+              enc.skip(val.getLength());
           }
         logger.log (Component.X509, "read algorithm parameters == {0}", algVal);
       }
@@ -744,11 +774,11 @@ public class X509Certificate extends java.security.cert.X509Certificate
           }
         else
           {
-            sigAlgVal = (byte[]) val.getEncoded();
+            sigAlgVal = val.getEncoded();
           }
         if (val.isConstructed())
           {
-            encoded.skip(val.getLength());
+            enc.skip(val.getLength());
           }
         logger.log (Component.X509, "read parameters == {0}", sigAlgVal);
       }
diff --git a/gnu/java/security/x509/ext/AuthorityKeyIdentifier.java b/gnu/java/security/x509/ext/AuthorityKeyIdentifier.java
index a94b76f09..de280b0e3 100644
--- a/gnu/java/security/x509/ext/AuthorityKeyIdentifier.java
+++ b/gnu/java/security/x509/ext/AuthorityKeyIdentifier.java
@@ -1,5 +1,5 @@
 /* AuthorityKeyIdentifier.java -- Authority key identifier extension.
-   Copyright (C) 2004  Free Software Foundation, Inc.
+   Copyright (C) 2004, 2015  Free Software Foundation, Inc.
 
 This file is part of GNU Classpath.
 
@@ -123,6 +123,7 @@ public class AuthorityKeyIdentifier extends Extension.Value
     return authorityCertSerialNumber;
   }
 
+  @Override
   public String toString()
   {
     return AuthorityKeyIdentifier.class.getName() + " [ keyId=" +
diff --git a/gnu/java/security/x509/ext/BasicConstraints.java b/gnu/java/security/x509/ext/BasicConstraints.java
index 52d9f39cd..e4f031abc 100644
--- a/gnu/java/security/x509/ext/BasicConstraints.java
+++ b/gnu/java/security/x509/ext/BasicConstraints.java
@@ -1,5 +1,5 @@
 /* BasicConstraints.java -- the basic constraints extension.
-   Copyright (C) 2004, 2014  Free Software Foundation, Inc.
+   Copyright (C) 2004, 2014, 2015  Free Software Foundation, Inc.
 
 This file is part of GNU Classpath.
 
@@ -107,6 +107,7 @@ public class BasicConstraints extends Extension.Value
     return pathLenConstraint;
   }
 
+  @Override
   public byte[] getEncoded()
   {
     if (encoded == null)
@@ -115,12 +116,13 @@ public class BasicConstraints extends Extension.Value
         bc.add (new DERValue (DER.BOOLEAN, Boolean.valueOf (ca)));
         if (pathLenConstraint >= 0)
           bc.add (new DERValue (DER.INTEGER,
-                                BigInteger.valueOf ((long) pathLenConstraint)));
+                                BigInteger.valueOf (pathLenConstraint)));
         encoded = new DERValue (DER.CONSTRUCTED|DER.SEQUENCE, bc).getEncoded();
       }
-    return (byte[]) encoded.clone();
+    return encoded.clone();
   }
 
+  @Override
   public String toString()
   {
     return BasicConstraints.class.getName() + " [ isCA=" + ca +
diff --git a/gnu/java/security/x509/ext/CRLNumber.java b/gnu/java/security/x509/ext/CRLNumber.java
index 36b1c7b5f..42c3cc7fc 100644
--- a/gnu/java/security/x509/ext/CRLNumber.java
+++ b/gnu/java/security/x509/ext/CRLNumber.java
@@ -1,5 +1,5 @@
 /* CRLNumber.java -- CRL number extension.
-   Copyright (C) 2004  Free Software Foundation, Inc.
+   Copyright (C) 2004, 2015  Free Software Foundation, Inc.
 
 This file is part of GNU Classpath.
 
@@ -81,15 +81,17 @@ public class CRLNumber extends Extension.Value
     return number;
   }
 
+  @Override
   public byte[] getEncoded()
   {
     if (encoded == null)
       {
         encoded = new DERValue (DER.INTEGER, number).getEncoded();
       }
-    return (byte[]) encoded.clone();
+    return encoded.clone();
   }
 
+  @Override
   public String toString()
   {
     return CRLNumber.class.getName() + " [ " + number + " ]";
diff --git a/gnu/java/security/x509/ext/CertificatePolicies.java b/gnu/java/security/x509/ext/CertificatePolicies.java
index 9b36485b2..64879f933 100644
--- a/gnu/java/security/x509/ext/CertificatePolicies.java
+++ b/gnu/java/security/x509/ext/CertificatePolicies.java
@@ -1,5 +1,5 @@
 /* CertificatePolicies.java -- certificate policy extension.
-   Copyright (C) 2004, 2006, 2014 Free Software Foundation, Inc.
+   Copyright (C) 2004, 2006, 2014, 2015 Free Software Foundation, Inc.
 
 This file is part of GNU Classpath.
 
@@ -146,8 +146,8 @@ public class CertificatePolicies extends Extension.Value
 	  }
 	try
 	  {
-	    for (Iterator<PolicyQualifierInfo> i = e.getValue().iterator();
-		 i.hasNext(); i.next());
+	    Iterator<PolicyQualifierInfo> i = e.getValue().iterator();
+	    while (i.hasNext()) { i.next(); }
 	  }
 	catch (ClassCastException cce)
 	  {
@@ -188,6 +188,7 @@ public class CertificatePolicies extends Extension.Value
     return policyQualifierInfos.get(oid);
   }
 
+  @Override
   public byte[] getEncoded()
   {
     if (encoded == null)
@@ -219,9 +220,10 @@ public class CertificatePolicies extends Extension.Value
           }
         encoded = new DERValue(DER.CONSTRUCTED|DER.SEQUENCE, pol).getEncoded();
       }
-    return (byte[]) encoded.clone();
+    return encoded.clone();
   }
 
+  @Override
   public String toString()
   {
     return CertificatePolicies.class.getName() + " [ policies=" + policies +
diff --git a/gnu/java/security/x509/ext/ExtendedKeyUsage.java b/gnu/java/security/x509/ext/ExtendedKeyUsage.java
index 428013d04..d6e08167b 100644
--- a/gnu/java/security/x509/ext/ExtendedKeyUsage.java
+++ b/gnu/java/security/x509/ext/ExtendedKeyUsage.java
@@ -1,5 +1,5 @@
 /* ExtendedKeyUsage.java -- the extended key usage extension.
-   Copyright (C) 2004, 2006  Free Software Foundation, Inc.
+   Copyright (C) 2004, 2006, 2015  Free Software Foundation, Inc.
 
 This file is part of GNU Classpath.
 
@@ -88,6 +88,7 @@ public class ExtendedKeyUsage extends Extension.Value
     return Collections.unmodifiableList(purposeIds);
   }
 
+  @Override
   public String toString()
   {
     return ExtendedKeyUsage.class.getName() + " [ " + purposeIds + " ]";
diff --git a/gnu/java/security/x509/ext/Extension.java b/gnu/java/security/x509/ext/Extension.java
index b740c8ac4..c16c9303c 100644
--- a/gnu/java/security/x509/ext/Extension.java
+++ b/gnu/java/security/x509/ext/Extension.java
@@ -1,5 +1,5 @@
 /* Extension.java -- an X.509 certificate or CRL extension.
-   Copyright (C) 2004, 2006, 2010  Free Software Foundation, Inc.
+   Copyright (C) 2004, 2006, 2010, 2015  Free Software Foundation, Inc.
 
 This file is part of GNU Classpath.
 
@@ -85,7 +85,7 @@ public class Extension
 
   public Extension(byte[] encoded) throws IOException
   {
-    this.encoded = (byte[]) encoded.clone();
+    this.encoded = encoded.clone();
     DERReader der = new DERReader(encoded);
 
     // Extension ::= SEQUENCE {
@@ -220,9 +220,10 @@ public class Extension
   {
     if (encoded == null)
       encode();
-    return (byte[]) encoded.clone();
+    return encoded.clone();
   }
 
+  @Override
   public String toString()
   {
     return Extension.class.getName() + " [ id=" + oid + " critical=" +
@@ -262,7 +263,7 @@ public class Extension
 
     public Value(byte[] encoded)
     {
-      this.encoded = (byte[]) encoded.clone();
+      this.encoded = encoded.clone();
     }
 
     protected Value() { }
@@ -272,9 +273,10 @@ public class Extension
 
     public byte[] getEncoded()
     {
-      return (byte[]) encoded;
+      return encoded;
     }
 
+    @Override
     public int hashCode()
     {
       int result = 0;
@@ -283,6 +285,7 @@ public class Extension
       return result;
     }
 
+    @Override
     public boolean equals(Object o)
     {
       if (!(o instanceof Value))
@@ -290,6 +293,7 @@ public class Extension
       return Arrays.equals(encoded, ((Value) o).encoded);
     }
 
+    @Override
     public String toString()
     {
       return Util.toHexString(encoded, ':');
diff --git a/gnu/java/security/x509/ext/GeneralName.java b/gnu/java/security/x509/ext/GeneralName.java
index f399de1b7..d4a7f9b5e 100644
--- a/gnu/java/security/x509/ext/GeneralName.java
+++ b/gnu/java/security/x509/ext/GeneralName.java
@@ -1,5 +1,5 @@
 /* GeneralName.java -- a GeneralName.
-   Copyright (C) 2006  Free Software Foundation, Inc.
+   Copyright (C) 2006, 2015  Free Software Foundation, Inc.
 
 This file is a part of GNU Classpath.
 
@@ -45,6 +45,7 @@ import gnu.java.security.x509.Util;
 
 import java.io.IOException;
 import java.util.Arrays;
+import java.util.Objects;
 
 /**
  * The GeneralName structure from X.509.
@@ -106,16 +107,16 @@ public class GeneralName
         case 6: return uniformResourceIdentifier;
         case 7: return iPAddress;
         case 8: return registeredId;
+        default:
+	  throw new IllegalArgumentException("invalid tag: " + tag);
       }
-
-      throw new IllegalArgumentException("invalid tag: " + tag);
     }
 
     public int tag()
     {
       return tag;
     }
-  };
+  }
 
   private final Kind kind;
   private final byte[] name;
@@ -185,7 +186,7 @@ public class GeneralName
   public GeneralName(Kind kind, byte[] name)
   {
     this.kind = kind;
-    this.name = (byte[]) name.clone();
+    this.name = name.clone();
     this.encoded = null;
   }
 
@@ -196,27 +197,21 @@ public class GeneralName
 
   public byte[] name()
   {
-    return (byte[]) name.clone();
+    return name.clone();
   }
 
   public byte[] encoded()
   {
-    try
-      {
-        return (byte[]) encoded.clone();
-      }
-    catch (NullPointerException npe)
-      {
-        return null;
-      }
+    return (encoded == null ? null : encoded.clone());
   }
 
+  @Override
   public boolean equals(Object o)
   {
     try
       {
         GeneralName that = (GeneralName) o;
-        return (that.kind() == kind() && Arrays.equals(name, that.name));
+        return (that.kind() == kind && Arrays.equals(name, that.name));
       }
     catch (ClassCastException cce)
       {
@@ -224,6 +219,13 @@ public class GeneralName
       }
   }
 
+  @Override
+  public int hashCode()
+  {
+    return Objects.hash(kind, name);
+  }
+
+  @Override
   public String toString()
   {
     return (super.toString() + " [ kind=" + kind + "; name=" +
diff --git a/gnu/java/security/x509/ext/GeneralNames.java b/gnu/java/security/x509/ext/GeneralNames.java
index f56ee963b..45132ed0f 100644
--- a/gnu/java/security/x509/ext/GeneralNames.java
+++ b/gnu/java/security/x509/ext/GeneralNames.java
@@ -1,5 +1,5 @@
 /* GeneralNames.java -- the GeneralNames object
-   Copyright (C) 2004, 2006  Free Software Foundation, Inc.
+   Copyright (C) 2004, 2006, 2015  Free Software Foundation, Inc.
 
 This file is part of GNU Classpath.
 
@@ -82,6 +82,7 @@ public class GeneralNames
     return Collections.unmodifiableList(names);
   }
 
+  @Override
   public String toString()
   {
     return GeneralNames.class.getName() + " [ " + names + " ]";
diff --git a/gnu/java/security/x509/ext/GeneralSubtree.java b/gnu/java/security/x509/ext/GeneralSubtree.java
index 5d688deaa..f5097a507 100644
--- a/gnu/java/security/x509/ext/GeneralSubtree.java
+++ b/gnu/java/security/x509/ext/GeneralSubtree.java
@@ -1,5 +1,5 @@
 /* GeneralSubtree.java --
-   Copyright (C) 2006  Free Software Foundation, Inc.
+   Copyright (C) 2006, 2015  Free Software Foundation, Inc.
 
 This file is a part of GNU Classpath.
 
@@ -147,6 +147,7 @@ public class GeneralSubtree
     return maximum;
   }
 
+  @Override
   public String toString()
   {
     return (GeneralSubtree.class.getName() + " [ base=" + base
diff --git a/gnu/java/security/x509/ext/IssuerAlternativeNames.java b/gnu/java/security/x509/ext/IssuerAlternativeNames.java
index 080070b98..1c502c37c 100644
--- a/gnu/java/security/x509/ext/IssuerAlternativeNames.java
+++ b/gnu/java/security/x509/ext/IssuerAlternativeNames.java
@@ -1,5 +1,5 @@
 /* IssuerAlternatuveNames.java -- issuer alternative names extension.
-   Copyright (C) 2004, 2006  Free Software Foundation, Inc.
+   Copyright (C) 2004, 2006, 2015  Free Software Foundation, Inc.
 
 This file is part of GNU Classpath.
 
@@ -70,6 +70,7 @@ public class IssuerAlternativeNames extends Extension.Value
     return names.getNames();
   }
 
+  @Override
   public String toString()
   {
     return IssuerAlternativeNames.class.getName() + " [ " + names + " ]";
diff --git a/gnu/java/security/x509/ext/KeyUsage.java b/gnu/java/security/x509/ext/KeyUsage.java
index dcd98181e..f306e71a7 100644
--- a/gnu/java/security/x509/ext/KeyUsage.java
+++ b/gnu/java/security/x509/ext/KeyUsage.java
@@ -1,5 +1,5 @@
 /* KeyUsage.java -- the key usage extension.
-   Copyright (C) 2004  Free Software Foundation, Inc.
+   Copyright (C) 2004, 2015  Free Software Foundation, Inc.
 
 This file is part of GNU Classpath.
 
@@ -85,6 +85,7 @@ public class KeyUsage extends Extension.Value
     return keyUsage;
   }
 
+  @Override
   public String toString()
   {
     return KeyUsage.class.getName() + " [ " + keyUsage + " ]";
diff --git a/gnu/java/security/x509/ext/NameConstraints.java b/gnu/java/security/x509/ext/NameConstraints.java
index 8f374d560..f6104c9a3 100644
--- a/gnu/java/security/x509/ext/NameConstraints.java
+++ b/gnu/java/security/x509/ext/NameConstraints.java
@@ -1,5 +1,5 @@
 /* NameConstraints.java -- the NameConstraints X.509 extension.
-   Copyright (C) 2006  Free Software Foundation, Inc.
+   Copyright (C) 2006, 2015  Free Software Foundation, Inc.
 
 This file is a part of GNU Classpath.
 
@@ -152,6 +152,7 @@ public class NameConstraints extends Value
     return Collections.unmodifiableList(excludedSubtrees);
   }
 
+  @Override
   public String toString()
   {
     return NameConstraints.class.getName() + " [ permittedSubtrees="
diff --git a/gnu/java/security/x509/ext/PolicyConstraint.java b/gnu/java/security/x509/ext/PolicyConstraint.java
index 20cf552a0..3d88987bb 100644
--- a/gnu/java/security/x509/ext/PolicyConstraint.java
+++ b/gnu/java/security/x509/ext/PolicyConstraint.java
@@ -1,5 +1,5 @@
 /* PolicyConstraint.java -- policyConstraint extension
-   Copyright (C) 2004  Free Software Foundation, Inc.
+   Copyright (C) 2004, 2015  Free Software Foundation, Inc.
 
 This file is part of GNU Classpath.
 
@@ -98,6 +98,7 @@ public class PolicyConstraint extends Extension.Value
     return inhibitPolicyMapping;
   }
 
+  @Override
   public String toString()
   {
     return PolicyConstraint.class.getName() + " [ requireExplicitPolicy=" +
diff --git a/gnu/java/security/x509/ext/PolicyMappings.java b/gnu/java/security/x509/ext/PolicyMappings.java
index eeac340d3..27ce33e1a 100644
--- a/gnu/java/security/x509/ext/PolicyMappings.java
+++ b/gnu/java/security/x509/ext/PolicyMappings.java
@@ -1,5 +1,5 @@
 /* PolicyMappings.java -- policy mappings extension.
-   Copyright (C) 2004, 2014 Free Software Foundation, Inc.
+   Copyright (C) 2004, 2014, 2015 Free Software Foundation, Inc.
 
 This file is part of GNU Classpath.
 
@@ -97,6 +97,7 @@ public class PolicyMappings extends Extension.Value
     return mappings.get(issuerDomainPolicy);
   }
 
+  @Override
   public String toString()
   {
     return PolicyMappings.class.getName() + " [ " + mappings + " ]";
diff --git a/gnu/java/security/x509/ext/PrivateKeyUsagePeriod.java b/gnu/java/security/x509/ext/PrivateKeyUsagePeriod.java
index 3b531c055..31416266a 100644
--- a/gnu/java/security/x509/ext/PrivateKeyUsagePeriod.java
+++ b/gnu/java/security/x509/ext/PrivateKeyUsagePeriod.java
@@ -1,5 +1,5 @@
 /* PrivateKeyUsagePeriod.java -- private key usage period extension.
-   Copyright (C) 2004  Free Software Foundation, Inc.
+   Copyright (C) 2004, 2015  Free Software Foundation, Inc.
 
 This file is part of GNU Classpath.
 
@@ -97,6 +97,7 @@ public class PrivateKeyUsagePeriod extends Extension.Value
     return notAfter != null ? (Date) notAfter.clone() : null;
   }
 
+  @Override
   public String toString()
   {
     return PrivateKeyUsagePeriod.class.getName() + " [ notBefore=" + notBefore
diff --git a/gnu/java/security/x509/ext/ReasonCode.java b/gnu/java/security/x509/ext/ReasonCode.java
index a6d59e43a..7bc34af0b 100644
--- a/gnu/java/security/x509/ext/ReasonCode.java
+++ b/gnu/java/security/x509/ext/ReasonCode.java
@@ -1,5 +1,5 @@
 /* ReasonCode.java -- a reason code for a certificate revocation.
-   Copyright (C) 2004  Free Software Foundation, Inc.
+   Copyright (C) 2004, 2015  Free Software Foundation, Inc.
 
 This file is part of GNU Classpath.
 
@@ -78,6 +78,7 @@ public class ReasonCode extends Extension.Value
     return reason;
   }
 
+  @Override
   public String toString()
   {
     return ReasonCode.class.getName() + " [ " + reason + " ]";
diff --git a/gnu/java/security/x509/ext/SubjectAlternativeNames.java b/gnu/java/security/x509/ext/SubjectAlternativeNames.java
index 8b6347d99..590257735 100644
--- a/gnu/java/security/x509/ext/SubjectAlternativeNames.java
+++ b/gnu/java/security/x509/ext/SubjectAlternativeNames.java
@@ -1,5 +1,5 @@
 /* SubjectAlternatuveNames.java -- subject alternative names extension.
-   Copyright (C) 2004, 2006  Free Software Foundation, Inc.
+   Copyright (C) 2004, 2006, 2015  Free Software Foundation, Inc.
 
 This file is part of GNU Classpath.
 
@@ -70,6 +70,7 @@ public class SubjectAlternativeNames extends Extension.Value
     return names.getNames();
   }
 
+  @Override
   public String toString()
   {
     return SubjectAlternativeNames.class.getName() + " [ " + names + " ]";
diff --git a/gnu/java/security/x509/ext/SubjectKeyIdentifier.java b/gnu/java/security/x509/ext/SubjectKeyIdentifier.java
index fc65abe21..eb0e6902d 100644
--- a/gnu/java/security/x509/ext/SubjectKeyIdentifier.java
+++ b/gnu/java/security/x509/ext/SubjectKeyIdentifier.java
@@ -1,5 +1,5 @@
 /* SubjectKeyIdentifier.java -- subject key identifier extension.
-   Copyright (C) 2004  Free Software Foundation, Inc.
+   Copyright (C) 2004, 2015  Free Software Foundation, Inc.
 
 This file is part of GNU Classpath.
 
@@ -73,9 +73,10 @@ public class SubjectKeyIdentifier extends Extension.Value
 
   public byte[] getKeyIdentifier()
   {
-    return (byte[]) keyIdentifier.clone();
+    return keyIdentifier.clone();
   }
 
+  @Override
   public String toString()
   {
     return SubjectKeyIdentifier.class.getName() + " [ " +
diff --git a/gnu/javax/security/auth/Password.java b/gnu/javax/security/auth/Password.java
index 8fb07ee6b..1f639a160 100644
--- a/gnu/javax/security/auth/Password.java
+++ b/gnu/javax/security/auth/Password.java
@@ -1,5 +1,5 @@
 /* Password.java -- opaque wrapper around a password.
-   Copyright (C) 2004, 2006 Free Software Foundation, Inc.
+   Copyright (C) 2004, 2006, 2015 Free Software Foundation, Inc.
 
 This file is a part of GNU Classpath.
 
@@ -257,18 +257,16 @@ public final class Password extends ExpirableObject
    * method, {@link ExpirableObject#doDestroy()}.  See also,
    * {@link ExpirableObject#destroy()}.
    */
+  @Override
   protected synchronized void doDestroy()
   {
     if (isDestroyed())
       return;
-    else
-      {
-        for (int i = 0; i < password.length; i++)
-          password[i] = 0;
-        for (int i = 0; i < bPassword.length; i++)
-          bPassword[i] = 0;
-        mIsDestroyed = true;
-      }
+    for (int i = 0; i < password.length; i++)
+      password[i] = 0;
+    for (int i = 0; i < bPassword.length; i++)
+      bPassword[i] = 0;
+    mIsDestroyed = true;
   }
 
   /**
@@ -276,6 +274,7 @@ public final class Password extends ExpirableObject
    * {@link doDestroy()} method has been called.  See also,
    * {@ExpirableObject#destroy()}.
    */
+  @Override
   public synchronized boolean isDestroyed()
   {
     return (mIsDestroyed);
diff --git a/gnu/javax/security/auth/callback/AWTCallbackHandler.java b/gnu/javax/security/auth/callback/AWTCallbackHandler.java
index 5aad0335d..579dc5f7c 100644
--- a/gnu/javax/security/auth/callback/AWTCallbackHandler.java
+++ b/gnu/javax/security/auth/callback/AWTCallbackHandler.java
@@ -92,6 +92,7 @@ public class AWTCallbackHandler extends AbstractCallbackHandler
   // Instance methods.
   // -------------------------------------------------------------------------
 
+  @Override
   protected synchronized void handleChoice(ChoiceCallback c)
   {
     Frame ownerFrame = new Frame();
@@ -142,6 +143,7 @@ public class AWTCallbackHandler extends AbstractCallbackHandler
     ownerFrame.dispose();
   }
 
+  @Override
   protected synchronized void handleConfirmation(ConfirmationCallback c)
   {
     Frame ownerFrame = new Frame();
@@ -230,6 +232,7 @@ public class AWTCallbackHandler extends AbstractCallbackHandler
     ownerFrame.dispose();
   }
 
+  @Override
   protected synchronized void handleLanguage(LanguageCallback c)
   {
     Locale[] locales = Locale.getAvailableLocales();
@@ -279,6 +282,7 @@ public class AWTCallbackHandler extends AbstractCallbackHandler
       }
   }
 
+  @Override
   protected synchronized void handleName(NameCallback c)
   {
     Frame ownerFrame = new Frame();
@@ -316,6 +320,7 @@ public class AWTCallbackHandler extends AbstractCallbackHandler
     ownerFrame.dispose();
   }
 
+  @Override
   protected synchronized void handlePassword(PasswordCallback c)
   {
     Frame ownerFrame = new Frame();
@@ -353,6 +358,7 @@ public class AWTCallbackHandler extends AbstractCallbackHandler
     ownerFrame.dispose();
   }
 
+  @Override
   protected synchronized void handleTextInput(TextInputCallback c)
   {
     Frame ownerFrame = new Frame();
@@ -390,6 +396,7 @@ public class AWTCallbackHandler extends AbstractCallbackHandler
     ownerFrame.dispose();
   }
 
+  @Override
   protected synchronized void handleTextOutput(TextOutputCallback c)
   {
     Frame ownerFrame = new Frame();
@@ -428,6 +435,7 @@ public class AWTCallbackHandler extends AbstractCallbackHandler
   // ActionListener interface implementation.
   // -------------------------------------------------------------------------
 
+  @Override
   public synchronized void actionPerformed(ActionEvent ae)
   {
     actionCommand = ae.getActionCommand();
@@ -437,16 +445,17 @@ public class AWTCallbackHandler extends AbstractCallbackHandler
   // WindowListener interface implementation.
   // -------------------------------------------------------------------------
 
+  @Override
   public synchronized void windowClosing(WindowEvent we)
   {
     actionCommand = ACTION_NONE;
     notifyAll();
   }
 
-  public void windowOpened(WindowEvent we) { }
-  public void windowClosed(WindowEvent we) { }
-  public void windowIconified(WindowEvent we) { }
-  public void windowDeiconified(WindowEvent we) { }
-  public void windowActivated(WindowEvent we) { }
-  public void windowDeactivated(WindowEvent we) { }
+  @Override public void windowOpened(WindowEvent we) { }
+  @Override public void windowClosed(WindowEvent we) { }
+  @Override public void windowIconified(WindowEvent we) { }
+  @Override public void windowDeiconified(WindowEvent we) { }
+  @Override public void windowActivated(WindowEvent we) { }
+  @Override public void windowDeactivated(WindowEvent we) { }
 }
diff --git a/gnu/javax/security/auth/callback/AbstractCallbackHandler.java b/gnu/javax/security/auth/callback/AbstractCallbackHandler.java
index 31a7f5aca..4a0765b80 100644
--- a/gnu/javax/security/auth/callback/AbstractCallbackHandler.java
+++ b/gnu/javax/security/auth/callback/AbstractCallbackHandler.java
@@ -1,5 +1,5 @@
 /* AbstractCallbackHandler.java --
-   Copyright (C) 2005, 2006  Free Software Foundation, Inc.
+   Copyright (C) 2005, 2006, 2015  Free Software Foundation, Inc.
 
 This file is a part of GNU Classpath.
 
@@ -42,7 +42,6 @@ import gnu.java.security.Engine;
 
 import java.io.IOException;
 import java.lang.reflect.InvocationTargetException;
-import java.util.PropertyResourceBundle;
 import java.util.ResourceBundle;
 
 import java.security.NoSuchAlgorithmException;
@@ -79,7 +78,7 @@ public abstract class AbstractCallbackHandler implements CallbackHandler
   protected AbstractCallbackHandler (final String name)
   {
     super();
-    messages = PropertyResourceBundle.getBundle("gnu/javax/security/auth/callback/MessagesBundle");
+    messages = ResourceBundle.getBundle("gnu/javax/security/auth/callback/MessagesBundle");
     this.name = name;
   }
 
@@ -179,6 +178,7 @@ public abstract class AbstractCallbackHandler implements CallbackHandler
     throw x;
   }
 
+  @Override
   public void handle(Callback[] callbacks)
     throws IOException, UnsupportedCallbackException
   {
@@ -220,63 +220,70 @@ public abstract class AbstractCallbackHandler implements CallbackHandler
    *
    * @param callback The choice callback.
    * @throws IOException If an I/O error occurs.
+   * @throws UnsupportedCallbackException if the callback can't be handled.
    */
   protected abstract void handleChoice(ChoiceCallback callback)
-    throws IOException;
+    throws IOException, UnsupportedCallbackException;
 
   /**
    * Handles a {@link ConfirmationCallback}.
    *
    * @param callback The confirmation callback.
    * @throws IOException If an I/O error occurs.
+   * @throws UnsupportedCallbackException if the callback can't be handled.
    */
   protected abstract void handleConfirmation(ConfirmationCallback callback)
-    throws IOException;
+    throws IOException, UnsupportedCallbackException;
 
   /**
    * Handles a {@link LanguageCallback}.
    *
    * @param callback The language callback.
    * @throws IOException If an I/O error occurs.
+   * @throws UnsupportedCallbackException if the callback can't be handled.
    */
   protected abstract void handleLanguage(LanguageCallback callback)
-    throws IOException;
+    throws IOException, UnsupportedCallbackException;
 
   /**
    * Handles a {@link NameCallback}.
    *
    * @param callback The name callback.
    * @throws IOException If an I/O error occurs.
+   * @throws UnsupportedCallbackException if the callback can't be handled.
    */
   protected abstract void handleName(NameCallback callback)
-    throws IOException;
+    throws IOException, UnsupportedCallbackException;
 
   /**
    * Handles a {@link PasswordCallback}.
    *
    * @param callback The password callback.
    * @throws IOException If an I/O error occurs.
+   * @throws UnsupportedCallbackException if the callback can't be handled.
    */
   protected abstract void handlePassword(PasswordCallback callback)
-    throws IOException;
+    throws IOException, UnsupportedCallbackException;
 
   /**
    * Handles a {@link TextInputCallback}.
    *
    * @param callback The text input callback.
    * @throws IOException If an I/O error occurs.
+   * @throws UnsupportedCallbackException if the callback can't be handled.
    */
   protected abstract void handleTextInput(TextInputCallback callback)
-    throws IOException;
+    throws IOException, UnsupportedCallbackException;
 
   /**
    * Handles a {@link TextOutputCallback}.
    *
    * @param callback The text output callback.
    * @throws IOException If an I/O error occurs.
+   * @throws UnsupportedCallbackException if the callback can't be handled.
    */
   protected abstract void handleTextOutput(TextOutputCallback callback)
-    throws IOException;
+    throws IOException, UnsupportedCallbackException;
 
   /**
    * Handles an unknown callback. The default implementation simply throws
@@ -284,9 +291,10 @@ public abstract class AbstractCallbackHandler implements CallbackHandler
    *
    * @param callback The callback to handle.
    * @throws IOException If an I/O error occurs.
-   * @throws UnsupportedCallbackException If the specified callback is not
+   * @throws UnsupportedCallbackException if the specified callback is not
    *   supported.
    */
+  @SuppressWarnings({"static-method","unused"})
   protected void handleOther(Callback callback)
     throws IOException, UnsupportedCallbackException
   {
diff --git a/gnu/javax/security/auth/callback/ConsoleCallbackHandler.java b/gnu/javax/security/auth/callback/ConsoleCallbackHandler.java
index bb25ca049..298ee6f67 100644
--- a/gnu/javax/security/auth/callback/ConsoleCallbackHandler.java
+++ b/gnu/javax/security/auth/callback/ConsoleCallbackHandler.java
@@ -1,5 +1,5 @@
 /* ConsoleCallbackHandler.java --
-   Copyright (C) 2005, 2006, 2014  Free Software Foundation, Inc.
+   Copyright (C) 2005, 2006, 2014, 2015  Free Software Foundation, Inc.
 
 This file is a part of GNU Classpath.
 
@@ -85,6 +85,7 @@ public class ConsoleCallbackHandler extends AbstractCallbackHandler
   // Instance methods.
   // -------------------------------------------------------------------------
 
+  @Override
   protected void handleChoice(ChoiceCallback c) throws IOException
   {
     BufferedReader in = new BufferedReader(new InputStreamReader(System.in));
@@ -147,12 +148,13 @@ public class ConsoleCallbackHandler extends AbstractCallbackHandler
             int[] ii = new int[indices.size()];
             int i = 0;
             for (Iterator<Integer> it = indices.iterator(); it.hasNext(); )
-              ii[i++] = ((Integer) it.next()).intValue();
+              ii[i++] = it.next().intValue();
             c.setSelectedIndexes(ii);
           }
       }
   }
 
+  @Override
   protected void handleConfirmation(ConfirmationCallback c) throws IOException
   {
     BufferedReader in = new BufferedReader(new InputStreamReader(System.in));
@@ -249,6 +251,7 @@ public class ConsoleCallbackHandler extends AbstractCallbackHandler
     c.setSelectedIndex(c.getDefaultOption());
   }
 
+  @Override
   protected void handleLanguage(LanguageCallback c) throws IOException
   {
     BufferedReader in = new BufferedReader(new InputStreamReader(System.in));
@@ -265,6 +268,7 @@ public class ConsoleCallbackHandler extends AbstractCallbackHandler
       }
   }
 
+  @Override
   protected void handleName(NameCallback c) throws IOException
   {
     BufferedReader in = new BufferedReader(new InputStreamReader(System.in));
@@ -274,6 +278,7 @@ public class ConsoleCallbackHandler extends AbstractCallbackHandler
       c.setName(name.trim());
   }
 
+  @Override
   protected void handlePassword(PasswordCallback c) throws IOException
   {
     out.print(c.getPrompt());
@@ -283,6 +288,7 @@ public class ConsoleCallbackHandler extends AbstractCallbackHandler
     c.setPassword(pass.toCharArray());
   }
 
+  @Override
   protected void handleTextInput(TextInputCallback c) throws IOException
   {
     BufferedReader in = new BufferedReader(new InputStreamReader(System.in));
@@ -292,6 +298,7 @@ public class ConsoleCallbackHandler extends AbstractCallbackHandler
       c.setText(text);
   }
 
+  @Override
   protected void handleTextOutput(TextOutputCallback c)
   {
     out.print(c.getMessage());
diff --git a/gnu/javax/security/auth/callback/DefaultCallbackHandler.java b/gnu/javax/security/auth/callback/DefaultCallbackHandler.java
index df0360b2e..afe1fb261 100644
--- a/gnu/javax/security/auth/callback/DefaultCallbackHandler.java
+++ b/gnu/javax/security/auth/callback/DefaultCallbackHandler.java
@@ -1,5 +1,5 @@
 /* DefaultCallbackHandler.java --
-   Copyright (C) 2004, 2006 Free Software Foundation, Inc.
+   Copyright (C) 2004, 2006, 2015 Free Software Foundation, Inc.
 
 This file is a part of GNU Classpath.
 
@@ -66,11 +66,13 @@ public class DefaultCallbackHandler extends AbstractCallbackHandler
   // Instance methods.
   // -------------------------------------------------------------------------
 
+  @Override
   protected void handleChoice(ChoiceCallback c)
   {
     c.setSelectedIndex(c.getDefaultChoice());
   }
 
+  @Override
   protected void handleConfirmation(ConfirmationCallback c)
   {
     if (c.getOptionType() == ConfirmationCallback.YES_NO_OPTION)
@@ -83,26 +85,31 @@ public class DefaultCallbackHandler extends AbstractCallbackHandler
       c.setSelectedIndex(c.getDefaultOption());
   }
 
+  @Override
   protected void handleLanguage(LanguageCallback c)
   {
     c.setLocale(Locale.getDefault());
   }
 
+  @Override
   protected void handleName(NameCallback c)
   {
     c.setName(System.getProperty("user.name"));
   }
 
+  @Override
   protected void handlePassword(PasswordCallback c)
   {
     c.setPassword(new char[0]);
   }
 
+  @Override
   protected void handleTextInput(TextInputCallback c)
   {
     c.setText("");
   }
 
+  @Override
   protected void handleTextOutput(TextOutputCallback c)
   {
   }
diff --git a/gnu/javax/security/auth/callback/GnuCallbacks.java b/gnu/javax/security/auth/callback/GnuCallbacks.java
index 810452010..cc1bcb77e 100644
--- a/gnu/javax/security/auth/callback/GnuCallbacks.java
+++ b/gnu/javax/security/auth/callback/GnuCallbacks.java
@@ -53,6 +53,7 @@ public final class GnuCallbacks extends Provider
 
     AccessController.doPrivileged(new PrivilegedAction<Void>()
       {
+	@Override
         public Void run()
         {
           put("CallbackHandler.Default", DefaultCallbackHandler.class.getName());
diff --git a/gnu/javax/security/auth/callback/SwingCallbackHandler.java b/gnu/javax/security/auth/callback/SwingCallbackHandler.java
index c9d5b3eb5..8076ffba1 100644
--- a/gnu/javax/security/auth/callback/SwingCallbackHandler.java
+++ b/gnu/javax/security/auth/callback/SwingCallbackHandler.java
@@ -1,5 +1,5 @@
  /* SwingCallbackHandler.java --
-    Copyright (C) 2006  Free Software Foundation, Inc.
+    Copyright (C) 2006, 2014, 2015  Free Software Foundation, Inc.
 
 This file is a part of GNU Classpath.
 
@@ -60,6 +60,7 @@ import javax.security.auth.callback.NameCallback;
 import javax.security.auth.callback.PasswordCallback;
 import javax.security.auth.callback.TextInputCallback;
 import javax.security.auth.callback.TextOutputCallback;
+import javax.security.auth.callback.UnsupportedCallbackException;
 
 import javax.swing.JButton;
 import javax.swing.JDialog;
@@ -71,6 +72,8 @@ import javax.swing.JScrollPane;
 import javax.swing.JTextArea;
 import javax.swing.JTextField;
 import javax.swing.ListSelectionModel;
+import javax.swing.SwingConstants;
+import javax.swing.ScrollPaneConstants;
 
 public class SwingCallbackHandler extends AbstractCallbackHandler
 {
@@ -79,6 +82,7 @@ public class SwingCallbackHandler extends AbstractCallbackHandler
     super ("SWING");
   }
 
+  @Override
   protected void handleChoice (final ChoiceCallback callback)
     throws IOException
   {
@@ -87,7 +91,7 @@ public class SwingCallbackHandler extends AbstractCallbackHandler
     Container content = dialog.getContentPane ();
     GridBagLayout layout = new GridBagLayout ();
     content.setLayout (layout);
-    JLabel prompt = new JLabel (callback.getPrompt (), JLabel.LEFT);
+    JLabel prompt = new JLabel (callback.getPrompt (), SwingConstants.LEFT);
     content.add (prompt, new GridBagConstraints (0, 0, 1, 1, 0, 0,
                                                  GridBagConstraints.WEST,
                                                  GridBagConstraints.NONE,
@@ -96,8 +100,8 @@ public class SwingCallbackHandler extends AbstractCallbackHandler
     String[] choices = callback.getChoices ();
     final JList choicesList = new JList (choices);
     JScrollPane choicesPane = new JScrollPane (choicesList,
-                                               JScrollPane.VERTICAL_SCROLLBAR_AS_NEEDED,
-                                               JScrollPane.HORIZONTAL_SCROLLBAR_AS_NEEDED);
+                                               ScrollPaneConstants.VERTICAL_SCROLLBAR_AS_NEEDED,
+                                               ScrollPaneConstants.HORIZONTAL_SCROLLBAR_AS_NEEDED);
     final int defaultChoice = callback.getDefaultChoice ();
     choicesList.setSelectedIndex (defaultChoice);
     choicesList.setSelectionMode (callback.allowMultipleSelections ()
@@ -123,6 +127,7 @@ public class SwingCallbackHandler extends AbstractCallbackHandler
 
     cancel.addActionListener (new ActionListener ()
       {
+	@Override
         public void actionPerformed (final ActionEvent ae)
         {
           callback.setSelectedIndex (defaultChoice);
@@ -135,6 +140,7 @@ public class SwingCallbackHandler extends AbstractCallbackHandler
       });
     ok.addActionListener (new ActionListener ()
       {
+	@Override
         public void actionPerformed (final ActionEvent ae)
         {
           if (callback.allowMultipleSelections ())
@@ -167,8 +173,9 @@ public class SwingCallbackHandler extends AbstractCallbackHandler
     waitForInput (dialog, callback);
   }
 
+  @Override
   protected void handleConfirmation (final ConfirmationCallback callback)
-    throws IOException
+    throws IOException, UnsupportedCallbackException
   {
     final JDialog dialog = new JDialog ();
     switch (callback.getMessageType ())
@@ -182,6 +189,9 @@ public class SwingCallbackHandler extends AbstractCallbackHandler
       case ConfirmationCallback.INFORMATION:
         dialog.setTitle (messages.getString ("callback.information"));
         break;
+      default:
+	throw new UnsupportedCallbackException(callback,
+					       "Invalid message type.");
       }
     Container content = dialog.getContentPane ();
     content.setLayout (new GridBagLayout ());
@@ -199,6 +209,7 @@ public class SwingCallbackHandler extends AbstractCallbackHandler
     final String[] options = callback.getOptions ();
     ActionListener listener = new ActionListener ()
       {
+	@Override
         public void actionPerformed (ActionEvent ae)
         {
           String cmd = ae.getActionCommand ();
@@ -236,14 +247,13 @@ public class SwingCallbackHandler extends AbstractCallbackHandler
     buttons.setLayout (new FlowLayout (FlowLayout.RIGHT));
     switch (callback.getOptionType ())
       {
-      case ConfirmationCallback.YES_NO_CANCEL_OPTION:
+      case ConfirmationCallback.YES_NO_CANCEL_OPTION: //$FALL-THROUGH$
         {
           JButton cancel = new JButton (messages.getString ("callback.cancel"));
           buttons.add (cancel);
           cancel.setActionCommand ("cancel");
           cancel.addActionListener (listener);
-        }
-        /* Fall-through. */
+        } //$FALL-THROUGH$
       case ConfirmationCallback.YES_NO_OPTION:
         {
           JButton yes = new JButton (messages.getString ("callback.yes"));
@@ -280,6 +290,10 @@ public class SwingCallbackHandler extends AbstractCallbackHandler
             if (i == options.length - 1)
               dialog.getRootPane ().setDefaultButton (button);
           }
+	break;
+      default:
+	throw new UnsupportedCallbackException(callback,
+					       "Invalid option type.");
       }
     content.add (buttons,
                  new GridBagConstraints (0, GridBagConstraints.RELATIVE,
@@ -293,21 +307,19 @@ public class SwingCallbackHandler extends AbstractCallbackHandler
     waitForInput (dialog, callback);
   }
 
+  @Override
   protected void handleLanguage (final LanguageCallback callback)
     throws IOException
   {
     Locale locale = Locale.getDefault ();
     Locale[] locales = Locale.getAvailableLocales ();
     String[] localeNames = new String[locales.length+1];
-    int defaultIndex = 0;
     for (int i = 0; i < locales.length; i++)
       {
         localeNames[i+1] = locales[i].getDisplayLanguage (locales[i]);
         String country = locales[i].getDisplayCountry (locales[i]);
         if (country.length () > 0)
           localeNames[i+1] += " (" + country + ")";
-        if (locales[i].equals (locale))
-          defaultIndex = i;
       }
     locales[0] = locale;
     localeNames[0] = locale.getDisplayLanguage (locale);
@@ -325,6 +337,7 @@ public class SwingCallbackHandler extends AbstractCallbackHandler
       callback.setLocale (locale);
   }
 
+  @Override
   protected void handleName (final NameCallback callback)
     throws IOException
   {
@@ -350,6 +363,7 @@ public class SwingCallbackHandler extends AbstractCallbackHandler
 
     ActionListener listener = new ActionListener ()
       {
+	@Override
         public void actionPerformed (ActionEvent ae)
         {
           String cmd = ae.getActionCommand ();
@@ -385,6 +399,7 @@ public class SwingCallbackHandler extends AbstractCallbackHandler
     waitForInput (dialog, callback);
   }
 
+  @Override
   protected void handlePassword (final PasswordCallback callback)
     throws IOException
   {
@@ -408,6 +423,7 @@ public class SwingCallbackHandler extends AbstractCallbackHandler
 
     ActionListener listener = new ActionListener ()
       {
+	@Override
         public void actionPerformed (ActionEvent ae)
         {
           String cmd = ae.getActionCommand ();
@@ -443,6 +459,7 @@ public class SwingCallbackHandler extends AbstractCallbackHandler
     waitForInput (dialog, callback);
   }
 
+  @Override
   protected void handleTextInput (final TextInputCallback callback)
     throws IOException
   {
@@ -463,8 +480,8 @@ public class SwingCallbackHandler extends AbstractCallbackHandler
       text.setText (_text);
     text.setFont (new Font ("Monospaced", Font.PLAIN, 12));
     JScrollPane textPane = new JScrollPane (text,
-                                            JScrollPane.VERTICAL_SCROLLBAR_AS_NEEDED,
-                                            JScrollPane.HORIZONTAL_SCROLLBAR_AS_NEEDED);
+                                            ScrollPaneConstants.VERTICAL_SCROLLBAR_AS_NEEDED,
+                                            ScrollPaneConstants.HORIZONTAL_SCROLLBAR_AS_NEEDED);
     content.add (textPane,
                  new GridBagConstraints (0, 1, 1, 1, 1, 1,
                                          GridBagConstraints.CENTER,
@@ -473,6 +490,7 @@ public class SwingCallbackHandler extends AbstractCallbackHandler
 
     ActionListener listener = new ActionListener ()
       {
+	@Override
         public void actionPerformed (ActionEvent ae)
         {
           String cmd = ae.getActionCommand ();
@@ -508,8 +526,9 @@ public class SwingCallbackHandler extends AbstractCallbackHandler
     waitForInput (dialog, callback);
   }
 
+  @Override
   protected void handleTextOutput (final TextOutputCallback callback)
-    throws IOException
+    throws IOException, UnsupportedCallbackException
   {
     final JDialog dialog = new JDialog ();
     switch (callback.getMessageType ())
@@ -523,6 +542,9 @@ public class SwingCallbackHandler extends AbstractCallbackHandler
       case TextOutputCallback.INFORMATION:
         dialog.setTitle (messages.getString ("callback.information"));
         break;
+      default:
+	throw new UnsupportedCallbackException(callback,
+					       "Invalid message type.");
       }
     Container content = dialog.getContentPane ();
     content.setLayout (new GridBagLayout ());
@@ -532,8 +554,8 @@ public class SwingCallbackHandler extends AbstractCallbackHandler
     text.setText (callback.getMessage ());
     text.setFont (new Font ("Monospaced", Font.PLAIN, 12));
     JScrollPane textPane = new JScrollPane (text,
-                                            JScrollPane.VERTICAL_SCROLLBAR_AS_NEEDED,
-                                            JScrollPane.HORIZONTAL_SCROLLBAR_AS_NEEDED);
+                                            ScrollPaneConstants.VERTICAL_SCROLLBAR_AS_NEEDED,
+                                            ScrollPaneConstants.HORIZONTAL_SCROLLBAR_AS_NEEDED);
     content.add (textPane,
                  new GridBagConstraints (0, 0, 1, 1, 1, 1,
                                          GridBagConstraints.CENTER,
@@ -542,6 +564,7 @@ public class SwingCallbackHandler extends AbstractCallbackHandler
 
     ActionListener listener = new ActionListener ()
       {
+	@Override
         public void actionPerformed (ActionEvent ae)
         {
           dialog.setVisible (false);
@@ -567,7 +590,7 @@ public class SwingCallbackHandler extends AbstractCallbackHandler
     waitForInput (dialog, callback);
   }
 
-  private void waitForInput (JDialog dialog, Callback callback)
+  private static void waitForInput (JDialog dialog, Callback callback)
   {
     synchronized (callback)
       {
diff --git a/gnu/javax/security/auth/login/ConfigFileParser.java b/gnu/javax/security/auth/login/ConfigFileParser.java
index e86e4a8c6..07c81ebf8 100644
--- a/gnu/javax/security/auth/login/ConfigFileParser.java
+++ b/gnu/javax/security/auth/login/ConfigFileParser.java
@@ -1,5 +1,5 @@
 /* ConfigFileParser.java -- JAAS Login Configuration default syntax parser
-   Copyright (C) 2006, 2010, 2014  Free Software Foundation, Inc.
+   Copyright (C) 2006, 2010, 2014, 2015  Free Software Foundation, Inc.
 
 This file is part of GNU Classpath.
 
@@ -130,7 +130,7 @@ public final class ConfigFileParser
       }
   }
 
-  private void initParser(Reader r) throws IOException
+  private void initParser(Reader r)
   {
     map.clear();
 
@@ -304,7 +304,7 @@ public final class ConfigFileParser
    * the string is not a known System property name, then the complete sequence
    * (incl. the ${} characters are passed AS IS.
    */
-  private String expandParamValue(String s)
+  private static String expandParamValue(String s)
   {
     String result = s;
     try
diff --git a/gnu/javax/security/auth/login/GnuConfiguration.java b/gnu/javax/security/auth/login/GnuConfiguration.java
index b7c3b5a44..86961f6b8 100644
--- a/gnu/javax/security/auth/login/GnuConfiguration.java
+++ b/gnu/javax/security/auth/login/GnuConfiguration.java
@@ -1,5 +1,5 @@
 /* GnuConfiguration.java -- GNU Classpath implementation of JAAS Configuration
-   Copyright (C) 2006, 2010, 2014  Free Software Foundation, Inc.
+   Copyright (C) 2006, 2010, 2014, 2015  Free Software Foundation, Inc.
 
 This file is part of GNU Classpath.
 
@@ -163,6 +163,7 @@ public final class GnuConfiguration extends Configuration
   /* (non-Javadoc)
    * @see javax.security.auth.login.Configuration#getAppConfigurationEntry(java.lang.String)
    */
+  @Override
   public AppConfigurationEntry[] getAppConfigurationEntry(String appName)
   {
     if (appName == null)
@@ -193,6 +194,7 @@ public final class GnuConfiguration extends Configuration
    * <code>refreshLoginConfiguration</code>.
    * @see AuthPermission
    */
+  @Override
   public void refresh()
   {
     SecurityManager sm = System.getSecurityManager();
@@ -289,7 +291,7 @@ public final class GnuConfiguration extends Configuration
    * @throws IOException
    *           if an exception occurs during the operation.
    */
-  private InputStream getInputStreamFromURL(String s) throws IOException
+  private static InputStream getInputStreamFromURL(String s) throws IOException
   {
     InputStream result = null;
     try
@@ -385,8 +387,7 @@ public final class GnuConfiguration extends Configuration
   private void parseConfig(InputStream configStream) throws IOException
   {
     cp.parse(new InputStreamReader(configStream, "UTF-8"));
-    Map<String,List<AppConfigurationEntry>> loginModulesMap = cp.getLoginModulesMap();
-    mergeLoginModules(loginModulesMap);
+    mergeLoginModules(cp.getLoginModulesMap());
   }
 
   private void mergeLoginModules(Map<String,List<AppConfigurationEntry>> otherLoginModules)
@@ -409,7 +410,7 @@ public final class GnuConfiguration extends Configuration
       }
   }
 
-  private File getUserHome()
+  private static File getUserHome()
   {
     String uh = System.getProperty("user.home");
     if (uh == null || uh.trim().length() == 0)
@@ -441,7 +442,7 @@ public final class GnuConfiguration extends Configuration
     return result;
   }
 
-  private File getConfigFromUserHome(File userHome, String fileName)
+  private static File getConfigFromUserHome(File userHome, String fileName)
   {
     File result = new File(userHome, fileName);
     if (! result.exists())
diff --git a/java/security/AccessControlContext.java b/java/security/AccessControlContext.java
index 726a6f6e6..5e491cb01 100644
--- a/java/security/AccessControlContext.java
+++ b/java/security/AccessControlContext.java
@@ -1,5 +1,5 @@
 /* AccessControlContext.java --- Access Control Context Class
-   Copyright (C) 1999, 2004, 2014 Free Software Foundation, Inc.
+   Copyright (C) 1999, 2004, 2014, 2015 Free Software Foundation, Inc.
 
 This file is part of GNU Classpath.
 
@@ -172,6 +172,7 @@ public final class AccessControlContext
    *
    * @return true if equal, false otherwise
    */
+  @Override
   public boolean equals(Object obj)
   {
     if (obj instanceof AccessControlContext)
@@ -202,6 +203,7 @@ public final class AccessControlContext
    *
    * @return a hash code representing this class
    */
+  @Override
   public int hashCode()
   {
     int h = 0;
diff --git a/java/security/AlgorithmParameters.java b/java/security/AlgorithmParameters.java
index ba805143e..7cc98f385 100644
--- a/java/security/AlgorithmParameters.java
+++ b/java/security/AlgorithmParameters.java
@@ -1,5 +1,5 @@
 /* AlgorithmParameters.java --- Algorithm Parameters Implementation Class
-   Copyright (C) 1999, 2003, 2004  Free Software Foundation, Inc.
+   Copyright (C) 1999, 2003, 2004, 2015  Free Software Foundation, Inc.
 
 This file is part of GNU Classpath.
 
@@ -310,6 +310,7 @@ public class AlgorithmParameters
    *
    * @return a string representation of the encoded form.
    */
+  @Override
   public final String toString()
   {
     return paramSpi.engineToString();
diff --git a/java/security/AllPermission.java b/java/security/AllPermission.java
index 0a0a5f2ce..12e7d986a 100644
--- a/java/security/AllPermission.java
+++ b/java/security/AllPermission.java
@@ -1,5 +1,6 @@
 /* AllPermission.java -- Permission to do anything
-   Copyright (C) 1998, 2001, 2002, 2004, 2005, 2014  Free Software Foundation, Inc.
+   Copyright (C) 1998, 2001, 2002, 2004, 2005, 2014, 2015
+   Free Software Foundation, Inc.
 
 This file is part of GNU Classpath.
 
@@ -78,6 +79,7 @@ public final class AllPermission extends Permission
    * @param name ignored
    * @param actions ignored
    */
+  @SuppressWarnings("unused")
   public AllPermission(String name, String actions)
   {
     super("*");
@@ -90,6 +92,7 @@ public final class AllPermission extends Permission
    * @param perm ignored
    * @return true, the permission is implied
    */
+  @Override
   public boolean implies(Permission perm)
   {
     return true;
@@ -100,6 +103,7 @@ public final class AllPermission extends Permission
    *
    * @param obj the <code>Object</code> to test for equality
    */
+  @Override
   public boolean equals(Object obj)
   {
     return obj instanceof AllPermission;
@@ -110,6 +114,7 @@ public final class AllPermission extends Permission
    *
    * @return a hash value for this object
    */
+  @Override
   public int hashCode()
   {
     return 1;
@@ -121,6 +126,7 @@ public final class AllPermission extends Permission
    *
    * @return the action list
    */
+  @Override
   public String getActions()
   {
     return "";
@@ -131,6 +137,7 @@ public final class AllPermission extends Permission
    *
    * @return a permission collection
    */
+  @Override
   public PermissionCollection newPermissionCollection()
   {
     return new AllPermissionCollection();
@@ -157,6 +164,15 @@ public final class AllPermission extends Permission
     private boolean all_allowed;
 
     /**
+     * Public constructor to avoid generation of a
+     * synthetic accessor method.
+     */
+    public AllPermissionCollection()
+    {
+      super();
+    }
+
+    /**
      * Add an AllPermission.
      *
      * @param perm the permission to add
diff --git a/java/security/BasicPermission.java b/java/security/BasicPermission.java
index 3bd0bd8f3..86c58f0e0 100644
--- a/java/security/BasicPermission.java
+++ b/java/security/BasicPermission.java
@@ -1,5 +1,5 @@
 /* BasicPermission.java -- implements a simple named permission
-   Copyright (C) 1998, 1999, 2002, 2003, 2004, 2005, 2006, 2014
+   Copyright (C) 1998, 1999, 2002, 2003, 2004, 2005, 2006, 2014, 2015
    Free Software Foundation, Inc.
 
 This file is part of GNU Classpath.
@@ -39,7 +39,6 @@ exception statement from your version. */
 
 package java.security;
 
-import java.io.Serializable;
 import java.util.Enumeration;
 import java.util.Hashtable;
 
@@ -74,7 +73,6 @@ import java.util.Hashtable;
  * @status updated to 1.4
  */
 public abstract class BasicPermission extends Permission
-  implements Serializable
 {
   /**
    * Compatible with JDK 1.1+.
@@ -111,6 +109,7 @@ public abstract class BasicPermission extends Permission
    * @throws NullPointerException if name is null
    * @throws IllegalArgumentException if name is invalid
    */
+  @SuppressWarnings("unused")
   public BasicPermission(String name, String actions)
   {
     this(name);
@@ -183,6 +182,7 @@ public abstract class BasicPermission extends Permission
    *
    * @return the action list
    */
+  @Override
   public String getActions()
   {
     return "";
@@ -197,6 +197,7 @@ public abstract class BasicPermission extends Permission
    *
    * @return a new empty <code>PermissionCollection</code> object
    */
+  @Override
   public PermissionCollection newPermissionCollection()
   {
     return new BasicPermissionCollection(getClass());
diff --git a/java/security/Certificate.java b/java/security/Certificate.java
index 5cdba6e10..cb863b578 100644
--- a/java/security/Certificate.java
+++ b/java/security/Certificate.java
@@ -1,5 +1,5 @@
 /* Certificate.java -- deprecated interface for modeling digital certificates
-   Copyright (C) 1998, 2002, 2004  Free Software Foundation, Inc.
+   Copyright (C) 1998, 2002, 2004, 2015  Free Software Foundation, Inc.
 
 This file is part of GNU Classpath.
 
@@ -45,7 +45,7 @@ import java.io.OutputStream;
 /**
  * This interface models a digital certificate which verifies the
  * authenticity of a party.  This class simply allows certificate
- * information to be queried, it does not guarantee that the certificate
+ * information to be queried; it does not guarantee that the certificate
  * is valid.
  *
  * <p>This class is deprecated in favor of the new java.security.cert package.
@@ -56,6 +56,7 @@ import java.io.OutputStream;
  * @deprecated use {@link java.security.cert} instead
  * @status updated to 1.4
  */
+@Deprecated
 public interface Certificate
 {
   /**
diff --git a/java/security/DigestInputStream.java b/java/security/DigestInputStream.java
index c0a74f3ab..7bd440e26 100644
--- a/java/security/DigestInputStream.java
+++ b/java/security/DigestInputStream.java
@@ -1,5 +1,5 @@
 /* DigestInputStream.java --- An Input stream tied to a message digest
-   Copyright (C) 1999, 2003, 2004, 2005  Free Software Foundation, Inc.
+   Copyright (C) 1999, 2003, 2004, 2005, 2015  Free Software Foundation, Inc.
 
 This file is part of GNU Classpath.
 
@@ -110,6 +110,7 @@ public class DigestInputStream extends FilterInputStream
    * @throws IOException if an IO error occurs in the underlying input stream,
    * this error is thrown
    */
+  @Override
   public int read() throws IOException
   {
     int temp = in.read();
@@ -134,6 +135,7 @@ public class DigestInputStream extends FilterInputStream
    * @throws IOException if an IO error occurs in the underlying input stream,
    * this error is thrown
    */
+  @Override
   public int read(byte[]b, int off, int len) throws IOException
   {
     int temp = in.read(b, off, len);
@@ -160,6 +162,7 @@ public class DigestInputStream extends FilterInputStream
    *
    * @return A string representing the input stream and message digest.
    */
+  @Override
   public String toString()
   {
     return "[Digest Input Stream] " + digest.toString();
diff --git a/java/security/DigestOutputStream.java b/java/security/DigestOutputStream.java
index 748f83d79..2b745adc5 100644
--- a/java/security/DigestOutputStream.java
+++ b/java/security/DigestOutputStream.java
@@ -1,5 +1,5 @@
 /* DigestOutputStream.java --- An output stream tied to a message digest
-   Copyright (C) 1999, 2004, 2005  Free Software Foundation, Inc.
+   Copyright (C) 1999, 2004, 2005, 2015  Free Software Foundation, Inc.
 
 This file is part of GNU Classpath.
 
@@ -108,6 +108,7 @@ public class DigestOutputStream extends FilterOutputStream
    * @exception IOException if the underlying output stream
    * cannot write the byte, this is thrown.
    */
+  @Override
   public void write(int b) throws IOException
   {
     if (state)
@@ -127,6 +128,7 @@ public class DigestOutputStream extends FilterOutputStream
    * @exception IOException if the underlying output stream
    * cannot write the bytes, this is thrown.
    */
+  @Override
   public void write(byte[]b, int off, int len) throws IOException
   {
     if (state)
@@ -151,6 +153,7 @@ public class DigestOutputStream extends FilterOutputStream
    *
    * @return A string representing the output stream and message digest.
    */
+  @Override
   public String toString()
   {
     return "[Digest Output Stream] " + digest.toString();
diff --git a/java/security/DummyKeyPairGenerator.java b/java/security/DummyKeyPairGenerator.java
index da8c362eb..63c89ebd9 100644
--- a/java/security/DummyKeyPairGenerator.java
+++ b/java/security/DummyKeyPairGenerator.java
@@ -1,5 +1,5 @@
 /* DummyKeyPairGenerator.java - Wrapper for KeyPairGeneratorSpi
-   Copyright (C) 1999, 2002 Free Software Foundation, Inc.
+   Copyright (C) 1999, 2002, 2015 Free Software Foundation, Inc.
 
 This file is part of GNU Classpath.
 
@@ -49,6 +49,7 @@ final class DummyKeyPairGenerator extends KeyPairGenerator
     this.kpgSpi = kpgSpi;
   }
 
+  @Override
   public Object clone() throws CloneNotSupportedException
   {
     KeyPairGenerator result = new DummyKeyPairGenerator
@@ -57,17 +58,20 @@ final class DummyKeyPairGenerator extends KeyPairGenerator
     return result;
   }
 
+  @Override
   public void initialize(int keysize, SecureRandom random)
   {
     kpgSpi.initialize(keysize, random);
   }
 
+  @Override
   public void initialize(AlgorithmParameterSpec params, SecureRandom random)
     throws InvalidAlgorithmParameterException
   {
     kpgSpi.initialize(params, random);
   }
 
+  @Override
   public KeyPair generateKeyPair()
   {
     return kpgSpi.generateKeyPair();
diff --git a/java/security/DummyMessageDigest.java b/java/security/DummyMessageDigest.java
index 6cecdcf68..7b78f828a 100644
--- a/java/security/DummyMessageDigest.java
+++ b/java/security/DummyMessageDigest.java
@@ -1,5 +1,5 @@
 /* DummyMessageDigest.java - Wrapper for MessageDigestSpi
-   Copyright (C) 1999, 2002 Free Software Foundation, Inc.
+   Copyright (C) 1999, 2002, 2015 Free Software Foundation, Inc.
 
 This file is part of GNU Classpath.
 
@@ -47,6 +47,7 @@ final class DummyMessageDigest extends MessageDigest
     this.mdSpi = mdSpi;
   }
 
+  @Override
   public Object clone() throws CloneNotSupportedException
   {
     MessageDigest result = new DummyMessageDigest
@@ -57,32 +58,38 @@ final class DummyMessageDigest extends MessageDigest
 
   // java.security.MessageDigestSpi abstract methods implementation ---------
 
+  @Override
   public byte[] engineDigest()
   {
     return mdSpi.engineDigest();
   }
 
+  @Override
   public int engineDigest(byte[] buf, int offset, int len)
     throws DigestException
   {
     return mdSpi.engineDigest(buf, offset, len);
   }
 
+  @Override
   public int engineGetDigestLength()
   {
     return mdSpi.engineGetDigestLength();
   }
 
+  @Override
   public void engineReset()
   {
     mdSpi.engineReset();
   }
 
+  @Override
   public void engineUpdate(byte input)
   {
     mdSpi.engineUpdate(input);
   }
 
+  @Override
   public void engineUpdate(byte[] input, int offset, int len)
   {
     mdSpi.engineUpdate(input, offset, len);
diff --git a/java/security/Identity.java b/java/security/Identity.java
index d3f48e887..9086bb7ab 100644
--- a/java/security/Identity.java
+++ b/java/security/Identity.java
@@ -1,5 +1,5 @@
 /* Identity.java --- Identity Class
-   Copyright (C) 1999, 2003, 2014, Free Software Foundation, Inc.
+   Copyright (C) 1999, 2003, 2014, 2015, Free Software Foundation, Inc.
 
 This file is part of GNU Classpath.
 
@@ -49,7 +49,7 @@ import java.util.Vector;
  * identity. The names cannot be changed and the identities can be scoped. Each
  * identity (name and public key) within a scope are unique to that scope.</p>
  *
- * <p>Each identity has a set of ceritificates which all specify the same
+ * <p>Each identity has a set of certificates which all specify the same
  * public key, but not necessarily the same name.</p>
  *
  * <p>The <code>Identity</code> class can be subclassed to allow additional
@@ -63,6 +63,7 @@ import java.util.Vector;
  * <code>java.security.cert</code> package, and
  * <code>java.security.Principal</code>.
  */
+@Deprecated
 public abstract class Identity implements Principal, Serializable
 {
   private static final long serialVersionUID = 3609922007826600659L;
@@ -110,6 +111,7 @@ public abstract class Identity implements Principal, Serializable
   }
 
   /** @return the name of this identity. */
+  @Override
   public final String getName()
   {
     return name;
@@ -252,6 +254,7 @@ public abstract class Identity implements Principal, Serializable
    * @return <code>true</code> if they are equal, <code>false</code>
    *         otherwise.
    */
+  @Override
   public final boolean equals(Object identity)
   {
     if (identity instanceof Identity)
@@ -290,6 +293,7 @@ public abstract class Identity implements Principal, Serializable
    *           if a {@link SecurityManager} is installed which disallows this
    *           operation.
    */
+  @Override
   public String toString()
   {
     SecurityManager sm = System.getSecurityManager();
@@ -321,14 +325,12 @@ public abstract class Identity implements Principal, Serializable
         /* TODO: Insert proper detailed format here */
         return (name + ":@" + scope + " Public Key: " + publicKey);
       }
-    else
-      {
-        /* TODO: Insert proper format here */
-        return (name + ":@" + scope + " Public Key: " + publicKey);
-      }
+    /* TODO: Insert proper format here */
+    return (name + ":@" + scope + " Public Key: " + publicKey);
   }
 
   /** @return a hashcode of this identity. */
+  @Override
   public int hashCode()
   {
     int ret = name.hashCode();
diff --git a/java/security/IdentityScope.java b/java/security/IdentityScope.java
index 4391fbd49..4cdccdd55 100644
--- a/java/security/IdentityScope.java
+++ b/java/security/IdentityScope.java
@@ -1,5 +1,5 @@
 /* IdentityScope.java --- IdentityScope Class
-   Copyright (C) 1999, 2003, Free Software Foundation, Inc.
+   Copyright (C) 1999, 2003, 2015, Free Software Foundation, Inc.
 
 This file is part of GNU Classpath.
 
@@ -59,6 +59,7 @@ import java.util.Enumeration;
  * @deprecated Use java.security.KeyStore, the java.security.cert package, and
  *             java.security.Principal.
  */
+@Deprecated
 public abstract class IdentityScope extends Identity
 {
   private static final long serialVersionUID = -2337346281189773310L;
@@ -209,6 +210,7 @@ public abstract class IdentityScope extends Identity
    *
    * @return a string representation of this instance.
    */
+  @Override
   public String toString()
   {
     return (super.getName() + " " + super.getScope().getName() + " " + size());
diff --git a/java/security/IntersectingDomainCombiner.java b/java/security/IntersectingDomainCombiner.java
index 9a40ce75e..f93812533 100644
--- a/java/security/IntersectingDomainCombiner.java
+++ b/java/security/IntersectingDomainCombiner.java
@@ -1,5 +1,5 @@
 /* IntersectingDomainCombiner.java --
-   Copyright (C) 2004, 2014  Free Software Foundation, Inc.
+   Copyright (C) 2004, 2014, 2015  Free Software Foundation, Inc.
 
 This file is part of GNU Classpath.
 
@@ -62,6 +62,7 @@ final class IntersectingDomainCombiner implements DomainCombiner
   // Methods.
   // -------------------------------------------------------------------------
 
+  @Override
   public ProtectionDomain[] combine (ProtectionDomain[] currentDomains,
                                      ProtectionDomain[] assignedDomains)
   {
diff --git a/java/security/KeyPairGenerator.java b/java/security/KeyPairGenerator.java
index 457c5a531..190a0a517 100644
--- a/java/security/KeyPairGenerator.java
+++ b/java/security/KeyPairGenerator.java
@@ -315,6 +315,7 @@ public abstract class KeyPairGenerator extends KeyPairGeneratorSpi
    * @return a new unique {@link KeyPair}.
    * @see #genKeyPair()
    */
+  @Override
   public KeyPair generateKeyPair()
   {
     try
diff --git a/java/security/KeyPairGeneratorSpi.java b/java/security/KeyPairGeneratorSpi.java
index 1eaad9832..659f9d760 100644
--- a/java/security/KeyPairGeneratorSpi.java
+++ b/java/security/KeyPairGeneratorSpi.java
@@ -1,5 +1,5 @@
 /* KeyPairGeneratorSpi.java --- Key Pair Generator SPI Class
-   Copyright (C) 1999, 2002 Free Software Foundation, Inc.
+   Copyright (C) 1999, 2002, 2015 Free Software Foundation, Inc.
 
 This file is part of GNU Classpath.
 
@@ -76,6 +76,7 @@ public abstract class KeyPairGeneratorSpi
 
      @throws InvalidAlgorithmParameterException
    */
+  @SuppressWarnings({"unused","static-method"})
   public void initialize(AlgorithmParameterSpec params, SecureRandom random)
     throws InvalidAlgorithmParameterException
   {
@@ -95,6 +96,7 @@ public abstract class KeyPairGeneratorSpi
    * We override clone here to make it accessible for use by
    * DummyKeyPairGenerator.
    */
+  @Override
   protected Object clone() throws CloneNotSupportedException
   {
     return super.clone();
diff --git a/java/security/KeyStore.java b/java/security/KeyStore.java
index 25173e543..baf9a3c94 100644
--- a/java/security/KeyStore.java
+++ b/java/security/KeyStore.java
@@ -1,5 +1,5 @@
 /* KeyStore.java --- Key Store Class
-   Copyright (C) 1999, 2002, 2003, 2004  Free Software Foundation, Inc.
+   Copyright (C) 1999, 2002, 2003, 2004, 2014  Free Software Foundation, Inc.
 
 This file is part of GNU Classpath.
 
@@ -171,7 +171,7 @@ public class KeyStore
    *
    * @param type the type of keystore to create.
    * @param provider the provider to use.
-   * @return a <code>KeyStore</code> repesenting the desired type.
+   * @return a <code>KeyStore</code> representing the desired type.
    * @throws KeyStoreException if the designated type is not implemented by the
    *           given provider.
    * @throws IllegalArgumentException if either <code>type</code> or
@@ -215,6 +215,7 @@ public class KeyStore
     // Security reads every property in java.security so it
     // will return this property if it exists.
     String tmp = AccessController.doPrivileged(new PrivilegedAction<String> () {
+	@Override
         public String run()
         {
           return Security.getProperty("keystore.type");
diff --git a/java/security/MessageDigest.java b/java/security/MessageDigest.java
index a4eeab447..d4e844993 100644
--- a/java/security/MessageDigest.java
+++ b/java/security/MessageDigest.java
@@ -1,5 +1,5 @@
 /* MessageDigest.java --- The message digest interface.
-   Copyright (C) 1999, 2002, 2003, 2006 Free Software Foundation, Inc.
+   Copyright (C) 1999, 2002, 2003, 2006, 2014 Free Software Foundation, Inc.
 
 This file is part of GNU Classpath.
 
@@ -288,6 +288,7 @@ public abstract class MessageDigest extends MessageDigestSpi
    *
    * @return a string representation of this instance.
    */
+  @Override
   public String toString()
   {
     return (getClass()).getName() + " Message Digest <" + digestToString() + ">";
@@ -353,6 +354,7 @@ public abstract class MessageDigest extends MessageDigestSpi
    * @throws CloneNotSupportedException
    *           the implementation does not support cloning.
    */
+  @Override
   public Object clone() throws CloneNotSupportedException
   {
     return super.clone();
diff --git a/java/security/MessageDigestSpi.java b/java/security/MessageDigestSpi.java
index 63cc96047..5c16b66fd 100644
--- a/java/security/MessageDigestSpi.java
+++ b/java/security/MessageDigestSpi.java
@@ -1,5 +1,5 @@
 /* MessageDigestSpi.java --- The message digest service provider interface.
-   Copyright (C) 1999, 2005  Free Software Foundation, Inc.
+   Copyright (C) 1999, 2005, 2014, 2015  Free Software Foundation, Inc.
 
 This file is part of GNU Classpath.
 
@@ -76,6 +76,7 @@ public abstract class MessageDigestSpi
 
      @since 1.2
    */
+  @SuppressWarnings("static-method")
   protected int engineGetDigestLength()
   {
     return 0;
@@ -167,6 +168,7 @@ public abstract class MessageDigestSpi
      implementation has to overload this class in order to be
      cloneable.
    */
+  @Override
   public Object clone() throws CloneNotSupportedException
   {
     return super.clone();
diff --git a/java/security/Permission.java b/java/security/Permission.java
index cf6399b16..f39466f17 100644
--- a/java/security/Permission.java
+++ b/java/security/Permission.java
@@ -1,5 +1,6 @@
 /* Permission.java -- The superclass for all permission objects
-   Copyright (C) 1998, 2001, 2002, 2005  Free Software Foundation, Inc.
+   Copyright (C) 1998, 2001, 2002, 2005, 2014, 2015
+   Free Software Foundation, Inc.
 
 This file is part of GNU Classpath.
 
@@ -105,6 +106,7 @@ public abstract class Permission implements Guard, Serializable
    * @see GuardedObject
    * @see SecurityManager#checkPermission(Permission)
    */
+  @Override
   public void checkGuard(Object obj)
   {
     SecurityManager sm = System.getSecurityManager();
@@ -127,6 +129,7 @@ public abstract class Permission implements Guard, Serializable
    *
    * @param obj the object to compare to
    */
+  @Override
   public abstract boolean equals(Object obj);
 
   /**
@@ -136,6 +139,7 @@ public abstract class Permission implements Guard, Serializable
    *
    * @return a hash value
    */
+  @Override
   public abstract int hashCode();
 
   /**
@@ -168,6 +172,7 @@ public abstract class Permission implements Guard, Serializable
    *
    * @return a new <code>PermissionCollection</code>
    */
+  @SuppressWarnings("static-method")
   public PermissionCollection newPermissionCollection()
   {
     return null;
@@ -181,6 +186,7 @@ public abstract class Permission implements Guard, Serializable
    *
    * @return this object as a <code>String</code>
    */
+  @Override
   public String toString()
   {
     CPStringBuilder string = new CPStringBuilder();
diff --git a/java/security/PermissionCollection.java b/java/security/PermissionCollection.java
index ef87cc7e1..64a5bd038 100644
--- a/java/security/PermissionCollection.java
+++ b/java/security/PermissionCollection.java
@@ -1,5 +1,5 @@
 /* PermissionCollection.java -- A collection of permission objects
-   Copyright (C) 1998, 2001, 2002, 2005  Free Software Foundation, Inc.
+   Copyright (C) 1998, 2001, 2002, 2005, 2014  Free Software Foundation, Inc.
 
 This file is part of GNU Classpath.
 
@@ -156,6 +156,7 @@ public abstract class PermissionCollection implements Serializable
    *
    * @return a <code>String</code> representing this object
    */
+  @Override
   public String toString()
   {
     CPStringBuilder sb = new CPStringBuilder(super.toString());
diff --git a/java/security/Permissions.java b/java/security/Permissions.java
index 40087ba02..669d9140f 100644
--- a/java/security/Permissions.java
+++ b/java/security/Permissions.java
@@ -1,5 +1,6 @@
 /* Permissions.java -- a collection of permission collections
-   Copyright (C) 1998, 2001, 2002, 2004, 2005, 2014 Free Software Foundation, Inc.
+   Copyright (C) 1998, 2001, 2002, 2004, 2005, 2014, 2015
+   Free Software Foundation, Inc.
 
 This file is part of GNU Classpath.
 
@@ -38,7 +39,6 @@ exception statement from your version. */
 
 package java.security;
 
-import java.io.Serializable;
 import java.util.Enumeration;
 import java.util.Hashtable;
 import java.util.NoSuchElementException;
@@ -58,7 +58,6 @@ import java.util.NoSuchElementException;
  * @since 1.1
  */
 public final class Permissions extends PermissionCollection
-  implements Serializable
 {
   /**
    * Compatible with JDK 1.1+.
@@ -159,6 +158,7 @@ public final class Permissions extends PermissionCollection
       Enumeration<PermissionCollection> mainEnum = perms.elements();
       Enumeration<Permission> subEnum;
 
+      @Override
       public boolean hasMoreElements()
       {
         if (subEnum == null)
@@ -181,6 +181,7 @@ public final class Permissions extends PermissionCollection
         return true;
       }
 
+      @Override
       public Permission nextElement()
       {
         if (! hasMoreElements())
@@ -208,8 +209,12 @@ public final class Permissions extends PermissionCollection
      *
      * @serial the stored permissions, both as key and value
      */
-    private final Hashtable<Permission,Permission> perms =
-      new Hashtable<Permission,Permission>();
+    private final Hashtable<Permission,Permission> perms;
+
+    public PermissionsHash()
+    {
+      perms = new Hashtable<Permission,Permission>();
+    }
 
     /**
      * Add a permission. We don't need to check for read-only, as this
@@ -219,7 +224,7 @@ public final class Permissions extends PermissionCollection
      * @param perm the permission to add
      */
     @Override
-    public void add(Permission perm)
+    public synchronized void add(Permission perm)
     {
       perms.put(perm, perm);
     }
@@ -230,9 +235,9 @@ public final class Permissions extends PermissionCollection
      * @param perm the permission to check
      * @return true if it is implied
      */
-    // FIXME: Should this method be synchronized?
+    // Synchronized to avoid elements being added mid-iteration
     @Override
-    public boolean implies(Permission perm)
+    public synchronized boolean implies(Permission perm)
     {
       Enumeration<Permission> elements = elements();
 
diff --git a/java/security/Policy.java b/java/security/Policy.java
index 930315bfd..9f3459c9a 100644
--- a/java/security/Policy.java
+++ b/java/security/Policy.java
@@ -274,7 +274,7 @@ public abstract class Policy
     if (pd2pc == null)
       setup(this);
 
-    PermissionCollection pc = (PermissionCollection) pd2pc.get(domain);
+    PermissionCollection pc = pd2pc.get(domain);
     if (pc != null)
       return pc.implies(permission);
 
diff --git a/java/security/Principal.java b/java/security/Principal.java
index 6d9de6ccd..a3cd851cc 100644
--- a/java/security/Principal.java
+++ b/java/security/Principal.java
@@ -1,5 +1,5 @@
 /* Principal.java -- A security entity
-   Copyright (C) 1998, 2002, 2005  Free Software Foundation, Inc.
+   Copyright (C) 1998, 2002, 2005, 2014  Free Software Foundation, Inc.
 
 This file is part of GNU Classpath.
 
@@ -56,6 +56,7 @@ public interface Principal
    * @param obj the Object to test for equality
    * @return true if the specified <code>Principal</code> is equal
    */
+  @Override
   boolean equals(Object obj);
 
   /**
@@ -64,6 +65,7 @@ public interface Principal
    *
    * @return this <code>Principal</code> represented as a <code>String</code>
    */
+  @Override
   String toString();
 
   /**
@@ -73,6 +75,7 @@ public interface Principal
    *
    * @return a hash value
    */
+  @Override
   int hashCode();
 
   /**
diff --git a/java/security/PrivilegedActionException.java b/java/security/PrivilegedActionException.java
index 3f08c8130..bedd773dd 100644
--- a/java/security/PrivilegedActionException.java
+++ b/java/security/PrivilegedActionException.java
@@ -1,5 +1,5 @@
 /* PrivilegedActionException.java -- wrap an exception in a privileged action
-   Copyright (C) 1998, 2002, 2005  Free Software Foundation, Inc.
+   Copyright (C) 1998, 2002, 2005, 2014  Free Software Foundation, Inc.
 
 This file is part of GNU Classpath.
 
@@ -92,18 +92,10 @@ public class PrivilegedActionException extends Exception
    * @return the cause
    * @since 1.4
    */
+  @Override
   public Throwable getCause()
   {
     return exception;
   }
 
-  /**
-   * Convert this to a String.
-   *
-   * @return the string representation
-   */
-  public String toString()
-  {
-    return super.toString();
-  }
 }
diff --git a/java/security/ProtectionDomain.java b/java/security/ProtectionDomain.java
index 7be5875dc..cbf66f356 100644
--- a/java/security/ProtectionDomain.java
+++ b/java/security/ProtectionDomain.java
@@ -1,5 +1,5 @@
 /* ProtectionDomain.java -- A security domain
-   Copyright (C) 1998, 2003, 2004  Free Software Foundation, Inc.
+   Copyright (C) 1998, 2003, 2004, 2015  Free Software Foundation, Inc.
 
 This file is part of GNU Classpath.
 
@@ -144,7 +144,7 @@ public class ProtectionDomain
 
     this.classloader = classloader;
     this.principals =
-        (principals != null ? (Principal[]) principals.clone() : new Principal[0]);
+        (principals != null ? principals.clone() : new Principal[0]);
     this.staticBinding = staticBinding;
   }
 
@@ -178,7 +178,7 @@ public class ProtectionDomain
    */
   public final Principal[] getPrincipals()
   {
-    return (Principal[]) principals.clone();
+    return principals.clone();
   }
 
   /**
@@ -217,6 +217,7 @@ public class ProtectionDomain
    *
    * @return A string representation of this object.
    */
+  @Override
   public String toString()
   {
     String linesep = SystemProperties.getProperty("line.separator");
diff --git a/java/security/Provider.java b/java/security/Provider.java
index b1d6d9ce2..c6e0deace 100644
--- a/java/security/Provider.java
+++ b/java/security/Provider.java
@@ -1,5 +1,6 @@
 /* Provider.java -- Security provider information
-   Copyright (C) 1998, 1999, 2000, 2002, 2006 Free Software Foundation, Inc.
+   Copyright (C) 1998, 1999, 2000, 2002, 2006, 2014, 2015
+   Free Software Foundation, Inc.
 
 This file is part of GNU Classpath.
 
@@ -37,7 +38,6 @@ exception statement from your version. */
 
 package java.security;
 
-import java.io.Serializable;
 import java.util.Properties;
 
 /**
@@ -53,7 +53,6 @@ import java.util.Properties;
  */
 public abstract class Provider
     extends Properties
-    implements Serializable
 {
   private static final long serialVersionUID = -4298000515446427739L;
 
@@ -138,6 +137,8 @@ public abstract class Provider
    * @see java.lang.Object#equals(Object)
    * @see java.util.Hashtable#get(Object)
    */
+  @Override
+  @SuppressWarnings("sync-override") // Calls super-class
   public Object put(Object key, Object value)
   {
     SecurityManager sm = System.getSecurityManager();
@@ -147,6 +148,8 @@ public abstract class Provider
   }
 
   // overrides same in java.util.Hashtable
+  @Override
+  @SuppressWarnings("sync-override") // Calls super-class
   public Object get(Object key)
   {
     return super.get(toCanonicalKey(key));
@@ -167,6 +170,8 @@ public abstract class Provider
    * @return The previous value for this key, or <code>null</code> if no
    * previous value.
    */
+  @Override
+  @SuppressWarnings("sync-override") // Calls super-class
   public Object remove(Object key)
   {
     SecurityManager sm = System.getSecurityManager();
@@ -188,6 +193,8 @@ public abstract class Provider
    * {@link SecurityManager#checkPermission(Permission)} for a
    * <code>SecurityPermission("clearProviderProperties." + name)</code>.
    */
+  @Override
+  @SuppressWarnings("sync-override") // Calls super-class
   public void clear()
   {
     SecurityManager sm = System.getSecurityManager();
@@ -203,13 +210,15 @@ public abstract class Provider
    *
    * @return A <code>String</code> representation of this object.
    */
+  @Override
+  @SuppressWarnings("sync-override") // Doesn't access collection
   public String toString()
   {
     return (getClass().getName() + ": name=" + getName() + " version=" +
             version);
   }
 
-  private Object toCanonicalKey(Object key)
+  private static Object toCanonicalKey(Object key)
   {
     if (key.getClass().isAssignableFrom(String.class)) // is it ours?
       return ((String) key).toUpperCase(); // use default locale
diff --git a/java/security/SecureClassLoader.java b/java/security/SecureClassLoader.java
index 1480b7116..c52f99472 100644
--- a/java/security/SecureClassLoader.java
+++ b/java/security/SecureClassLoader.java
@@ -1,5 +1,5 @@
 /* SecureClassLoader.java --- A Secure Class Loader
-   Copyright (C) 1999, 2004, 2006  Free Software Foundation, Inc.
+   Copyright (C) 1999, 2004, 2006, 2015  Free Software Foundation, Inc.
 
 This file is part of GNU Classpath.
 
@@ -140,9 +140,9 @@ public class SecureClassLoader extends ClassLoader
    * argument to build a proper ProtectionDomain for the class
    * being defined.
    */
+  @SuppressWarnings("static-method")
   protected PermissionCollection getPermissions(CodeSource cs)
   {
-    Policy policy = Policy.getCurrentPolicy();
-    return policy.getPermissions(cs);
+    return Policy.getCurrentPolicy().getPermissions(cs);
   }
 }
diff --git a/java/security/SecureRandom.java b/java/security/SecureRandom.java
index 649966fee..d17a886d2 100644
--- a/java/security/SecureRandom.java
+++ b/java/security/SecureRandom.java
@@ -1,5 +1,5 @@
 /* SecureRandom.java --- Secure Random class implementation
-   Copyright (C) 1999, 2001, 2002, 2003, 2005, 2006, 2014
+   Copyright (C) 1999, 2001, 2002, 2003, 2005, 2006, 2014, 2015
    Free Software Foundation, Inc.
 
 This file is part of GNU Classpath.
@@ -310,7 +310,7 @@ public class SecureRandom extends Random
 
      @param seed seed bytes to seed with
    */
-  public void setSeed(byte[] seed)
+  public synchronized void setSeed(byte[] seed)
   {
     secureRandomSpi.engineSetSeed(seed);
     isSeeded = true;
@@ -322,7 +322,8 @@ public class SecureRandom extends Random
 
      @param seed 8 seed bytes to seed with
    */
-  public void setSeed(long seed)
+  @Override
+  public synchronized void setSeed(long seed)
   {
     // This particular setSeed will be called by Random.Random(), via
     // our own constructor, before secureRandomSpi is initialized.  In
@@ -351,7 +352,8 @@ public class SecureRandom extends Random
 
      @param bytes array to store generated bytes in
    */
-  public void nextBytes(byte[] bytes)
+  @Override
+  public synchronized void nextBytes(byte[] bytes)
   {
     if (!isSeeded)
       setSeed(getSeed(32));
@@ -369,6 +371,8 @@ public class SecureRandom extends Random
 
      @return the random bits
    */
+  @Override
+  @SuppressWarnings("sync-override") // nextBytes(byte[]) is synchronized
   protected final int next(int numBits)
   {
     if (numBits == 0)
@@ -404,7 +408,7 @@ public class SecureRandom extends Random
 
      @return an array containing the seed bytes
    */
-  public byte[] generateSeed(int numBytes)
+  public synchronized byte[] generateSeed(int numBytes)
   {
     return secureRandomSpi.engineGenerateSeed(numBytes);
   }
diff --git a/java/security/Security.java b/java/security/Security.java
index 6b20a7cb6..66f3ab255 100644
--- a/java/security/Security.java
+++ b/java/security/Security.java
@@ -183,6 +183,7 @@ public final class Security
    *             {@link AlgorithmParameters} and {@link KeyFactory} engine
    *             classes instead.
    */
+  @Deprecated
   public static String getAlgorithmProperty(String algName, String propName)
   {
     if (algName == null || propName == null)
@@ -322,12 +323,10 @@ public final class Security
   {
     if (name == null)
       return null;
-    else
-      {
-        name = name.trim();
-        if (name.length() == 0)
-          return null;
-      }
+    name = name.trim();
+    if (name.length() == 0)
+      return null;
+
     Provider p;
     int max = providers.size ();
     for (int i = 0; i < max; i++)
@@ -414,10 +413,10 @@ public final class Security
       return result;
 
     serviceName = serviceName.toUpperCase()+".";
-    Provider[] providers = getProviders();
+    Provider[] provs = getProviders();
     int ndx;
-    for (int i = 0; i < providers.length; i++)
-      for (String s : providers[i].stringPropertyNames())
+    for (int i = 0; i < provs.length; i++)
+      for (String s : provs[i].stringPropertyNames())
         {
           String service = s.trim();
           if (service.toUpperCase().startsWith(serviceName))
@@ -634,7 +633,7 @@ public final class Security
   private static boolean provides(Provider p, String svc, String algo,
                                   String attr, String val)
   {
-    String serviceDotAlgorithm = null;
+    String serviceDotAlgorithm = "";
     String realVal;
     boolean found = false;
     // if <svc>.<algo> <attr> is in the set then so is <svc>.<algo>
diff --git a/java/security/SecurityPermission.java b/java/security/SecurityPermission.java
index 6aba18f34..cdfd0be66 100644
--- a/java/security/SecurityPermission.java
+++ b/java/security/SecurityPermission.java
@@ -1,5 +1,5 @@
 /* SecurityPermission.java -- Class for named security permissions
-   Copyright (C) 1998, 2002 Free Software Foundation, Inc.
+   Copyright (C) 1998, 2002, 2014 Free Software Foundation, Inc.
 
 This file is part of GNU Classpath.
 
@@ -171,6 +171,7 @@ public final class SecurityPermission extends BasicPermission
    * @param name the name to assign to this permission
    * @param actions ignored
    */
+  @SuppressWarnings("unused")
   public SecurityPermission(String name, String actions)
   {
     super(name);
diff --git a/java/security/Signature.java b/java/security/Signature.java
index d7186395f..29ce53512 100644
--- a/java/security/Signature.java
+++ b/java/security/Signature.java
@@ -1,5 +1,5 @@
 /* Signature.java --- Signature Class
-   Copyright (C) 1999, 2002, 2003, 2004  Free Software Foundation, Inc.
+   Copyright (C) 1999, 2002, 2003, 2004, 2014  Free Software Foundation, Inc.
 
 This file is part of GNU Classpath.
 
@@ -332,8 +332,7 @@ public abstract class Signature extends SignatureSpi
   {
     if (state == SIGN)
       return engineSign();
-    else
-      throw new SignatureException();
+    throw new SignatureException();
   }
 
   /**
@@ -365,8 +364,7 @@ public abstract class Signature extends SignatureSpi
   {
     if (state == SIGN)
       return engineSign(outbuf, offset, len);
-    else
-      throw new SignatureException();
+    throw new SignatureException();
   }
 
   /**
@@ -383,8 +381,7 @@ public abstract class Signature extends SignatureSpi
   {
     if (state == VERIFY)
       return engineVerify(signature);
-    else
-      throw new SignatureException();
+    throw new SignatureException();
   }
 
   /**
@@ -510,6 +507,7 @@ public abstract class Signature extends SignatureSpi
    *
    * @return a rstring representation of this instance.
    */
+  @Override
   public String toString()
   {
     return (algorithm + " Signature");
@@ -527,6 +525,7 @@ public abstract class Signature extends SignatureSpi
    *           can not be changed, a security exception occured, etc.
    * @deprecated use the other setParameter
    */
+  @Deprecated
   public final void setParameter(String param, Object value)
     throws InvalidParameterException
   {
@@ -573,6 +572,7 @@ public abstract class Signature extends SignatureSpi
    *           if the parameter is invalid.
    * @deprecated use the other getParameter
    */
+  @Deprecated
   public final Object getParameter(String param)
     throws InvalidParameterException
   {
@@ -586,6 +586,7 @@ public abstract class Signature extends SignatureSpi
    * @throws CloneNotSupportedException
    *           if the implementation does not support cloning.
    */
+  @Override
   public Object clone() throws CloneNotSupportedException
   {
     return super.clone();
diff --git a/java/security/SignatureSpi.java b/java/security/SignatureSpi.java
index 11ce551a0..491a183ed 100644
--- a/java/security/SignatureSpi.java
+++ b/java/security/SignatureSpi.java
@@ -250,6 +250,7 @@ public abstract class SignatureSpi
    *           cannot be changed, a security exception occured, etc.
    * @deprecated use the other setParameter.
    */
+  @Deprecated
   protected abstract void engineSetParameter(String param, Object value)
     throws InvalidParameterException;
 
@@ -266,6 +267,7 @@ public abstract class SignatureSpi
    *           if the parameter is invalid, the parameter is already set and
    *           cannot be changed, a security exception occured, etc.
    */
+  @SuppressWarnings({"unused","static-method"})
   protected void engineSetParameter(AlgorithmParameterSpec params)
     throws InvalidAlgorithmParameterException
   {
@@ -284,6 +286,7 @@ public abstract class SignatureSpi
    * @throws UnsupportedOperationException
    *           always.
    */
+  @SuppressWarnings("static-method")
   protected AlgorithmParameters engineGetParameters()
   {
     throw new UnsupportedOperationException();
@@ -299,6 +302,7 @@ public abstract class SignatureSpi
    *           if the parameter is invalid.
    * @deprecated use the other getParameter
    */
+  @Deprecated
   protected abstract Object engineGetParameter(String param)
     throws InvalidParameterException;
 
diff --git a/java/security/SignedObject.java b/java/security/SignedObject.java
index 79f551cce..2f09cb05b 100644
--- a/java/security/SignedObject.java
+++ b/java/security/SignedObject.java
@@ -1,5 +1,5 @@
 /* SignedObject.java --- Signed Object Class
-   Copyright (C) 1999, 2003, Free Software Foundation, Inc.
+   Copyright (C) 1999, 2003, 2014 Free Software Foundation, Inc.
 
 This file is part of GNU Classpath.
 
@@ -155,7 +155,7 @@ public final class SignedObject implements Serializable
    */
   public byte[] getSignature()
   {
-    return (byte[]) signature.clone();
+    return signature.clone();
 
   }
 
@@ -197,7 +197,7 @@ public final class SignedObject implements Serializable
     throws IOException, ClassNotFoundException
   {
     s.defaultReadObject();
-    content = (byte[]) content.clone();
-    signature = (byte[]) signature.clone();
+    content = content.clone();
+    signature = signature.clone();
   }
 }
diff --git a/java/security/Signer.java b/java/security/Signer.java
index 18259c863..faf73f771 100644
--- a/java/security/Signer.java
+++ b/java/security/Signer.java
@@ -1,5 +1,5 @@
 /* Signer.java --- Signer Class
-   Copyright (C) 1999, 2003, Free Software Foundation, Inc.
+   Copyright (C) 1999, 2003, 2014 Free Software Foundation, Inc.
 
 This file is part of GNU Classpath.
 
@@ -45,6 +45,7 @@ package java.security;
  * @deprecated Replaced by <code>java.security.KeyStore</code>, the
  * <code>java.security.cert</code> package, and <code>java.security.Principal</code>.
  */
+@Deprecated
 public abstract class Signer extends Identity
 {
   private static final long serialVersionUID = -1763464102261361480L;
@@ -141,6 +142,7 @@ public abstract class Signer extends Identity
   }
 
   /** @returns a string representing this <code>Signer</code>. */
+  @Override
   public String toString()
   {
     return (getName() + ": " + privateKey);
diff --git a/java/security/UnresolvedPermission.java b/java/security/UnresolvedPermission.java
index d7af92211..73ffc0b58 100644
--- a/java/security/UnresolvedPermission.java
+++ b/java/security/UnresolvedPermission.java
@@ -246,7 +246,7 @@ public final class UnresolvedPermission extends Permission
   {
     if (certs == null)
       return null;
-    return (Certificate[]) certs.clone();
+    return certs.clone();
   }
 } // class UnresolvedPermission
 
@@ -322,6 +322,7 @@ class UnresolvedPermissionCollection extends PermissionCollection
       Enumeration<Vector<Permission>> mainEnum = permissions.elements();
       Enumeration<Permission> subEnum;
 
+      @Override
       public boolean hasMoreElements()
       {
         if (subEnum == null)
@@ -344,6 +345,7 @@ class UnresolvedPermissionCollection extends PermissionCollection
         return true;
       }
 
+      @Override
       public Permission nextElement()
       {
         if (! hasMoreElements())
diff --git a/java/security/acl/Acl.java b/java/security/acl/Acl.java
index 10a59fdf5..dd1b60193 100644
--- a/java/security/acl/Acl.java
+++ b/java/security/acl/Acl.java
@@ -1,5 +1,5 @@
 /* Acl.java -- An access control list
-   Copyright (C) 1998 Free Software Foundation, Inc.
+   Copyright (C) 1998, 2014 Free Software Foundation, Inc.
 
 This file is part of GNU Classpath.
 
@@ -149,5 +149,6 @@ public interface Acl extends Owner
    *
    * @return A <code>String</code> representation of this ACL
    */
+  @Override
   String toString();
 }
diff --git a/java/security/acl/AclEntry.java b/java/security/acl/AclEntry.java
index 47154b285..a0982da92 100644
--- a/java/security/acl/AclEntry.java
+++ b/java/security/acl/AclEntry.java
@@ -1,5 +1,5 @@
 /* AclEntry.java -- An entry in an ACL list.
-   Copyright (C) 1998 Free Software Foundation, Inc.
+   Copyright (C) 1998, 2014 Free Software Foundation, Inc.
 
 This file is part of GNU Classpath.
 
@@ -72,7 +72,8 @@ public interface AclEntry extends Cloneable
    *
    * @param user The <code>Principal</code> for this ACL entry
    *
-   * @return <code>true</code> if the <code>Principal</code> was successfully set or <code>false</code> if this entry already has a <code>Principal</code>.
+   * @return <code>true</code> if the <code>Principal</code> was successfully
+   *         set or <code>false</code> if this entry already has a <code>Principal</code>.
    */
   boolean setPrincipal(Principal user);
 
@@ -96,7 +97,8 @@ public interface AclEntry extends Cloneable
    *
    * @param permission The <code>Permission</code> to add
    *
-   * @return <code>true</code> if the permission was added or <code>false</code> if it was already set for this entry
+   * @return <code>true</code> if the permission was added or
+   *         <code>false</code> if it was already set for this entry
    */
   boolean addPermission(Permission permission);
 
@@ -105,7 +107,9 @@ public interface AclEntry extends Cloneable
    *
    * @param perm The <code>Permission</code> to delete from this ACL entry.
    *
-   * @return <code>true</code> if the permission was successfully deleted or <code>false</code> if the permission was not part of this ACL to begin with
+   * @return <code>true</code> if the permission was successfully deleted
+   *         or <code>false</code> if the permission was not part of this
+   *         ACL to begin with
    */
   boolean removePermission(Permission perm);
 
@@ -115,7 +119,8 @@ public interface AclEntry extends Cloneable
    *
    * @param permission The <code>Permission</code> to test
    *
-   * @return <code>true</code> if this permission is associated with this entry or <code>false</code> otherwise
+   * @return <code>true</code> if this permission is associated
+   *         with this entry or <code>false</code> otherwise
    */
   boolean checkPermission(Permission permission);
 
@@ -132,6 +137,7 @@ public interface AclEntry extends Cloneable
    *
    * @return A <code>String</code> representation of this object
    */
+  @Override
   String toString();
 
   /**
diff --git a/java/security/acl/Permission.java b/java/security/acl/Permission.java
index e5ba29138..663be09bd 100644
--- a/java/security/acl/Permission.java
+++ b/java/security/acl/Permission.java
@@ -1,5 +1,5 @@
 /* Permission.java -- Information about an ACL permission
-   Copyright (C) 1998 Free Software Foundation, Inc.
+   Copyright (C) 1998, 2014 Free Software Foundation, Inc.
 
 This file is part of GNU Classpath.
 
@@ -56,6 +56,7 @@ public interface Permission
    *
    * @return <code>true</code> if the specified permission is the same as this one, <code>false</code> otherwise
    */
+  @Override
   boolean equals (Object perm);
 
   /**
@@ -63,5 +64,6 @@ public interface Permission
    *
    * @return A <code>String</code> representing this permission.
    */
+  @Override
   String toString();
 }
diff --git a/java/security/cert/CRL.java b/java/security/cert/CRL.java
index 1eaa70fa9..618aa4566 100644
--- a/java/security/cert/CRL.java
+++ b/java/security/cert/CRL.java
@@ -1,5 +1,5 @@
 /* CRL.java --- Certificate Revocation List
-   Copyright (C) 1999 Free Software Foundation, Inc.
+   Copyright (C) 1999, 2014 Free Software Foundation, Inc.
 
 This file is part of GNU Classpath.
 
@@ -81,6 +81,7 @@ public abstract class CRL
 
      @return a string representing the CRL.
   */
+  @Override
   public abstract String toString();
 
   /**
diff --git a/java/security/cert/CertPath.java b/java/security/cert/CertPath.java
index 5c9a12ab9..221c267d6 100644
--- a/java/security/cert/CertPath.java
+++ b/java/security/cert/CertPath.java
@@ -1,5 +1,5 @@
 /* CertPath.java -- a sequence of certificates
-   Copyright (C) 2002, 2005, 2014  Free Software Foundation, Inc.
+   Copyright (C) 2002, 2005, 2014, 2015  Free Software Foundation, Inc.
 
 This file is part of GNU Classpath.
 
@@ -173,6 +173,7 @@ public abstract class CertPath implements Serializable
    * @param o the object to compare to
    * @return true if the two are equal
    */
+  @Override
   public boolean equals(Object o)
   {
     if (! (o instanceof CertPath))
@@ -188,11 +189,13 @@ public abstract class CertPath implements Serializable
    *
    * @return the hashcode
    */
+  @Override
   public int hashCode()
   {
     return 31 * type.hashCode() + getCertificates().hashCode();
   }
 
+  @Override
   public String toString()
   {
     List<? extends Certificate> l = getCertificates();
diff --git a/java/security/cert/CertPathBuilderException.java b/java/security/cert/CertPathBuilderException.java
index 985151010..5906dae93 100644
--- a/java/security/cert/CertPathBuilderException.java
+++ b/java/security/cert/CertPathBuilderException.java
@@ -1,6 +1,6 @@
 /* CertPathBuilderException.java -- wraps an exception during certificate
    path building
-   Copyright (C) 2002, 2005  Free Software Foundation, Inc.
+   Copyright (C) 2002, 2005, 2015  Free Software Foundation, Inc.
 
 This file is part of GNU Classpath.
 
@@ -39,8 +39,6 @@ exception statement from your version. */
 
 package java.security.cert;
 
-import java.io.PrintStream;
-import java.io.PrintWriter;
 import java.security.GeneralSecurityException;
 
 /**
@@ -84,7 +82,7 @@ public class CertPathBuilderException extends GeneralSecurityException
    */
   public CertPathBuilderException(Throwable cause)
   {
-    this(cause == null ? null : cause.toString(), cause);
+    super(cause);
   }
 
   /**
@@ -95,65 +93,7 @@ public class CertPathBuilderException extends GeneralSecurityException
    */
   public CertPathBuilderException(String msg, Throwable cause)
   {
-    super(msg);
-    initCause(cause);
-  }
-
-  /**
-   * Get the detail message.
-   *
-   * @return the detail message
-   */
-  public String getMessage()
-  {
-    return super.getMessage();
-  }
-
-  /**
-   * Get the cause, null if unknown.
-   *
-   * @return the cause
-   */
-  public Throwable getCause()
-  {
-    return super.getCause();
+    super(msg, cause);
   }
 
-  /**
-   * Convert this to a string, including its cause.
-   *
-   * @return the string conversion
-   */
-  public String toString()
-  {
-    return super.toString();
-  }
-
-  /**
-   * Print the stack trace to <code>System.err</code>.
-   */
-  public void printStackTrace()
-  {
-    super.printStackTrace();
-  }
-
-  /**
-   * Print the stack trace to a stream.
-   *
-   * @param stream the stream
-   */
-  public void printStackTrace(PrintStream stream)
-  {
-    super.printStackTrace(stream);
-  }
-
-  /**
-   * Print the stack trace to a stream.
-   *
-   * @param stream the stream
-   */
-  public void printStackTrace(PrintWriter stream)
-  {
-    super.printStackTrace(stream);
-  }
 }
diff --git a/java/security/cert/CertPathValidatorException.java b/java/security/cert/CertPathValidatorException.java
index f3195be29..23f19b081 100644
--- a/java/security/cert/CertPathValidatorException.java
+++ b/java/security/cert/CertPathValidatorException.java
@@ -1,6 +1,6 @@
 /* CertPathValidatorException.java -- wraps an exception during validation
    of a CertPath
-   Copyright (C) 2002, 2005  Free Software Foundation, Inc.
+   Copyright (C) 2002, 2005, 2014  Free Software Foundation, Inc.
 
 This file is part of GNU Classpath.
 
@@ -39,8 +39,6 @@ exception statement from your version. */
 
 package java.security.cert;
 
-import java.io.PrintStream;
-import java.io.PrintWriter;
 import java.security.GeneralSecurityException;
 
 /**
@@ -135,8 +133,7 @@ public class CertPathValidatorException extends GeneralSecurityException
   public CertPathValidatorException(String msg, Throwable cause,
                                     CertPath certPath, int index)
   {
-    super(msg);
-    initCause(cause);
+    super(msg, cause);
     if (index < -1 || (certPath != null
                        && index >= certPath.getCertificates().size()))
       throw new IndexOutOfBoundsException();
@@ -147,16 +144,6 @@ public class CertPathValidatorException extends GeneralSecurityException
   }
 
   /**
-   * Get the detail message.
-   *
-   * @return the detail message
-   */
-  public String getMessage()
-  {
-    return super.getMessage();
-  }
-
-  /**
    * Get the certificate path that had the failure, or null.
    *
    * @return the culprit path
@@ -176,51 +163,4 @@ public class CertPathValidatorException extends GeneralSecurityException
     return index;
   }
 
-  /**
-   * Get the cause, null if unknown.
-   *
-   * @return the cause
-   */
-  public Throwable getCause()
-  {
-    return super.getCause();
-  }
-
-  /**
-   * Convert this to a string, including its cause.
-   *
-   * @return the string conversion
-   */
-  public String toString()
-  {
-    return super.toString();
-  }
-
-  /**
-   * Print the stack trace to <code>System.err</code>.
-   */
-  public void printStackTrace()
-  {
-    super.printStackTrace();
-  }
-
-  /**
-   * Print the stack trace to a stream.
-   *
-   * @param stream the stream
-   */
-  public void printStackTrace(PrintStream stream)
-  {
-    super.printStackTrace(stream);
-  }
-
-  /**
-   * Print the stack trace to a stream.
-   *
-   * @param stream the stream
-   */
-  public void printStackTrace(PrintWriter stream)
-  {
-    super.printStackTrace(stream);
-  }
 }
diff --git a/java/security/cert/CertStoreException.java b/java/security/cert/CertStoreException.java
index a4d8b7a46..c243bb42c 100644
--- a/java/security/cert/CertStoreException.java
+++ b/java/security/cert/CertStoreException.java
@@ -1,5 +1,5 @@
 /* CertStoreException.java -- wraps an exception during certificate storage
-   Copyright (C) 2002, 2005  Free Software Foundation, Inc.
+   Copyright (C) 2002, 2005, 2014, 2015  Free Software Foundation, Inc.
 
 This file is part of GNU Classpath.
 
@@ -38,8 +38,6 @@ exception statement from your version. */
 
 package java.security.cert;
 
-import java.io.PrintStream;
-import java.io.PrintWriter;
 import java.security.GeneralSecurityException;
 
 /**
@@ -84,7 +82,7 @@ public class CertStoreException extends GeneralSecurityException
    */
   public CertStoreException(Throwable cause)
   {
-    this(cause == null ? null : cause.toString(), cause);
+    super(cause);
   }
 
   /**
@@ -95,65 +93,7 @@ public class CertStoreException extends GeneralSecurityException
    */
   public CertStoreException(String msg, Throwable cause)
   {
-    super(msg);
-    initCause(cause);
-  }
-
-  /**
-   * Get the detail message.
-   *
-   * @return the detail message
-   */
-  public String getMessage()
-  {
-    return super.getMessage();
-  }
-
-  /**
-   * Get the cause, null if unknown.
-   *
-   * @return the cause
-   */
-  public Throwable getCause()
-  {
-    return super.getCause();
+    super(msg, cause);
   }
 
-  /**
-   * Convert this to a string, including its cause.
-   *
-   * @return the string conversion
-   */
-  public String toString()
-  {
-    return super.toString();
-  }
-
-  /**
-   * Print the stack trace to <code>System.err</code>.
-   */
-  public void printStackTrace()
-  {
-    super.printStackTrace();
-  }
-
-  /**
-   * Print the stack trace to a stream.
-   *
-   * @param stream the stream
-   */
-  public void printStackTrace(PrintStream stream)
-  {
-    super.printStackTrace(stream);
-  }
-
-  /**
-   * Print the stack trace to a stream.
-   *
-   * @param stream the stream
-   */
-  public void printStackTrace(PrintWriter stream)
-  {
-    super.printStackTrace(stream);
-  }
 }
diff --git a/java/security/cert/CertStoreSpi.java b/java/security/cert/CertStoreSpi.java
index a47978a22..85de3ae5b 100644
--- a/java/security/cert/CertStoreSpi.java
+++ b/java/security/cert/CertStoreSpi.java
@@ -1,5 +1,5 @@
 /* CertStoreSpi -- certificate store service provider interface.
-   Copyright (C) 2003 Free Software Foundation, Inc.
+   Copyright (C) 2003, 2014 Free Software Foundation, Inc.
 
 This file is part of GNU Classpath.
 
@@ -69,6 +69,7 @@ public abstract class CertStoreSpi
    * @throws InvalidAlgorithmParameterException If the specified
    *         parameters are inappropriate for this class.
    */
+  @SuppressWarnings("unused")
   public CertStoreSpi(CertStoreParameters params)
     throws InvalidAlgorithmParameterException
   {
diff --git a/java/security/cert/Certificate.java b/java/security/cert/Certificate.java
index be1713cbf..b9abe8e65 100644
--- a/java/security/cert/Certificate.java
+++ b/java/security/cert/Certificate.java
@@ -1,5 +1,5 @@
 /* Certificate.java --- Certificate class
-   Copyright (C) 1999, 2003, 2004 Free Software Foundation, Inc.
+   Copyright (C) 1999, 2003, 2004, 2014 Free Software Foundation, Inc.
 
 This file is part of GNU Classpath.
 
@@ -107,6 +107,7 @@ public abstract class Certificate implements Serializable
 
      @return true if equal, false otherwise
   */
+  @Override
   public boolean equals(Object other)
   {
     if( other instanceof Certificate ) {
@@ -136,6 +137,7 @@ public abstract class Certificate implements Serializable
 
      @return A hash code of this class
   */
+  @Override
   public int hashCode()
   {
     return super.hashCode();
@@ -198,6 +200,7 @@ public abstract class Certificate implements Serializable
 
      @return a string representing the Certificate.
   */
+  @Override
   public abstract String toString();
 
 
diff --git a/java/security/cert/CertificateFactorySpi.java b/java/security/cert/CertificateFactorySpi.java
index 2c9ca5d38..2b5bb529c 100644
--- a/java/security/cert/CertificateFactorySpi.java
+++ b/java/security/cert/CertificateFactorySpi.java
@@ -1,5 +1,5 @@
 /* CertificateFactorySpi.java --- Certificate Factory Class
-   Copyright (C) 1999,2003 Free Software Foundation, Inc.
+   Copyright (C) 1999, 2003, 2014 Free Software Foundation, Inc.
 
 This file is part of GNU Classpath.
 
@@ -172,6 +172,7 @@ public abstract class CertificateFactorySpi
    * @throws CertificateException If an error occurs decoding the
    * CertPath.
    */
+  @SuppressWarnings({"unused","static-method"})
   public CertPath engineGenerateCertPath(InputStream inStream)
     throws CertificateException
   {
@@ -188,6 +189,7 @@ public abstract class CertificateFactorySpi
    * @throws CertificateException If an error occurs decoding the
    *   CertPath.
    */
+  @SuppressWarnings({"unused","static-method"})
   public CertPath engineGenerateCertPath(InputStream inStream, String encoding)
     throws CertificateException
   {
@@ -204,6 +206,7 @@ public abstract class CertificateFactorySpi
    * @throws CertificateException If an error occurs generating the
    *   CertPath.
    */
+  @SuppressWarnings({"unused","static-method"})
   public CertPath engineGenerateCertPath(List<? extends Certificate> certificates)
     throws CertificateException
   {
@@ -217,6 +220,7 @@ public abstract class CertificateFactorySpi
    *
    * @return The Iterator of supported encodings.
    */
+  @SuppressWarnings("static-method")
   public Iterator<String> engineGetCertPathEncodings()
   {
     throw new UnsupportedOperationException("not implemented");
diff --git a/java/security/cert/CollectionCertStoreParameters.java b/java/security/cert/CollectionCertStoreParameters.java
index 6edaf7677..ace8eccbc 100644
--- a/java/security/cert/CollectionCertStoreParameters.java
+++ b/java/security/cert/CollectionCertStoreParameters.java
@@ -115,6 +115,7 @@ public class CollectionCertStoreParameters implements CertStoreParameters
    *
    * @return The string representation of these parameters.
    */
+  @Override
   public String toString()
   {
     return "CollectionCertStoreParameters: [ collection: "
diff --git a/java/security/cert/LDAPCertStoreParameters.java b/java/security/cert/LDAPCertStoreParameters.java
index f2dff764a..615b80853 100644
--- a/java/security/cert/LDAPCertStoreParameters.java
+++ b/java/security/cert/LDAPCertStoreParameters.java
@@ -1,5 +1,5 @@
 /* LDAPCertStoreParameters.java -- LDAP CertStore parameters.
-   Copyright (C) 2003 Free Software Foundation, Inc.
+   Copyright (C) 2003, 2015 Free Software Foundation, Inc.
 
 This file is part of GNU Classpath.
 
@@ -102,6 +102,7 @@ public class LDAPCertStoreParameters implements CertStoreParameters
   // Instance methods.
   // ------------------------------------------------------------------------
 
+  @Override
   public Object clone()
   {
     return new LDAPCertStoreParameters(serverName, port);
@@ -132,6 +133,7 @@ public class LDAPCertStoreParameters implements CertStoreParameters
    *
    * @return The string representation of these parameters.
    */
+  @Override
   public String toString()
   {
     return "LDAPCertStoreParameters: [ serverName: " + serverName
diff --git a/java/security/cert/PKIXBuilderParameters.java b/java/security/cert/PKIXBuilderParameters.java
index 3a29b5218..47f8484df 100644
--- a/java/security/cert/PKIXBuilderParameters.java
+++ b/java/security/cert/PKIXBuilderParameters.java
@@ -1,5 +1,5 @@
 /* PKIXBuilderParameters.java -- parameters for PKIX cert path builders
-   Copyright (C) 2003 Free Software Foundation, Inc.
+   Copyright (C) 2003, 2014 Free Software Foundation, Inc.
 
 This file is part of GNU Classpath.
 
@@ -140,6 +140,7 @@ public class PKIXBuilderParameters extends PKIXParameters
     this.maxPathLength = maxPathLength;
   }
 
+  @Override
   public String toString()
   {
     CPStringBuilder buf = new CPStringBuilder(super.toString());
diff --git a/java/security/cert/PKIXCertPathBuilderResult.java b/java/security/cert/PKIXCertPathBuilderResult.java
index 52984b543..779983339 100644
--- a/java/security/cert/PKIXCertPathBuilderResult.java
+++ b/java/security/cert/PKIXCertPathBuilderResult.java
@@ -1,5 +1,5 @@
 /* PKIXCertPathBuilderResult.java -- PKIX cert path bulider result
-   Copyright (C) 2003 Free Software Foundation, Inc.
+   Copyright (C) 2003, 2014 Free Software Foundation, Inc.
 
 This file is part of GNU Classpath.
 
@@ -90,11 +90,13 @@ public class PKIXCertPathBuilderResult extends PKIXCertPathValidatorResult
    *
    * @return The certificate path that was built.
    */
+  @Override
   public CertPath getCertPath()
   {
     return certPath;
   }
 
+  @Override
   public String toString()
   {
     CPStringBuilder buf = new CPStringBuilder(super.toString());
diff --git a/java/security/cert/PKIXCertPathChecker.java b/java/security/cert/PKIXCertPathChecker.java
index 0bedf401a..b33117f84 100644
--- a/java/security/cert/PKIXCertPathChecker.java
+++ b/java/security/cert/PKIXCertPathChecker.java
@@ -1,5 +1,5 @@
 /* PKIXCertPathChecker.java -- checks X.509 certificate paths.
-   Copyright (C) 2003 Free Software Foundation, Inc.
+   Copyright (C) 2003, 2015 Free Software Foundation, Inc.
 
 This file is part of GNU Classpath.
 
@@ -76,6 +76,7 @@ public abstract class PKIXCertPathChecker implements Cloneable
   // Cloneable interface.
   // ------------------------------------------------------------------------
 
+  @Override
   public Object clone()
   {
     try
diff --git a/java/security/cert/PKIXCertPathValidatorResult.java b/java/security/cert/PKIXCertPathValidatorResult.java
index 17b5c86f8..2b1f05edb 100644
--- a/java/security/cert/PKIXCertPathValidatorResult.java
+++ b/java/security/cert/PKIXCertPathValidatorResult.java
@@ -1,5 +1,5 @@
 /* PKIXCertPathValidatorResult.java -- PKIX cert path builder result
-   Copyright (C) 2003 Free Software Foundation, Inc.
+   Copyright (C) 2003, 2015 Free Software Foundation, Inc.
 
 This file is part of GNU Classpath.
 
@@ -123,6 +123,7 @@ public class PKIXCertPathValidatorResult implements CertPathValidatorResult
    *
    * @return The copy.
    */
+  @Override
   public Object clone()
   {
     return new PKIXCertPathValidatorResult(trustAnchor, policyTree,
@@ -134,6 +135,7 @@ public class PKIXCertPathValidatorResult implements CertPathValidatorResult
    *
    * @return A printable string representation of this result.
    */
+  @Override
   public String toString()
   {
     return "[ Trust Anchor=" + trustAnchor + "; Policy Tree="
diff --git a/java/security/cert/PKIXParameters.java b/java/security/cert/PKIXParameters.java
index 1778d6127..33ba297b6 100644
--- a/java/security/cert/PKIXParameters.java
+++ b/java/security/cert/PKIXParameters.java
@@ -521,6 +521,7 @@ public class PKIXParameters implements CertPathParameters
    *
    * @return The copy.
    */
+  @Override
   public Object clone()
   {
     return new PKIXParameters(this);
@@ -531,6 +532,7 @@ public class PKIXParameters implements CertPathParameters
    *
    * @return A printable representation of these parameters.
    */
+  @Override
   public String toString() {
     return "[ Trust Anchors: " + trustAnchors + "; Initial Policy OIDs="
       + (initPolicies != null ? initPolicies.toString() : "any")
diff --git a/java/security/cert/PolicyQualifierInfo.java b/java/security/cert/PolicyQualifierInfo.java
index b53faa935..07530d3b3 100644
--- a/java/security/cert/PolicyQualifierInfo.java
+++ b/java/security/cert/PolicyQualifierInfo.java
@@ -1,5 +1,5 @@
 /* PolicyQualifierInfo.java -- policy qualifier info object.
-   Copyright (C) 2003, 2004  Free Software Foundation, Inc.
+   Copyright (C) 2003, 2004, 2014  Free Software Foundation, Inc.
 
 This file is part of GNU Classpath.
 
@@ -102,7 +102,7 @@ PolicyQualifierId ::= OBJECT IDENTIFIER
   {
     if (encoded == null)
       throw new IOException("null bytes");
-    this.encoded = (byte[]) encoded.clone();
+    this.encoded = encoded.clone();
     DERReader in = new DERReader(new ByteArrayInputStream(this.encoded));
     DERValue qualInfo = in.read();
     if (!qualInfo.isConstructed())
@@ -139,7 +139,7 @@ PolicyQualifierId ::= OBJECT IDENTIFIER
    */
   public final byte[] getEncoded()
   {
-    return (byte[]) encoded.clone();
+    return encoded.clone();
   }
 
   /**
@@ -161,6 +161,7 @@ PolicyQualifierId ::= OBJECT IDENTIFIER
    *
    * @return The string representation.
    */
+  @Override
   public String toString()
   {
     return "PolicyQualifierInfo { policyQualifierId ::= " + oid
diff --git a/java/security/cert/TrustAnchor.java b/java/security/cert/TrustAnchor.java
index 2110ed518..f0537d2ef 100644
--- a/java/security/cert/TrustAnchor.java
+++ b/java/security/cert/TrustAnchor.java
@@ -1,5 +1,5 @@
 /* TrustAnchor.java -- an ultimately-trusted certificate.
-   Copyright (C) 2003, 2004  Free Software Foundation, Inc.
+   Copyright (C) 2003, 2004, 2014, 2015  Free Software Foundation, Inc.
 
 This file is part of GNU Classpath.
 
@@ -40,6 +40,7 @@ package java.security.cert;
 
 import gnu.java.security.x509.X500DistinguishedName;
 
+import java.io.IOException;
 import java.security.PublicKey;
 
 /**
@@ -87,7 +88,7 @@ public class TrustAnchor
     caName = null;
     caKey = null;
     if (nameConstraints != null)
-      this.nameConstraints = (byte[]) nameConstraints.clone();
+      this.nameConstraints = nameConstraints.clone();
     else
       this.nameConstraints = null;
   }
@@ -102,6 +103,10 @@ public class TrustAnchor
    * @params caName The CA's distinguished name.
    * @params caKey The CA's public key.
    * @params nameConstraints The encoded nameConstraints.
+   * @throws NullPointerException if the specified CA name or key is
+   *         {@code null}.
+   * @throws IllegalArgumentException if the CA name is of zero length or
+   *         incorrectly formatted, or the name constraints can't be decoded.
    */
   public TrustAnchor(String caName, PublicKey caKey, byte[] nameConstraints)
   {
@@ -110,10 +115,17 @@ public class TrustAnchor
     if (caName.length() == 0)
       throw new IllegalArgumentException();
     trustedCert = null;
-    this.caName = new X500DistinguishedName(caName);
+    try
+      {
+	this.caName = new X500DistinguishedName(caName);
+      }
+    catch (IOException ex)
+      {
+	throw new IllegalArgumentException("Couldn't parse name", ex);
+      }
     this.caKey = caKey;
     if (nameConstraints != null)
-      this.nameConstraints = (byte[]) nameConstraints.clone();
+      this.nameConstraints = nameConstraints.clone();
     else
       this.nameConstraints = null;
   }
@@ -167,7 +179,7 @@ public class TrustAnchor
   {
     if (nameConstraints == null)
       return null;
-    return (byte[]) nameConstraints.clone();
+    return nameConstraints.clone();
   }
 
   /**
@@ -175,6 +187,7 @@ public class TrustAnchor
    *
    * @return The printable representation.
    */
+  @Override
   public String toString()
   {
     if (trustedCert == null)
diff --git a/java/security/cert/X509CRL.java b/java/security/cert/X509CRL.java
index 895ba33e7..3e4a4e96b 100644
--- a/java/security/cert/X509CRL.java
+++ b/java/security/cert/X509CRL.java
@@ -1,5 +1,5 @@
 /* X509CRL.java --- X.509 Certificate Revocation List
-   Copyright (C) 1999, 2004  Free Software Foundation, Inc.
+   Copyright (C) 1999, 2004, 2014, 2015  Free Software Foundation, Inc.
 
 This file is part of GNU Classpath.
 
@@ -119,6 +119,7 @@ public abstract class X509CRL extends CRL implements X509Extension
 
      @return true if equal, false otherwise
   */
+  @Override
   public boolean equals(Object other)
   {
     if( other instanceof X509CRL ) {
@@ -148,6 +149,7 @@ public abstract class X509CRL extends CRL implements X509Extension
 
      @return A hash code of this class
   */
+  @Override
   public int hashCode()
   {
     return super.hashCode();
@@ -390,6 +392,7 @@ public abstract class X509CRL extends CRL implements X509Extension
    * @return The issuer's X.500 distinguished name.
    * @since JDK 1.4
    */
+  @SuppressWarnings("static-method")
   public X500Principal getIssuerX500Principal()
   {
     throw new UnsupportedOperationException();
diff --git a/java/security/cert/X509CRLEntry.java b/java/security/cert/X509CRLEntry.java
index ac5ef4714..d8f00187f 100644
--- a/java/security/cert/X509CRLEntry.java
+++ b/java/security/cert/X509CRLEntry.java
@@ -1,5 +1,5 @@
 /* X509CRLEntry.java --- X.509 Certificate Revocation List Entry
-   Copyright (C) 1999 Free Software Foundation, Inc.
+   Copyright (C) 1999, 2015 Free Software Foundation, Inc.
 
 This file is part of GNU Classpath.
 
@@ -89,6 +89,7 @@ public abstract class X509CRLEntry implements X509Extension
 
      @return true if equal, false otherwise
   */
+  @Override
   public boolean equals(Object other)
   {
     if( other instanceof X509CRLEntry ) {
@@ -118,6 +119,7 @@ public abstract class X509CRLEntry implements X509Extension
 
      @return A hash code of this class
   */
+  @Override
   public int hashCode()
   {
     return super.hashCode();
@@ -164,6 +166,7 @@ public abstract class X509CRLEntry implements X509Extension
 
      @return a string representing this X509CRLEntry.
   */
+  @Override
   public abstract String toString();
 
 }
diff --git a/java/security/cert/X509CRLSelector.java b/java/security/cert/X509CRLSelector.java
index 1ac5c640b..81817da1d 100644
--- a/java/security/cert/X509CRLSelector.java
+++ b/java/security/cert/X509CRLSelector.java
@@ -1,5 +1,5 @@
 /* X509CRLSelector.java -- selects X.509 CRLs by criteria.
-   Copyright (C) 2004, 2014 Free Software Foundation, Inc.
+   Copyright (C) 2004, 2014, 2015 Free Software Foundation, Inc.
 
 This file is part of GNU Classpath.
 
@@ -72,7 +72,7 @@ import javax.security.auth.x500.X500Principal;
  * @author Casey Marshall (csm@gnu.org)
  * @since 1.4
  */
-public class X509CRLSelector implements CRLSelector, Cloneable
+public class X509CRLSelector implements CRLSelector
 {
 
   // Fields.
@@ -235,8 +235,7 @@ public class X509CRLSelector implements CRLSelector, Cloneable
 	  iNames.add(principal.getName());
 	return Collections.unmodifiableList(iNames);
       }
-    else
-      return null;
+    return null;
   }
 
   /**
@@ -339,6 +338,7 @@ public class X509CRLSelector implements CRLSelector, Cloneable
    *
    * @return The string.
    */
+  @Override
   public String toString()
   {
     CPStringBuilder str = new CPStringBuilder(X509CRLSelector.class.getName());
@@ -367,6 +367,7 @@ public class X509CRLSelector implements CRLSelector, Cloneable
    * @param _crl The CRL being checked.
    * @return True if the CRL matches, false otherwise.
    */
+  @Override
   public boolean match(CRL _crl)
   {
     if (!(_crl instanceof X509CRL))
@@ -433,6 +434,7 @@ public class X509CRLSelector implements CRLSelector, Cloneable
    *
    * @return The copy.
    */
+  @Override
   public Object clone()
   {
     try
diff --git a/java/security/cert/X509CertSelector.java b/java/security/cert/X509CertSelector.java
index ef8123bf7..ccdb3344d 100644
--- a/java/security/cert/X509CertSelector.java
+++ b/java/security/cert/X509CertSelector.java
@@ -1,5 +1,5 @@
 /* X509CertSelector.java -- selects X.509 certificates by criteria.
-   Copyright (C) 2004, 2005, 2006, 2014 Free Software Foundation, Inc.
+   Copyright (C) 2004, 2005, 2006, 2014, 2015 Free Software Foundation, Inc.
 
 This file is part of GNU Classpath.
 
@@ -47,7 +47,6 @@ import gnu.java.security.x509.ext.Extension;
 import gnu.java.security.x509.ext.GeneralName;
 import gnu.java.security.x509.ext.GeneralSubtree;
 import gnu.java.security.x509.ext.NameConstraints;
-import gnu.java.security.x509.ext.GeneralName.Kind;
 
 import java.io.IOException;
 import java.math.BigInteger;
@@ -87,7 +86,7 @@ import javax.security.auth.x500.X500Principal;
  * @author Casey Marshall (csm@gnu.org)
  * @since 1.4
  */
-public class X509CertSelector implements CertSelector, Cloneable
+public class X509CertSelector implements CertSelector
 {
 
   // Constants and fields.
@@ -107,7 +106,7 @@ public class X509CertSelector implements CertSelector, Cloneable
   {
     byte[] nameBytes = null;
     GeneralName.Kind kind = GeneralName.Kind.forTag(id);
-    switch (Kind.forTag(id))
+    switch (kind)
     {
       case dNSName:
       case rfc822Name:
@@ -133,6 +132,7 @@ public class X509CertSelector implements CertSelector, Cloneable
       case ediPartyName:
       case x400Address:
       case otherName:
+      default:
         throw new IOException("cannot decode string representation of "
                               + kind);
     }
@@ -259,6 +259,7 @@ public class X509CertSelector implements CertSelector, Cloneable
     altNames.add(generalName);
   }
 
+  @Override
   public Object clone()
   {
     try
@@ -281,9 +282,8 @@ public class X509CertSelector implements CertSelector, Cloneable
   public byte[] getAuthorityKeyIdentifier()
   {
     if (authKeyId != null)
-      return (byte[]) authKeyId.clone();
-    else
-      return null;
+      return authKeyId.clone();
+    return null;
   }
 
   /**
@@ -317,8 +317,7 @@ public class X509CertSelector implements CertSelector, Cloneable
   {
     if (certValid != null)
       return (Date) certValid.clone();
-    else
-      return null;
+    return null;
   }
 
   /**
@@ -332,8 +331,7 @@ public class X509CertSelector implements CertSelector, Cloneable
   {
     if (keyPurposeSet != null)
       return Collections.unmodifiableSet(keyPurposeSet);
-    else
-      return null;
+    return null;
   }
 
   /**
@@ -346,8 +344,7 @@ public class X509CertSelector implements CertSelector, Cloneable
   {
     if (issuer != null)
       return issuer.getEncoded();
-    else
-      return null;
+    return null;
   }
 
   /**
@@ -360,8 +357,7 @@ public class X509CertSelector implements CertSelector, Cloneable
   {
     if (issuer != null)
       return issuer.getName();
-    else
-      return null;
+    return null;
   }
 
   /**
@@ -373,9 +369,8 @@ public class X509CertSelector implements CertSelector, Cloneable
   public boolean[] getKeyUsage()
   {
     if (keyUsage != null)
-      return (boolean[]) keyUsage.clone();
-    else
-      return null;
+      return keyUsage.clone();
+    return null;
   }
 
   /**
@@ -400,9 +395,8 @@ public class X509CertSelector implements CertSelector, Cloneable
   public byte[] getNameConstraints()
   {
     if (nameConstraints != null)
-      return (byte[]) nameConstraints.clone();
-    else
-      return null;
+      return nameConstraints.clone();
+    return null;
   }
 
   public Collection<List<?>> getPathToNames()
@@ -413,7 +407,7 @@ public class X509CertSelector implements CertSelector, Cloneable
         for (GeneralName name : pathToNames)
           {
             List<Object> n = new ArrayList<Object>(2);
-            n.add(name.kind().tag());
+            n.add(Integer.valueOf(name.kind().tag()));
             n.add(name.name());
             names.add(n);
           }
@@ -456,6 +450,7 @@ public class X509CertSelector implements CertSelector, Cloneable
    *
    * @return Null.
    */
+  @SuppressWarnings("static-method")
   public Date getPrivateKeyValid()
   {
     return null;
@@ -489,7 +484,7 @@ public class X509CertSelector implements CertSelector, Cloneable
         for (GeneralName name : altNames)
           {
             List<Object> n = new ArrayList<Object>(2);
-            n.add(name.kind().tag());
+            n.add(Integer.valueOf(name.kind().tag()));
             n.add(name.name());
             names.add(n);
           }
@@ -508,8 +503,7 @@ public class X509CertSelector implements CertSelector, Cloneable
   {
     if (subject != null)
       return subject.getEncoded();
-    else
-      return null;
+    return null;
   }
 
   /**
@@ -522,8 +516,7 @@ public class X509CertSelector implements CertSelector, Cloneable
   {
     if (subject != null)
       return subject.getName();
-    else
-      return null;
+    return null;
   }
 
   /**
@@ -536,9 +529,8 @@ public class X509CertSelector implements CertSelector, Cloneable
   public byte[] getSubjectKeyIdentifier()
   {
     if (subjectKeyId != null)
-      return (byte[]) subjectKeyId.clone();
-    else
-      return null;
+      return subjectKeyId.clone();
+    return null;
   }
 
   /**
@@ -571,17 +563,18 @@ public class X509CertSelector implements CertSelector, Cloneable
    * @param certificate The certificate to check.
    * @return true if the certificate matches all criteria.
    */
+  @Override
   public boolean match(Certificate certificate)
   {
     if (!(certificate instanceof X509Certificate))
       return false;
-    X509Certificate cert = (X509Certificate) certificate;
-    if (this.cert != null)
+    X509Certificate other = (X509Certificate) certificate;
+    if (cert != null)
       {
         try
           {
-            byte[] e1 = this.cert.getEncoded();
-            byte[] e2 = cert.getEncoded();
+            byte[] e1 = cert.getEncoded();
+            byte[] e2 = other.getEncoded();
             if (!Arrays.equals(e1, e2))
               return false;
           }
@@ -592,14 +585,14 @@ public class X509CertSelector implements CertSelector, Cloneable
       }
     if (serialNo != null)
       {
-        if (!serialNo.equals(cert.getSerialNumber()))
+        if (!serialNo.equals(other.getSerialNumber()))
           return false;
       }
     if (certValid != null)
       {
         try
           {
-            cert.checkValidity(certValid);
+            other.checkValidity(certValid);
           }
         catch (CertificateException ce)
           {
@@ -608,40 +601,40 @@ public class X509CertSelector implements CertSelector, Cloneable
       }
     if (issuer != null)
       {
-        if (!issuer.equals(cert.getIssuerX500Principal()))
+        if (!issuer.equals(other.getIssuerX500Principal()))
           return false;
       }
     if (subject != null)
       {
-        if (!subject.equals(cert.getSubjectX500Principal()))
+        if (!subject.equals(other.getSubjectX500Principal()))
           return false;
       }
     if (sigId != null)
       {
-        if (!sigId.toString().equals(cert.getSigAlgOID()))
+        if (!sigId.toString().equals(other.getSigAlgOID()))
           return false;
       }
     if (subjectKeyId != null)
       {
-        byte[] b = cert.getExtensionValue(SUBJECT_KEY_ID);
+        byte[] b = other.getExtensionValue(SUBJECT_KEY_ID);
         if (!Arrays.equals(b, subjectKeyId))
           return false;
       }
     if (authKeyId != null)
       {
-        byte[] b = cert.getExtensionValue(AUTH_KEY_ID);
+        byte[] b = other.getExtensionValue(AUTH_KEY_ID);
         if (!Arrays.equals(b, authKeyId))
           return false;
       }
     if (keyUsage != null)
       {
-        boolean[] b = cert.getKeyUsage();
+        boolean[] b = other.getKeyUsage();
         if (!Arrays.equals(b, keyUsage))
           return false;
       }
     if (basicConstraints >= 0)
       {
-        if (cert.getBasicConstraints() != basicConstraints)
+        if (other.getBasicConstraints() != basicConstraints)
           return false;
       }
     if (keyPurposeSet != null)
@@ -649,7 +642,7 @@ public class X509CertSelector implements CertSelector, Cloneable
         List<String> kp = null;
         try
           {
-            kp = cert.getExtendedKeyUsage();
+            kp = other.getExtendedKeyUsage();
           }
         catch (CertificateParsingException cpe)
           {
@@ -668,7 +661,7 @@ public class X509CertSelector implements CertSelector, Cloneable
         Collection<List<?>> an = null;
         try
           {
-            an = cert.getSubjectAlternativeNames();
+            an = other.getSubjectAlternativeNames();
           }
         catch (CertificateParsingException cpe)
           {
@@ -709,7 +702,7 @@ public class X509CertSelector implements CertSelector, Cloneable
       }
     if (nameConstraints != null)
       {
-        byte[] nc = cert.getExtensionValue(NAME_CONSTRAINTS_ID);
+        byte[] nc = other.getExtensionValue(NAME_CONSTRAINTS_ID);
         if (!Arrays.equals(nameConstraints, nc))
           return false;
       }
@@ -717,15 +710,15 @@ public class X509CertSelector implements CertSelector, Cloneable
     if (policy != null)
       {
         CertificatePolicies policies = null;
-        if (cert instanceof GnuPKIExtension)
+        if (other instanceof GnuPKIExtension)
           {
             policies = (CertificatePolicies)
-              ((GnuPKIExtension) cert).getExtension(CertificatePolicies.ID).getValue();
+              ((GnuPKIExtension) other).getExtension(CertificatePolicies.ID).getValue();
           }
         else
           {
             byte[] policiesDer =
-              cert.getExtensionValue(CertificatePolicies.ID.toString());
+              other.getExtensionValue(CertificatePolicies.ID.toString());
             try
               {
                 policies = new CertificatePolicies(policiesDer);
@@ -745,16 +738,16 @@ public class X509CertSelector implements CertSelector, Cloneable
     if (pathToNames != null)
       {
         NameConstraints nc = null;
-        if (cert instanceof GnuPKIExtension)
+        if (other instanceof GnuPKIExtension)
           {
             Extension e =
-              ((GnuPKIExtension) cert).getExtension(NameConstraints.ID);
+              ((GnuPKIExtension) other).getExtension(NameConstraints.ID);
             if (e != null)
               nc = (NameConstraints) e.getValue();
           }
         else
           {
-            byte[] b = cert.getExtensionValue(NameConstraints.ID.toString());
+            byte[] b = other.getExtensionValue(NameConstraints.ID.toString());
             if (b != null)
               {
                 try
@@ -957,6 +950,7 @@ public class X509CertSelector implements CertSelector, Cloneable
    * @throws IOException If the argument is not a valid DER-encoded
    *         name constraints.
    */
+  @SuppressWarnings("unused")
   public void setNameConstraints(byte[] nameConstraints)
     throws IOException
   {
@@ -965,7 +959,7 @@ public class X509CertSelector implements CertSelector, Cloneable
 
     // But we just compare raw byte arrays.
     this.nameConstraints = nameConstraints != null
-      ? (byte[]) nameConstraints.clone() : null;
+      ? nameConstraints.clone() : null;
   }
 
   /**
@@ -1056,6 +1050,7 @@ public class X509CertSelector implements CertSelector, Cloneable
    *
    * @param UNUSED Is silently ignored.
    */
+  @SuppressWarnings("unused")
   public void setPrivateKeyValid(Date UNUSED)
   {
   }
@@ -1216,8 +1211,7 @@ public class X509CertSelector implements CertSelector, Cloneable
     try
       {
         KeyFactory enc = KeyFactory.getInstance("X.509");
-        subjectKeySpec = (X509EncodedKeySpec)
-          enc.getKeySpec(key, X509EncodedKeySpec.class);
+        subjectKeySpec = enc.getKeySpec(key, X509EncodedKeySpec.class);
       }
     catch (Exception x)
       {
@@ -1256,6 +1250,7 @@ public class X509CertSelector implements CertSelector, Cloneable
       this.sigId = null;
   }
 
+  @Override
   public String toString()
   {
     CPStringBuilder str = new CPStringBuilder(X509CertSelector.class.getName());
diff --git a/java/security/cert/X509Certificate.java b/java/security/cert/X509Certificate.java
index ab9e1be37..62a1e01eb 100644
--- a/java/security/cert/X509Certificate.java
+++ b/java/security/cert/X509Certificate.java
@@ -1,5 +1,5 @@
 /* X509Certificate.java --- X.509 Certificate class
-   Copyright (C) 1999,2003, 2006 Free Software Foundation, Inc.
+   Copyright (C) 1999, 2003, 2006, 2015 Free Software Foundation, Inc.
 
 This file is part of GNU Classpath.
 
@@ -488,6 +488,7 @@ public abstract class X509Certificate
    * @throws CertificateParsingException If this extension cannot be
    * parsed from its encoded form.
    */
+  @SuppressWarnings({"unused","static-method"})
   public java.util.List<String> getExtendedKeyUsage()
     throws CertificateParsingException
   {
@@ -532,6 +533,7 @@ public abstract class X509Certificate
    * be parsed.
    * @since JDK 1.4
    */
+  @SuppressWarnings({"unused","static-method"})
   public java.util.Collection<List<?>> getSubjectAlternativeNames()
     throws CertificateParsingException
   {
@@ -559,6 +561,7 @@ public abstract class X509Certificate
    * be parsed.
    * @since JDK 1.4
    */
+  @SuppressWarnings({"unused","static-method"})
   public java.util.Collection<List<?>> getIssuerAlternativeNames()
     throws CertificateParsingException
   {
@@ -571,6 +574,7 @@ public abstract class X509Certificate
    * @return The subject's X.500 distinguished name.
    * @since JDK 1.4
    */
+  @SuppressWarnings("static-method")
   public javax.security.auth.x500.X500Principal getSubjectX500Principal()
   {
     throw new UnsupportedOperationException();
@@ -582,6 +586,7 @@ public abstract class X509Certificate
    * @return The issuer's X.500 distinguished name.
    * @since JDK 1.4
    */
+  @SuppressWarnings("static-method")
   public javax.security.auth.x500.X500Principal getIssuerX500Principal()
   {
     throw new UnsupportedOperationException();
diff --git a/java/security/spec/DSAParameterSpec.java b/java/security/spec/DSAParameterSpec.java
index f7f673110..a374910c1 100644
--- a/java/security/spec/DSAParameterSpec.java
+++ b/java/security/spec/DSAParameterSpec.java
@@ -1,5 +1,5 @@
 /* DSAParameterSpec.java --- DSA Parameter Specificaton class
-   Copyright (C) 1999, 2004 Free Software Foundation, Inc.
+   Copyright (C) 1999, 2004, 2015 Free Software Foundation, Inc.
 
 This file is part of GNU Classpath.
 
@@ -74,6 +74,7 @@ public class DSAParameterSpec implements AlgorithmParameterSpec, DSAParams
    *
    * @return Returns the requested BigInteger
    */
+  @Override
   public BigInteger getP()
   {
     return this.p;
@@ -84,6 +85,7 @@ public class DSAParameterSpec implements AlgorithmParameterSpec, DSAParams
    *
    * @return Returns the requested BigInteger
    */
+  @Override
   public BigInteger getQ()
   {
     return this.q;
@@ -94,6 +96,7 @@ public class DSAParameterSpec implements AlgorithmParameterSpec, DSAParams
    *
    * @return Returns the requested BigInteger
    */
+  @Override
   public BigInteger getG()
   {
     return this.g;
diff --git a/java/security/spec/PKCS8EncodedKeySpec.java b/java/security/spec/PKCS8EncodedKeySpec.java
index 53b68de47..c064621f6 100644
--- a/java/security/spec/PKCS8EncodedKeySpec.java
+++ b/java/security/spec/PKCS8EncodedKeySpec.java
@@ -1,5 +1,5 @@
 /* PKCS8EncodedKeySpec.java --- PKCS8 Encoded Key Specificaton class
-   Copyright (C) 1999, 2001 Free Software Foundation, Inc.
+   Copyright (C) 1999, 2001, 2015 Free Software Foundation, Inc.
 
 This file is part of GNU Classpath.
 
@@ -63,6 +63,7 @@ public class PKCS8EncodedKeySpec extends EncodedKeySpec
 
         @returns the encoded key
 */
+  @Override
   public byte[] getEncoded()
   {
     return super.getEncoded();
@@ -73,6 +74,7 @@ public class PKCS8EncodedKeySpec extends EncodedKeySpec
 
         @return a string representing the name
 */
+  @Override
   public final String getFormat()
   {
     return "PKCS#8";
diff --git a/java/security/spec/RSAMultiPrimePrivateCrtKeySpec.java b/java/security/spec/RSAMultiPrimePrivateCrtKeySpec.java
index 09b8438df..199c4036b 100644
--- a/java/security/spec/RSAMultiPrimePrivateCrtKeySpec.java
+++ b/java/security/spec/RSAMultiPrimePrivateCrtKeySpec.java
@@ -1,5 +1,5 @@
-/* PSSParameterSpec.java --
-   Copyright (C) 2003, Free Software Foundation, Inc.
+/* RSAMultiPrimePrivateCrtKeySpec.java --
+   Copyright (C) 2003, 2015 Free Software Foundation, Inc.
 
 This file is part of GNU Classpath.
 
@@ -129,10 +129,11 @@ public class RSAMultiPrimePrivateCrtKeySpec extends RSAPrivateKeySpec
     if (crtCoefficient == null)
       throw new NullPointerException("crtCoefficient");
     if (otherPrimeInfo != null)
-      if (otherPrimeInfo.length == 0)
-        throw new IllegalArgumentException();
-      else
-        this.otherPrimeInfo = (RSAOtherPrimeInfo[]) otherPrimeInfo.clone();
+      {
+	if (otherPrimeInfo.length == 0)
+	  throw new IllegalArgumentException();
+	this.otherPrimeInfo = otherPrimeInfo.clone();
+      }
 
     this.publicExponent = publicExponent;
     this.primeP = primeP;
diff --git a/java/security/spec/X509EncodedKeySpec.java b/java/security/spec/X509EncodedKeySpec.java
index 8b50aaae1..3bc33d089 100644
--- a/java/security/spec/X509EncodedKeySpec.java
+++ b/java/security/spec/X509EncodedKeySpec.java
@@ -1,5 +1,5 @@
 /* X509EncodedKeySpec.java --- X.509 Encoded Key Specificaton class
-   Copyright (C) 1999, 2001 Free Software Foundation, Inc.
+   Copyright (C) 1999, 2001, 2015 Free Software Foundation, Inc.
 
 This file is part of GNU Classpath.
 
@@ -64,6 +64,7 @@ public class X509EncodedKeySpec extends EncodedKeySpec
 
      @returns the encoded key
   */
+  @Override
   public byte[] getEncoded()
   {
     return super.getEncoded();
@@ -74,6 +75,7 @@ public class X509EncodedKeySpec extends EncodedKeySpec
 
      @return a string representing the name
   */
+  @Override
   public final String getFormat()
   {
     return "X.509";
diff --git a/javax/security/auth/Policy.java b/javax/security/auth/Policy.java
index 4da9a84df..90185be0e 100644
--- a/javax/security/auth/Policy.java
+++ b/javax/security/auth/Policy.java
@@ -1,5 +1,5 @@
 /* Policy.java -- deprecated precursor to java.security.Policy.
-   Copyright (C) 2004 Free Software Foundation, Inc.
+   Copyright (C) 2004, 2015 Free Software Foundation, Inc.
 
 This file is part of GNU Classpath.
 
@@ -45,6 +45,7 @@ import java.security.PermissionCollection;
  * @deprecated The classes java.security.Policy and
  * java.security.ProtectionDomain provide the functionality of this class.
  */
+@Deprecated
 public abstract class Policy
 {
 
diff --git a/javax/security/auth/PrivateCredentialPermission.java b/javax/security/auth/PrivateCredentialPermission.java
index 7c5f02090..1bb3c3987 100644
--- a/javax/security/auth/PrivateCredentialPermission.java
+++ b/javax/security/auth/PrivateCredentialPermission.java
@@ -1,5 +1,5 @@
 /* PrivateCredentialPermission.java -- permissions governing private credentials.
-   Copyright (C) 2004, 2014 Free Software Foundation, Inc.
+   Copyright (C) 2004, 2014, 2015 Free Software Foundation, Inc.
 
 This file is part of GNU Classpath.
 
@@ -64,7 +64,6 @@ import java.util.StringTokenizer;
  * wildcard character.</p>
  */
 public final class PrivateCredentialPermission extends Permission
-  implements Serializable
 {
   /**
    * For compatability with Sun's JDK 1.4.2 rev. 5
@@ -125,6 +124,7 @@ public final class PrivateCredentialPermission extends Permission
   // Instance methods.
   // -------------------------------------------------------------------------
 
+  @Override
   public boolean equals (Object o)
   {
     if (! (o instanceof PrivateCredentialPermission))
@@ -141,20 +141,20 @@ public final class PrivateCredentialPermission extends Permission
         return false;
       }
 
-    final String[][] principals = getPrincipals();
+    final String[][] thisPrincipals = getPrincipals();
     final String[][] thatPrincipals = that.getPrincipals();
     if (thatPrincipals == null)
       {
         return false;
       }
-    if (thatPrincipals.length != principals.length)
+    if (thatPrincipals.length != thisPrincipals.length)
       {
         return false;
       }
-    for (int i = 0; i < principals.length; i++)
+    for (int i = 0; i < thisPrincipals.length; i++)
       {
-        if (!principals[i][0].equals (thatPrincipals[i][0]) ||
-            !principals[i][1].equals (thatPrincipals[i][1]))
+        if (!thisPrincipals[i][0].equals (thatPrincipals[i][0]) ||
+            !thisPrincipals[i][1].equals (thatPrincipals[i][1]))
           {
             return false;
           }
@@ -168,6 +168,7 @@ public final class PrivateCredentialPermission extends Permission
    *
    * @return The list of actions.
    */
+  @Override
   public String getActions()
   {
     return "read";
@@ -205,6 +206,7 @@ public final class PrivateCredentialPermission extends Permission
     return ret;
   }
 
+  @Override
   public int hashCode()
   {
     return credentialClass.hashCode() + principals.hashCode();
@@ -228,6 +230,7 @@ public final class PrivateCredentialPermission extends Permission
    * @param p The permission to check.
    * @return True if this permission implies <i>p</i>.
    */
+  @Override
   public boolean implies (Permission p)
   {
     if (! (p instanceof PrivateCredentialPermission))
@@ -240,19 +243,19 @@ public final class PrivateCredentialPermission extends Permission
       {
         return false;
       }
-    String[][] principals = getPrincipals();
+    String[][] thisPrincipals = getPrincipals();
     String[][] thatPrincipals = that.getPrincipals();
     if (thatPrincipals == null)
       {
         return false;
       }
-    for (int i = 0; i < principals.length; i++)
+    for (int i = 0; i < thisPrincipals.length; i++)
       {
         for (int j = 0; j < thatPrincipals.length; j++)
           {
-            if (principals[i][0].equals (thatPrincipals[j][0]) &&
-                (principals[i][1].equals ("*") ||
-                 principals[i][1].equals (thatPrincipals[j][1])))
+            if (thisPrincipals[i][0].equals (thatPrincipals[j][0]) &&
+                (thisPrincipals[i][1].equals ("*") ||
+                 thisPrincipals[i][1].equals (thatPrincipals[j][1])))
               {
                 return true;
               }
@@ -266,6 +269,7 @@ public final class PrivateCredentialPermission extends Permission
    *
    * @return null.
    */
+  @Override
   public PermissionCollection newPermissionCollection()
   {
     return null;
@@ -300,6 +304,7 @@ public final class PrivateCredentialPermission extends Permission
     // Instance methods.
     // -----------------------------------------------------------------------
 
+    @Override
     public boolean equals (Object o)
     {
       if (!(o instanceof CredOwner))
@@ -310,6 +315,7 @@ public final class PrivateCredentialPermission extends Permission
         principalName.equals (((CredOwner) o).getPrincipalName());
     }
 
+    @Override
     public int hashCode()
     {
       return principalClass.hashCode() + principalName.hashCode();
diff --git a/javax/security/auth/SubjectDomainCombiner.java b/javax/security/auth/SubjectDomainCombiner.java
index a50e54b12..8c441af38 100644
--- a/javax/security/auth/SubjectDomainCombiner.java
+++ b/javax/security/auth/SubjectDomainCombiner.java
@@ -1,5 +1,5 @@
 /* SubjectDomainCombiner.java -- domain combiner for Subjects.
-   Copyright (C) 2004, 2005, 2014  Free Software Foundation, Inc.
+   Copyright (C) 2004, 2005, 2014, 2015  Free Software Foundation, Inc.
 
 This file is part of GNU Classpath.
 
@@ -63,6 +63,7 @@ public class SubjectDomainCombiner implements DomainCombiner
   // Instance methods.
   // -------------------------------------------------------------------------
 
+  @Override
   public ProtectionDomain[] combine (final ProtectionDomain[] current,
                                      final ProtectionDomain[] assigned)
   {
diff --git a/javax/security/auth/callback/ConfirmationCallback.java b/javax/security/auth/callback/ConfirmationCallback.java
index fccc87236..8df94c41e 100644
--- a/javax/security/auth/callback/ConfirmationCallback.java
+++ b/javax/security/auth/callback/ConfirmationCallback.java
@@ -1,5 +1,5 @@
 /* ConfirmationCallback.java -- callback for confirmations.
-   Copyright (C) 2003, 2014 Free Software Foundation, Inc.
+   Copyright (C) 2003, 2014, 2015 Free Software Foundation, Inc.
 
 This file is part of GNU Classpath.
 
@@ -477,14 +477,14 @@ public class ConfirmationCallback implements Callback, Serializable
   private void setOptions(String[] options, int selectedOption)
     throws IllegalArgumentException
   {
-    if ((selectedOption < 0) || (selectedOption > options.length - 1))
-      {
-        throw new IllegalArgumentException("invalid selection");
-      }
     if ((options == null) || (options.length == 0))
       {
         throw new IllegalArgumentException("options is null or empty");
       }
+    if ((selectedOption < 0) || (selectedOption > options.length - 1))
+      {
+        throw new IllegalArgumentException("invalid selection");
+      }
     for (int i = 0; i < options.length; i++)
       {
         if ((options[i] == null) || (options[i].length() == 0))
diff --git a/javax/security/auth/kerberos/KerberosKey.java b/javax/security/auth/kerberos/KerberosKey.java
index e5735fbd5..863b01aba 100644
--- a/javax/security/auth/kerberos/KerberosKey.java
+++ b/javax/security/auth/kerberos/KerberosKey.java
@@ -1,5 +1,5 @@
 /* KerberosKey.java -- kerberos key
-   Copyright (C) 2006 Free Software Foundation, Inc.
+   Copyright (C) 2006, 2015 Free Software Foundation, Inc.
 
 This file is part of GNU Classpath.
 
@@ -40,8 +40,6 @@ package javax.security.auth.kerberos;
 
 import gnu.classpath.NotImplementedException;
 
-import java.io.Serializable;
-
 import javax.crypto.SecretKey;
 import javax.security.auth.DestroyFailedException;
 import javax.security.auth.Destroyable;
@@ -54,7 +52,7 @@ import javax.security.auth.Destroyable;
  * @since 1.4
  */
 public class KerberosKey
-    implements Serializable, SecretKey, Destroyable
+    implements SecretKey, Destroyable
 {
   private static final long serialVersionUID = -4625402278148246993L;
 
@@ -95,6 +93,7 @@ public class KerberosKey
   /**
    * Return the name of the algorithm used to create this key.
    */
+  @Override
   public final String getAlgorithm()
   {
     checkDestroyed();
@@ -104,6 +103,7 @@ public class KerberosKey
   /**
    * Return the format of this key.  This implementation always returns "RAW".
    */
+  @Override
   public final String getFormat()
   {
     checkDestroyed();
@@ -141,15 +141,17 @@ public class KerberosKey
   /**
    * Return the encoded form of this key.
    */
+  @Override
   public final byte[] getEncoded()
   {
     checkDestroyed();
-    return (byte[]) key.key.clone();
+    return key.key.clone();
   }
 
   /**
    * Destroy this key.
    */
+  @Override
   public void destroy() throws DestroyFailedException
   {
     if (key == null)
@@ -161,6 +163,7 @@ public class KerberosKey
    * Return true if this key has been destroyed.  After this has been
    * called, other methods on this object will throw IllegalStateException.
    */
+  @Override
   public boolean isDestroyed()
   {
     return key == null;
@@ -172,6 +175,7 @@ public class KerberosKey
       throw new IllegalStateException("key is destroyed");
   }
 
+  @Override
   public String toString()
   {
     // FIXME: random choice here.
diff --git a/javax/security/auth/kerberos/KerberosPrincipal.java b/javax/security/auth/kerberos/KerberosPrincipal.java
index 46da0fa1c..71002a987 100644
--- a/javax/security/auth/kerberos/KerberosPrincipal.java
+++ b/javax/security/auth/kerberos/KerberosPrincipal.java
@@ -1,5 +1,5 @@
 /* KerberosPrincipal.java -- a kerberos principal
-   Copyright (C) 2006, 2014 Free Software Foundation, Inc.
+   Copyright (C) 2006, 2014, 2015 Free Software Foundation, Inc.
 
 This file is part of GNU Classpath.
 
@@ -165,6 +165,7 @@ public final class KerberosPrincipal
   /**
    * Return the name of this principal.
    */
+  @Override
   public String getName()
   {
     return name;
@@ -186,11 +187,13 @@ public final class KerberosPrincipal
     return type;
   }
 
+  @Override
   public int hashCode()
   {
     return name.hashCode();
   }
 
+  @Override
   public boolean equals(Object other)
   {
     if (! (other instanceof KerberosPrincipal))
@@ -199,6 +202,7 @@ public final class KerberosPrincipal
     return name.equals(kp.name) && type == kp.type;
   }
 
+  @Override
   public String toString()
   {
     // This is what came to mind.
diff --git a/javax/security/auth/kerberos/KerberosTicket.java b/javax/security/auth/kerberos/KerberosTicket.java
index 66227fd20..e53ea9b34 100644
--- a/javax/security/auth/kerberos/KerberosTicket.java
+++ b/javax/security/auth/kerberos/KerberosTicket.java
@@ -1,5 +1,5 @@
 /* KerberosTicket.java -- a kerberos ticket
-   Copyright (C) 2006, 2014 Free Software Foundation, Inc.
+   Copyright (C) 2006, 2014, 2015 Free Software Foundation, Inc.
 
 This file is part of GNU Classpath.
 
@@ -73,7 +73,7 @@ public class KerberosTicket
   private static final int INITIAL = 9;
   private static final int NUM_FLAGS = 12;
 
-  @SuppressWarnings("unusedPrivate") private byte[] asn1Encoding;
+  private byte[] asn1Encoding;
   private KeyImpl sessionKey;
   private boolean[] flags;
   private Date authTime;
@@ -116,13 +116,12 @@ public class KerberosTicket
                         Date endTime, Date renewTill,
                         InetAddress[] clientAddresses)
   {
-    this.asn1Encoding = (byte[]) asn1Encoding.clone();
+    this.asn1Encoding = asn1Encoding.clone();
     this.sessionKey = new KeyImpl(key, type);
     this.flags = new boolean[NUM_FLAGS];
     if (flags != null)
       System.arraycopy(flags, 0, this.flags, 0,
                        Math.min(flags.length, NUM_FLAGS));
-    this.flags = (boolean[]) flags.clone();
     this.authTime = (Date) authTime.clone();
     this.startTime = (Date) ((startTime == null)
                               ? authTime : startTime).clone();
@@ -139,6 +138,7 @@ public class KerberosTicket
    * Destroy this ticket.  This discards secret information.  After this
    * method is called, other methods will throw IllegalStateException.
    */
+  @Override
   public void destroy() throws DestroyFailedException
   {
     if (sessionKey == null)
@@ -150,6 +150,7 @@ public class KerberosTicket
   /**
    * Return true if this ticket has been destroyed.
    */
+  @Override
   public boolean isDestroyed()
   {
     return sessionKey == null;
@@ -159,6 +160,7 @@ public class KerberosTicket
    * Return true if the ticket is currently valid.  This is true if
    * the system time is between the ticket's start and end times.
    */
+  @Override
   public boolean isCurrent()
   {
     long now = System.currentTimeMillis();
@@ -170,6 +172,7 @@ public class KerberosTicket
    * attempt to renew the ticket.
    * @throws RefreshFailedException if the renewal fails for any reason
    */
+  @Override
   public void refresh() throws RefreshFailedException, NotImplementedException
   {
     if (! isRenewable())
@@ -261,7 +264,7 @@ public class KerberosTicket
    */
   public final boolean[] getFlags()
   {
-    return (boolean[]) flags.clone();
+    return flags.clone();
   }
 
   /**
@@ -314,7 +317,7 @@ public class KerberosTicket
   public final byte[] getEncoded()
   {
     checkDestroyed();
-    return (byte[]) sessionKey.key.clone();
+    return sessionKey.key.clone();
   }
 
   /**
@@ -332,6 +335,7 @@ public class KerberosTicket
       throw new IllegalStateException("key is destroyed");
   }
 
+  @Override
   public String toString()
   {
     return getClass().getName() +
diff --git a/javax/security/auth/kerberos/KeyImpl.java b/javax/security/auth/kerberos/KeyImpl.java
index d8027c07e..8f7e89296 100644
--- a/javax/security/auth/kerberos/KeyImpl.java
+++ b/javax/security/auth/kerberos/KeyImpl.java
@@ -1,5 +1,5 @@
 /* KeyImpl.java -- kerberos key implementation
-   Copyright (C) 2006 Free Software Foundation, Inc.
+   Copyright (C) 2006, 2015 Free Software Foundation, Inc.
 
 This file is part of GNU Classpath.
 
@@ -38,15 +38,13 @@ exception statement from your version. */
 
 package javax.security.auth.kerberos;
 
-import java.io.Serializable;
-
 import javax.crypto.SecretKey;
 
 /**
  * Note that the name of this class is fixed by the serialization
  * spec, even though the class itself is not public.
  */
-final class KeyImpl implements Serializable, SecretKey
+final class KeyImpl implements SecretKey
 {
   // Enable this when serialization works.
   private static final long serialVersionUID = -7889313790214321193L;
@@ -65,7 +63,7 @@ final class KeyImpl implements Serializable, SecretKey
     else
       this.algorithm = "FIXME";
     this.type = type;
-    this.key = (byte[]) key.clone();
+    this.key = key.clone();
   }
 
   public KeyImpl(char[] passwd, String algo)
@@ -75,22 +73,26 @@ final class KeyImpl implements Serializable, SecretKey
     this.key = null; // double FIXME
   }
 
+  @Override
   public String getAlgorithm()
   {
     return algorithm;
   }
 
+  @Override
   public byte[] getEncoded()
   {
     return key;
   }
 
+  @Override
   public String getFormat()
   {
     // FIXME.
     return null;
   }
 
+  @Override
   public String toString()
   {
     return getClass().getName() +
diff --git a/javax/security/auth/login/AppConfigurationEntry.java b/javax/security/auth/login/AppConfigurationEntry.java
index fd4d09210..ecb7afa3a 100644
--- a/javax/security/auth/login/AppConfigurationEntry.java
+++ b/javax/security/auth/login/AppConfigurationEntry.java
@@ -1,5 +1,5 @@
 /* AppConfigurationEntry.java
-   Copyright (C) 2004, 2006, 2014 Free Software Foundation, Inc.
+   Copyright (C) 2004, 2006, 2014, 2015 Free Software Foundation, Inc.
 
 This file is part of GNU Classpath.
 
@@ -95,6 +95,7 @@ public class AppConfigurationEntry
 
   // Object methods ----------------------------------------------------------
 
+  @Override
   public String toString()
   {
 
@@ -127,6 +128,7 @@ public class AppConfigurationEntry
     // Instance methods.
     // -----------------------------------------------------------------------
 
+    @Override
     public String toString()
     {
       if (this == LoginModuleControlFlag.REQUIRED)
diff --git a/javax/security/auth/login/Configuration.java b/javax/security/auth/login/Configuration.java
index bbaef065d..93782950f 100644
--- a/javax/security/auth/login/Configuration.java
+++ b/javax/security/auth/login/Configuration.java
@@ -1,5 +1,5 @@
 /* Configuration.java
-   Copyright (C) 2004, 2006, 2014 Free Software Foundation, Inc.
+   Copyright (C) 2004, 2006, 2014, 2015 Free Software Foundation, Inc.
 
 This file is part of GNU Classpath.
 
@@ -38,11 +38,11 @@ exception statement from your version. */
 
 package javax.security.auth.login;
 
+import gnu.java.security.action.GetSecurityPropertyAction;
+
 import gnu.javax.security.auth.login.GnuConfiguration;
 
 import java.security.AccessController;
-import java.security.PrivilegedAction;
-import java.security.Security;
 
 import javax.security.auth.AuthPermission;
 
@@ -97,13 +97,7 @@ public abstract class Configuration
     if (config == null)
       {
         String conf = AccessController.doPrivileged
-          (new PrivilegedAction<String>()
-            {
-              public String run()
-              {
-                return Security.getProperty ("login.configuration.provider");
-              }
-            });
+          (new GetSecurityPropertyAction ("login.configuration.provider"));
         try
           {
             if (conf != null)
diff --git a/javax/security/auth/login/LoginContext.java b/javax/security/auth/login/LoginContext.java
index 39d8702c9..f05c660b5 100644
--- a/javax/security/auth/login/LoginContext.java
+++ b/javax/security/auth/login/LoginContext.java
@@ -96,13 +96,13 @@ public class LoginContext
     this.cbHandler = cbHandler;
     if (config == null)
       config = Configuration.getConfig();
-    AppConfigurationEntry[] entries = config.getAppConfigurationEntry (name);
-    if (entries == null)
-      entries = config.getAppConfigurationEntry (OTHER);
-    if (entries == null)
+    AppConfigurationEntry[] appEntries = config.getAppConfigurationEntry (name);
+    if (appEntries == null)
+      appEntries = config.getAppConfigurationEntry (OTHER);
+    if (appEntries == null)
       throw new LoginException ("no configured modules for application "
                                 + name);
-    this.entries = entries;
+    this.entries = appEntries;
     modules = new LoginModule[entries.length];
     sharedState = new HashMap<String,Object>();
     for (int i = 0; i < entries.length; i++)
@@ -223,7 +223,7 @@ public class LoginContext
   }
 
   private LoginModule lookupModule (AppConfigurationEntry entry,
-                                    Subject subject, Map<String,?> sharedState)
+                                    Subject subj, Map<String,?> state)
     throws LoginException
   {
     LoginModule module = null;
@@ -251,7 +251,7 @@ public class LoginContext
         cause = ie;
       }
 
-    if (cause != null)
+    if (module == null)
       {
         LoginException le = new LoginException ("could not load module "
                                                 + entry.getLoginModuleName());
@@ -259,7 +259,7 @@ public class LoginContext
         throw le;
       }
 
-    module.initialize (subject, cbHandler, sharedState, entry.getOptions());
+    module.initialize (subj, cbHandler, state, entry.getOptions());
     return module;
   }
 }
diff --git a/javax/security/auth/login/NullConfiguration.java b/javax/security/auth/login/NullConfiguration.java
index a3f0c9943..579c1386b 100644
--- a/javax/security/auth/login/NullConfiguration.java
+++ b/javax/security/auth/login/NullConfiguration.java
@@ -1,5 +1,5 @@
 /* NullConfiguration.java -- no-op default login configuration.
-   Copyright (C) 2004 Free Software Foundation, Inc.
+   Copyright (C) 2004, 2014 Free Software Foundation, Inc.
 
 This file is part of GNU Classpath.
 
@@ -51,11 +51,13 @@ final class NullConfiguration extends Configuration
   // Instance methods.
   // -------------------------------------------------------------------------
 
+  @Override
   public AppConfigurationEntry[] getAppConfigurationEntry (String applicationName)
   {
     return null;
   }
 
+  @Override
   public void refresh()
   {
   }
diff --git a/javax/security/auth/x500/X500Principal.java b/javax/security/auth/x500/X500Principal.java
index 79c3336e1..91b028ebc 100644
--- a/javax/security/auth/x500/X500Principal.java
+++ b/javax/security/auth/x500/X500Principal.java
@@ -141,6 +141,7 @@ public final class X500Principal implements Principal, Serializable
   // Instance methods.
   // ------------------------------------------------------------------------
 
+  @Override
   public int hashCode()
   {
     int result = size();
@@ -156,6 +157,7 @@ public final class X500Principal implements Principal, Serializable
     return result;
   }
 
+  @Override
   public boolean equals(Object o)
   {
     if (!(o instanceof X500Principal))
@@ -183,9 +185,10 @@ public final class X500Principal implements Principal, Serializable
   {
     if (encoded == null)
       encodeDer();
-    return (byte[]) encoded.clone();
+    return encoded.clone();
   }
 
+  @Override
   public String getName()
   {
     return getName (RFC2253);
@@ -241,6 +244,7 @@ public final class X500Principal implements Principal, Serializable
     return str.toString();
   }
 
+  @Override
   public String toString()
   {
     return getName (RFC2253);
@@ -318,7 +322,7 @@ public final class X500Principal implements Principal, Serializable
       }
   }
 
-  private String readAttributeType(Reader in) throws IOException
+  private static String readAttributeType(Reader in) throws IOException
   {
     CPStringBuilder buf = new CPStringBuilder();
     int ch;
@@ -441,9 +445,9 @@ public final class X500Principal implements Principal, Serializable
       }
   }
 
-  private void parseDer (InputStream encoded) throws IOException
+  private void parseDer (InputStream encodedStream) throws IOException
   {
-    DERReader der = new DERReader (encoded);
+    DERReader der = new DERReader (encodedStream);
     DERValue name = der.read();
     if (!name.isConstructed())
       throw new IOException ("malformed Name");
diff --git a/javax/security/auth/x500/X500PrivateCredential.java b/javax/security/auth/x500/X500PrivateCredential.java
index 8cba93c6f..f042335c1 100644
--- a/javax/security/auth/x500/X500PrivateCredential.java
+++ b/javax/security/auth/x500/X500PrivateCredential.java
@@ -1,5 +1,5 @@
 /* X500PrivateCredential.java -- certificate and private key pair.
-   Copyright (C) 2003, 2004  Free Software Foundation, Inc.
+   Copyright (C) 2003, 2004, 2014  Free Software Foundation, Inc.
 
 This file is part of GNU Classpath.
 
@@ -129,6 +129,7 @@ public final class X500PrivateCredential implements Destroyable
    * Destroy the sensitive data of this credential, setting the certificate,
    * private key, and keystore alias to null.
    */
+  @Override
   public void destroy()
   {
     certificate = null;
@@ -142,6 +143,7 @@ public final class X500PrivateCredential implements Destroyable
    *
    * @return True if this object has been destroyed.
    */
+  @Override
   public boolean isDestroyed()
   {
     return certificate == null && key == null;
diff --git a/javax/security/cert/Certificate.java b/javax/security/cert/Certificate.java
index 50c7340fb..53d690e11 100644
--- a/javax/security/cert/Certificate.java
+++ b/javax/security/cert/Certificate.java
@@ -1,5 +1,5 @@
 /* Certificate.java -- base class of public-key certificates.
-   Copyright (C) 2004 Free Software Foundation, Inc.
+   Copyright (C) 2004, 2014 Free Software Foundation, Inc.
 
 This file is part of GNU Classpath.
 
@@ -74,6 +74,7 @@ public abstract class Certificate
    * @param other The object to test.
    * @return True if the certificates are equal.
    */
+  @Override
   public boolean equals(Object other)
   {
     if (other == null || !(other instanceof Certificate))
@@ -99,6 +100,7 @@ public abstract class Certificate
    *
    * @return The hash code.
    */
+  @Override
   public int hashCode()
   {
     try
@@ -165,6 +167,7 @@ public abstract class Certificate
    *
    * @return The string.
    */
+  @Override
   public abstract String toString();
 
   /**
diff --git a/javax/security/cert/X509CertBridge.java b/javax/security/cert/X509CertBridge.java
index 36fc4202a..39fd44db8 100644
--- a/javax/security/cert/X509CertBridge.java
+++ b/javax/security/cert/X509CertBridge.java
@@ -1,5 +1,5 @@
 /* X509CertBridge.java -- bridge between JDK and JSSE cert APIs.
-   Copyright (C) 2004 Free Software Foundation, Inc.
+   Copyright (C) 2004, 2014 Free Software Foundation, Inc.
 
 This file is part of GNU Classpath.
 
@@ -70,6 +70,7 @@ final class X509CertBridge extends X509Certificate
   // Instance methods.
   // -------------------------------------------------------------------------
 
+  @Override
   public byte[] getEncoded() throws CertificateEncodingException
   {
     try
@@ -82,6 +83,7 @@ final class X509CertBridge extends X509Certificate
       }
   }
 
+  @Override
   public void verify(PublicKey key)
     throws CertificateException, NoSuchAlgorithmException, InvalidKeyException,
            NoSuchProviderException, SignatureException
@@ -96,6 +98,7 @@ final class X509CertBridge extends X509Certificate
       }
   }
 
+  @Override
   public void verify(PublicKey key, String sigProvider)
     throws CertificateException, NoSuchAlgorithmException, InvalidKeyException,
            NoSuchProviderException, SignatureException
@@ -110,16 +113,19 @@ final class X509CertBridge extends X509Certificate
       }
   }
 
+  @Override
   public String toString()
   {
     return cert.toString();
   }
 
+  @Override
   public PublicKey getPublicKey()
   {
     return cert.getPublicKey();
   }
 
+  @Override
   public void checkValidity()
     throws CertificateExpiredException, CertificateNotYetValidException
   {
@@ -137,6 +143,7 @@ final class X509CertBridge extends X509Certificate
       }
   }
 
+  @Override
   public void checkValidity(Date date)
     throws CertificateExpiredException, CertificateNotYetValidException
   {
@@ -154,46 +161,55 @@ final class X509CertBridge extends X509Certificate
       }
   }
 
+  @Override
   public int getVersion()
   {
     return cert.getVersion();
   }
 
+  @Override
   public BigInteger getSerialNumber()
   {
     return cert.getSerialNumber();
   }
 
+  @Override
   public Principal getIssuerDN()
   {
     return cert.getIssuerDN();
   }
 
+  @Override
   public Principal getSubjectDN()
   {
     return cert.getSubjectDN();
   }
 
+  @Override
   public Date getNotBefore()
   {
     return cert.getNotBefore();
   }
 
+  @Override
   public Date getNotAfter()
   {
     return cert.getNotAfter();
   }
 
+  @Override
   public String getSigAlgName()
   {
     return cert.getSigAlgName();
   }
 
+  @Override
   public String getSigAlgOID()
   {
     return cert.getSigAlgOID();
   }
 
+  @Override
   public byte[] getSigAlgParams()
   {
     return cert.getSigAlgParams();
diff --git a/javax/security/sasl/Sasl.java b/javax/security/sasl/Sasl.java
index e77bdb86b..89e7588d2 100644
--- a/javax/security/sasl/Sasl.java
+++ b/javax/security/sasl/Sasl.java
@@ -1,5 +1,5 @@
 /* Sasl.java --
-   Copyright (C) 2003, 2004, 2005, 2014 Free Software Foundation, Inc.
+   Copyright (C) 2003, 2004, 2005, 2014, 2015 Free Software Foundation, Inc.
 
 This file is part of GNU Classpath.
 
@@ -416,13 +416,11 @@ public class Sasl
                   }
                 if (clazz == null)
                   continue;
-                else
-                  clazz = clazz.trim();
+		clazz = clazz.trim();
               }
 
             try
               {
-                result = null;
                 factory = (SaslClientFactory) Class.forName(clazz).newInstance();
                 result = factory.createSaslClient(mechanisms, authorizationID,
                                                   protocol, serverName, props, cbh);
@@ -610,12 +608,10 @@ public class Sasl
           }
         if (clazz == null)
           continue;
-        else
-          clazz = clazz.trim();
+	clazz = clazz.trim();
 
         try
           {
-            result = null;
             factory = (SaslServerFactory) Class.forName(clazz).newInstance();
             result =
               factory.createSaslServer(mechanism, protocol, serverName, props, cbh);
diff --git a/javax/security/sasl/SaslException.java b/javax/security/sasl/SaslException.java
index f4407e761..073dc0991 100644
--- a/javax/security/sasl/SaslException.java
+++ b/javax/security/sasl/SaslException.java
@@ -1,5 +1,5 @@
 /* SaslException.java
-   Copyright (C) 2003, 2005, Free Software Foundation, Inc.
+   Copyright (C) 2003, 2005, 2015, Free Software Foundation, Inc.
 
 This file is part of GNU Classpath.
 
@@ -41,16 +41,13 @@ package javax.security.sasl;
 import gnu.java.lang.CPStringBuilder;
 
 import java.io.IOException;
-import java.io.PrintStream;
-import java.io.PrintWriter;
-import java.io.Serializable;
 
 /**
  * This class represents an error that has occurred when using SASL.
  *
  * @since 1.5
  */
-public class SaslException extends IOException implements Serializable
+public class SaslException extends IOException
 {
 
   // Constants and variables
@@ -106,7 +103,7 @@ public class SaslException extends IOException implements Serializable
    */
   public SaslException(String detail, Throwable ex)
   {
-    super(detail);
+    super(detail, ex);
     _exception = ex;
   }
 
@@ -123,49 +120,23 @@ public class SaslException extends IOException implements Serializable
    *
    * @return the possibly <code>null</code> exception that caused this exception.
    */
+  @Override
   public Throwable getCause()
   {
     return _exception;
   }
 
   /**
-   * Prints this exception's stack trace to <code>System.err</code>. If this
-   * exception has a root exception; the stack trace of the root exception is
-   * also printed to <code>System.err</code>.
-   */
-  public void printStackTrace()
-  {
-    super.printStackTrace();
-    if (_exception != null)
-      _exception.printStackTrace();
-  }
-
-  /**
-   * Prints this exception's stack trace to a print stream. If this exception
-   * has a root exception; the stack trace of the root exception is also
-   * printed to the print stream.
-   *
-   * @param ps the non-null print stream to which to print.
-   */
-  public void printStackTrace(PrintStream ps)
-  {
-    super.printStackTrace(ps);
-    if (_exception != null)
-      _exception.printStackTrace(ps);
-  }
-
-  /**
-   * Prints this exception's stack trace to a print writer. If this exception
-   * has a root exception; the stack trace of the root exception is also
-   * printed to the print writer.
-   *
-   * @param pw the non-null print writer to use for output.
+   * @inheritDoc
    */
-  public void printStackTrace(PrintWriter pw)
+  @Override
+  public Throwable initCause(Throwable cause)
   {
-    super.printStackTrace(pw);
-    if (_exception != null)
-      _exception.printStackTrace(pw);
+    super.initCause(cause);
+    // Sync our copy if the superclass one changed
+    if (super.getCause() == cause)
+      _exception = cause;
+    return this;
   }
 
   /**
@@ -178,6 +149,7 @@ public class SaslException extends IOException implements Serializable
    * @return the non-null string representation of this exception.
    * @see Throwable#getMessage()
    */
+  @Override
   public String toString()
   {
     CPStringBuilder sb = new CPStringBuilder(this.getClass().getName())