188 files changed, 2349 insertions, 895 deletions

diff --git a/ChangeLog b/ChangeLog
index 0484be28d..80c70654f 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,3 +1,1050 @@
+2015-03-11  Andrew John Hughes  <gnu_andrew@member.fsf.org>
+
+	* configure.ac:
+	(ECJ_WARNINGS): Turn off parameter assignment,
+	autoboxing and overridding without a super method
+	call warnings for now.
+	* gnu/java/security/OID.java:
+	(OID(int[],boolean)): Remove unnecessary cast on clone() call.
+	(getIDs()): Likewise.
+	(getDER()): Likewise.
+	(clone()): Add @Override.
+	(toString()): Add @Override. Remove unncessary else clause.
+	(hashCode()): Add @Override.
+	(equals(Object)): Likewise.
+	(compareTo(OID)): Likewise.
+	* gnu/java/security/PolicyFile.java:
+	(getPermissions(CodeSource)): Add @Override.
+	(refresh()): Likewise and on anonymous inner class run() method.
+	(toString()): Add @Override.
+	(parse(URL)): Throw exception if p is null, and suppress associated
+	warning, as exception is thrown via error method. Add default
+	empty case to switch method. Call error method with the exception,
+	not the result of its toString() method. Remove unneeded else block.
+	(expand(String)): Avoid shadowing the prop variable.
+	(error(URL,StreamTokenizer,Throwable)): Add new variant that allows
+	the cause to be included.
+	* gnu/java/security/Properties.java:
+	(init()): Avoid unnecessary casts.
+	(handleBooleanProperty(String)): Make static.
+	* gnu/java/security/action/GetPropertyAction.java:
+	(run()): Add @Override.
+	* gnu/java/security/action/GetSecurityPropertyAction.java:
+	(run()): Add @Override.
+	* gnu/java/security/ber/BERReader.java:
+	(read()): Add @Override. Remove unnecessary else clause.
+	* gnu/java/security/ber/BERValue.java:
+	(getLength()): Add @Override.
+	* gnu/java/security/der/BitString.java:
+	(toByteArray()): Remove unnecessary cast on clone() call.
+	(getShiftedByteArray()): Likewise.
+	(toBooleanArray()): Likewise.
+	(clone(): Add @Override.
+	(hashCode()): Likewise.
+	(equals(Object)): Likewise.
+	(toString()): Likewise.
+	* gnu/java/security/der/DERReader.java:
+	(makeTime(int,byte[])): Make static. Mark fall-through
+	cases in switch statement. Add default case which throws
+	an exception.
+	* gnu/java/security/der/DERValue.java:
+	(DERValue(int,int,Object,byte[])): Remove unnecessary cast on clone() call.
+	(getValueAs(int)): Avoid shadowing of encoded variable.
+	(getEncoded()): Remove unnecessary cast on clone() call.
+	(toString()): Add @Override.
+	* gnu/java/security/hash/BaseHash.java:
+	(name()): Add @Override.
+	(hashSize()): Likewise.
+	(blockSize()): Likewise.
+	(update(byte)): Likewise.
+	(update(byte[])): Likewise.
+	(update(byte[],int,int)): Likewise.
+	(digest()): Likewise.
+	(reset()): Likewise.
+	(clone()): Likewise.
+	(selfTest()): Likewise.
+	* gnu/java/security/hash/Haval.java:
+	(Haval(Haval)): Remove unnecessary cast on clone() call.
+	(clone()): Add @Override.
+	(transform(byte[],int)): Likewise.
+	(padBuffer()): Likewise.
+	(getResult()): Likewise.
+	(resetContext()): Likewise.
+	(selfTest()): Likewise.
+	(tailorDigestBits()): Add empty default case to switch statement.
+	(FF5(int,int,int,int,int,int,int,int,int,int)): Make static.
+	(f1(int,int,int,int,int,int,int)): Likewise.
+	(f2(int,int,int,int,int,int,int)): Likewise.
+	(f3(int,int,int,int,int,int,int)): Likewise.
+	(f4(int,int,int,int,int,int,int)): Likewise.
+	(f5(int,int,int,int,int,int,int)): Likewise.
+	* gnu/java/security/hash/MD2.java:
+	(MD2(MD2)): Remove unnecessary casts on clone() call.
+	(clone()): Add @Override.
+	(getResult()): Likewise.
+	(resetContext()): Likewise.
+	(selfTest())): Likewise.
+	(padBuffer()): Likewise.
+	(transform(byte[],int)): LIkewise.
+	* gnu/java/security/hash/MD4.java:
+	(MD4(MD4)): Remove unncessary casts on clone() call.
+	(clone()): Add @Override.
+	(getResult()): Likewise.
+	(resetContext()): Likewise.
+	(selfTest())): Likewise. Avoid shadowing d variable.
+	(padBuffer()): Likewise.
+	(transform(byte[],int)): LIkewise.
+	* gnu/java/security/hash/MD5.java:
+	(MD5(MD5)): Remove unnecessary casts on clone() call.
+	(clone()): Add @Override.
+	(transform(byte[],int)): LIkewise.
+	(padBuffer()): Likewise.
+	(getResult()): Likewise.
+	(resetContext()): Likewise.
+	(selfTest())): Likewise.
+	* gnu/java/security/hash/RipeMD128.java:
+	(RipeMD128(RipeMD128)): Remove unnecessary casts on clone() call.
+	(clone()): Add @Override.
+	(transform(byte[],int)): LIkewise.
+	(padBuffer()): Likewise.
+	(getResult()): Likewise.
+	(resetContext()): Likewise.
+	(selfTest())): Likewise.
+	* gnu/java/security/hash/RipeMD160.java:
+	(RipeMD160(RipeMD160)): Remove unnecessary casts on clone() call.
+	(clone()): Add @Override.
+	(transform(byte[],int)): LIkewise.
+	(padBuffer()): Likewise.
+	(getResult()): Likewise.
+	(resetContext()): Likewise.
+	(selfTest())): Likewise.
+	* gnu/java/security/hash/Sha160.java:
+	(Sha160(Sha160)): Remove unnecessary casts on clone() call.
+	(clone()): Add @Override.
+	(transform(byte[],int)): LIkewise.
+	(padBuffer()): Likewise.
+	(getResult()): Likewise.
+	(resetContext()): Likewise.
+	(selfTest())): Likewise.
+	* gnu/java/security/hash/Sha256.java:
+	(Sha256(Sha256)): Remove unnecessary casts on clone() call.
+	(clone()): Add @Override.
+	(transform(byte[],int)): LIkewise.
+	(padBuffer()): Likewise.
+	(getResult()): Likewise.
+	(resetContext()): Likewise.
+	(selfTest())): Likewise.
+	* gnu/java/security/hash/Sha384.java:
+	(Sha384(Sha384)): Remove unnecessary casts on clone() call.
+	(clone()): Add @Override.
+	(transform(byte[],int)): LIkewise.
+	(padBuffer()): Likewise.
+	(getResult()): Likewise.
+	(resetContext()): Likewise.
+	(selfTest())): Likewise.
+	* gnu/java/security/hash/Sha512.java:
+	(Sha512(Sha512)): Remove unnecessary casts on clone() call.
+	(clone()): Add @Override.
+	(transform(byte[],int)): LIkewise.
+	(padBuffer()): Likewise.
+	(getResult()): Likewise.
+	(resetContext()): Likewise.
+	(selfTest())): Likewise.
+	* gnu/java/security/hash/Tiger.java:
+	(Tiger(Tiger)): Remove unnecessary casts on clone() call.
+	(clone()): Add @Override.
+	(selfTest())): Likewise.
+	(padBuffer()): Likewise.
+	(getResult()): Likewise.
+	(resetContext()): Likewise.
+	(transform(byte[],int)): LIkewise.
+	* gnu/java/security/hash/Whirlpool.java,
+	(Whirlpool(Whirlpool)): Remove unnecessary casts on clone() call.
+	(clone()): Add @Override.
+	(transform(byte[],int)): LIkewise.
+	(padBuffer()): Likewise.
+	(getResult()): Likewise.
+	(resetContext()): Likewise.
+	(selfTest())): Likewise.
+	* gnu/java/security/jce/hash/MessageDigestAdapter.java:
+	(clone()): Add @Override.
+	(engineGetDigestLength()): Likewise.
+	(engineUpdate(byte)): Likewise.
+	(engineUpdate(byte[],int,int)): Likewise.
+	(engineDigest()): Likewise.
+	(engineDigest(byte[],int,int)): Likewise.
+	(engineReset()): Likewise.
+	* gnu/java/security/jce/sig/DSSKeyPairGeneratorSpi.java:
+	(initialize(int,SecureRandom)): Add @Override.
+	(initialize(AlgorithmParameterSpec,SecureRandom)): Likewise.
+	* gnu/java/security/jce/sig/DSSParametersGenerator.java:
+	(engineInit(int,SecureRandom)): Add @Override.
+	(engineInit(AlgorithmParameterSpec,SecureRandom)): Likewise.
+	(engineGenerateParameters()): Likewise.
+	* gnu/java/security/jce/sig/EncodedKeyFactory.java:
+	(decodeDSSPublicKey(DSAPublicKeySpec)): Make static.
+	(decodeRSAPublicKey(RSAPublicKeySpec)): Likewise.
+	(decodeDHPublicKey(DHPublicKeySpec)): Likewise.
+	(decodeDHPublicKey(byte[]]): Likewise.
+	(decodeDSSPrivateKey(DSAPrivateKeySpec)): Likewise.
+	(decodeRSAPrivateKey(RSAPrivateCrtKeySpec)): Likewise.
+	(decodeDHPrivateKey(DHPrivateKeySpec)): Likewise.
+	(decodeDHPrivateKey(byte[])): Likewise.
+	* gnu/java/security/jce/sig/KeyPairGeneratorAdapter.java:
+	(initialize(int,SecureRandom)): Add Override.
+	(initialize(AlgorithmParameterSpec,SecureRandom)): Likewise.
+	(generateKeyPair()): Likewise.
+	(localiseName(String)): Uncomment conversion.
+	* gnu/java/security/jce/sig/RSAKeyPairGeneratorSpi.java:
+	(initialize(int,SecureRandom)): Add Override.
+	(initialize(AlgorithmParameterSpec,SecureRandom)): Likewise.
+	* gnu/java/security/jce/sig/SignatureAdapter.java:
+	Drop unneeded import of BaseSignature.
+	(clone()): Add @Override.
+	(engineInitVerify(PublicKey)): Reference VERIFIER_KEY via
+	interface ISignature where it is defined.
+	(engineInitSign(PrivateKey)): Likewise for SIGNER_KEY.
+	(engineInitSign(PrivateKey,SecureRandom)): Likewise for
+	SIGNER_KEY and SOURCE_OF_RANDOMNESS.
+	* gnu/java/security/key/KeyPairCodecFactory.java:
+	(getInstance(String,int)): Add default case which returns null.
+	(getInstance(Key)): Likewise and fix typo in documentation.
+	* gnu/java/security/key/dss/DSSKey.java:
+	(getParams()): Add @Override.
+	(getAlgorithm()): Likewise.
+	(getEncoded()): Likewise.
+	(getFormat()): LIkewise.
+	(equals(Object)): Likewise.
+	(hashCode()): Add implementation using java.util.Objects.hash
+	(toString()): Remove unneeded cast.
+	* gnu/java/security/key/dss/DSSKeyPairGenerator.java:
+	(setup(MAp)): Remove unnecessary else clause.
+	(generate()): Remove left-over debug statement.
+	* gnu/java/security/key/dss/DSSKeyPairRawCodec.java:
+	(getFormatID()): Add @Override.
+	(encodePublicKey(PublicKey)): Likewise.
+	(decodePublicKey(byte[])): Likewise.
+	(encodePrivateKey(PrivateKey)): Likewise.
+	(decodePrivateKey(byte[])): Likewise.
+	* gnu/java/security/key/dss/DSSKeyPairX509Codec.java:
+	(getFormatID()): Add @Override.
+	(encodePublicKey(PublicKey)): Likewise.
+	(encodePrivateKey(PrivateKey)): Likewise.
+	(decodePublicKey(byte[])): Likewise.
+	(decodePrivateKey(byte[])): Likewise.
+	* gnu/java/security/key/dss/DSSPrivateKey.java:
+	Drop unneeded reference to PrivateKey.
+	(getX()): Add @Override.
+	(getEncoded(int)): Likewise.
+	(equals(Object)): Likewise.
+	(hashCode()): Implemented.
+	(toString()): Add @Override and remove unneeded cast.
+	* gnu/java/security/key/dss/DSSPublicKey.java:
+	Drop unneeded reference to PublicKey.
+	(getY()): Add @Override.
+	(getEncoded(int)): Likewise.
+	(equals(Object)): Likewise.
+	(hashCode()): Implemented.
+	(toString()): Add @Override and remove unneeded cast.
+	* gnu/java/security/key/rsa/GnuRSAKey.java:
+	(getModulus()): Add @Override.
+	(getAlgorithm()): Likewise.
+	(getEncoded()): Likewise.
+	(getFormat()): Likewise.
+	(equals(Object)): Likewise.
+	(hashCode()): Implemented using java.util.Objects.hash
+	(toString()): Add @Override and remove unneeded cast.
+	* gnu/java/security/key/rsa/GnuRSAPrivateKey.java:
+	Drop unneeded reference to PrivateKey.
+	(getPrimeP()): Add @Override.
+	(getPrimeQ()): Likewise.
+	(getPrimeExponentP()): Likewise.
+	(getPrimeExponentQ()): Likewise.
+	(getCrtCoefficient()): Likewise.
+	(getPrivateExponent()): Likewise.
+	(getEncoded(int)): Likewise.
+	(equals(Object)): Likewise.
+	(hashCode()): Implemented using java.util.Objects.hash.
+	(toString()): Add @Override and remove unneeded cast.
+	* gnu/java/security/key/rsa/GnuRSAPublicKey.java:
+	Drop unneeded reference to PublicKey.
+	(getEncoded()): Add @Override.
+	(equals(Object)): Likewise.
+	(hashCode()): Implemented.
+	(toString()): Add @Override and remove unneeded cast.
+	* gnu/java/security/key/rsa/RSAKeyPairPKCS8Codec.java:
+	(getFormatID()): Add @Override.
+	(encodePublicKey(PublicKey)): Likewise.
+	(encodePrivateKey(PrivateKey)): Likewise.
+	(decodePublicKey(byte[])): Likewise.
+	(decodePrivateKey(byte[])): Likewise.
+	* gnu/java/security/key/rsa/RSAKeyPairRawCodec.java:
+	(getFormatID()): Add @Override.
+	(encodePublicKey(PublicKey)): Likewise.
+	(decodePublicKey(byte[])): Likewise.
+	(encodePrivateKey(PrivateKey)): Likewise.
+	(decodePrivateKey(byte[])): Likewise.
+	* gnu/java/security/pkcs/PKCS7SignedData.java:
+	(PKCS7SignedData(BERReader)): Refer to constants by
+	the interface where they are defined. Rename crls
+	to avoid shadowing the class variable.
+	* gnu/java/security/pkcs/SignerInfo.java:
+	(SignerInfo(BERReader)): Refer to constants by the
+	interface where they are defined.
+	* gnu/java/security/prng/BasePRNG.java:
+	(addRandomBytes(byte[])): Add @Override.
+	(addRandomBytes(byte[],int,int)): Likewise. Rename
+	buffer to buf to avoid shadowing.
+	(clone()): Remove unnecessary cast and this references.
+	* gnu/java/security/prng/MDGenerator.java:
+	Remove unneeded reference to Cloneable.
+	* gnu/java/security/prng/RandomEvent.java:
+	(RandomEvent(Object,byte,byte,byte[])): Remove unnecessary cast.
+	* gnu/java/security/provider/DefaultPolicy.java:
+	(getPermissions(CodeSource)): Add @Override.
+	(refresh()): Likewise.
+	* gnu/java/security/provider/Gnu.java:
+	(Gnu()): Add @Override to run implementation in anonymous inner
+	class.
+	* gnu/java/security/provider/PKIXCertPathValidatorImpl.java:
+	(engineValidate(CertPath,CertPathParameters)): Add @Override. Remove
+	unneeded cast and else clause.
+	(checkExplicitPolicy(int,List)): Make static.
+	* gnu/java/security/provider/X509CertificateFactory.java:
+	(generateCert(InputStream)): Make static. Remove unnecessary
+	else clause.
+	(generateCRL(InputStream)): Likewise.
+	* gnu/java/security/sig/SignatureCodecFactory.java:
+	(getInstance(String,int)): Add default case to switch statement.
+	* gnu/java/security/sig/dss/DSSSignature.java:
+	(encodeSignature(BigInteger,BigInteger)): Make static.
+	(decodeSignature(Object)): Likewise.
+	* gnu/java/security/sig/dss/DSSSignatureRawCodec.java:
+	(getFormatID()): Add @Override.
+	(encodeSignature(Object)): Likewise.
+	(decodeSignature(byte[])): Likewise.
+	* gnu/java/security/sig/dss/DSSSignatureX509Codec.java:
+	(getFormatID()): Add @Override.
+	(encodeSignature(Object)): Likewise.
+	(decodeSignature(byte[])): Likewise.
+	* gnu/java/security/sig/rsa/EMSA_PKCS1_V1_5.java:
+	(clone()): Add @Override.
+	* gnu/java/security/sig/rsa/EMSA_PSS.java:
+	(clone()): Add @Override.
+	* gnu/java/security/sig/rsa/RSA.java:
+	(RSADP(RSAPrivateKey, BigInteger)): Suppress null warning
+	as r is always non-null if rsaBlinding is true.
+	* gnu/java/security/sig/rsa/RSAPKCS1V1_5Signature.java:
+	(clone()): Add @Override.
+	(setupForVerification(PublicKey)): Likewise.
+	(setupForSigning(PrivateKey)): Likewise.
+	(generateSignature()): Likewise.
+	(verifySignature(Object)): Likewise.
+	* gnu/java/security/sig/rsa/RSAPKCS1V1_5SignatureRawCodec.java:
+	(getFormatID()): Add @Override.
+	(encodeSignature(Object)): Likewise.
+	(decodeSignature(byte[])): Likewise.
+	* gnu/java/security/sig/rsa/RSAPKCS1V1_5SignatureX509Codec.java:
+	(getFormatID()): Add @Override.
+	(encodeSignature(Object)): Likewise.
+	(decodeSignature(byte[])): Likewise.
+	* gnu/java/security/sig/rsa/RSAPSSSignature.java:
+	(clone()): Add @Override.
+	(setupForVerification(PublicKey)): Likewise. Remove unnecessary
+	cast.
+	(setupForSigning(PrivateKey)): Likewise.
+	(generateSignature()): Add @Override.
+	(verifySignature(Object)): Likewise.
+	* gnu/java/security/sig/rsa/RSAPSSSignatureRawCodec.java:
+	(getFormatID()): Add @Override.
+	(encodeSignature(Object)): Likewise.
+	(decodeSignature(byte[])): Likewise.
+	* gnu/java/security/util/ByteArray.java:
+	(toString()): Add @Override.
+	* gnu/java/security/util/ByteBufferOutputStream.java:
+	(toString()): Add @Override.
+	* gnu/java/security/util/ExpirableObject.java:
+	(destroy()): Add @Override.
+	(Destroyer.run()): Likewise.
+	* gnu/java/security/util/FormatUtil.java:
+	(getEncodingName(int)): Add default case for switch statement.
+	(getEncodingShortName(int)): Likewise.
+	* gnu/java/security/util/Sequence.java:
+	(size()): Add @Override.
+	(toArray()): Likewise. Remove unnecessary cast.
+	* gnu/java/security/util/SimpleList.java:
+	(size()): Add @Override.
+	(get(int)): Likewise.
+	(toString()): Likewise.
+	* gnu/java/security/util/Util.java:
+	(toBase64(byte[])): Add default case to switch statement which
+	does nothing. Remove unnecessary else clause.
+	* gnu/java/security/x509/PolicyNodeImpl.java:
+	(addExpectedPolicy(String)): Rename variable to expectedPolicy
+	to avoid shadowing policy variable.
+	(addAllPolicyQualifiers(Collection)): Rename variable to
+	policyQualifiers to avoid shadowing qualifiers variable.
+	Rewrite collection check to catch ClassCastException as,
+	if it.next() returns normally, it will always be an instance
+	of PolicyQualifierInfo.
+	(toString()): Add @Override.
+	* gnu/java/security/x509/X500DistinguishedName.java:
+	(X500DistinguishedName(String)): Throw IOException rather
+	than catching it as calling methods in X509CRLSelector
+	implementations, addIssuerName(String), expect an
+	IOException to be thrown if there is a parsing error.
+	(getName()): Add @Override.
+	(hashCode()): Likewise.
+	(equals(Object)): Likewise.
+	(toString()): Likewise.
+	(getDer()): Remove unnecessary casts.
+	(readAttributeType(Reader)): Make static.
+	* gnu/java/security/x509/X509CRL.java:
+	(equals(Object)): Add @Override.
+	(hashCode()): Likewise.
+	(getEncoded()): Remove unnecessary cast.
+	(getIssuerX500Principal()): Add @Override.
+	(getTBSCertList()): Remove unnecessary cast.
+	(getSignature()): Likewise.
+	(getSigAlgParams()): Likewise.
+	(hasUnsupportedCriticalExtension()): Add @Override.
+	(getCriticialExtensionOIDs()): Likewise.
+	(getNonCriticalExtensionOIDs()): Likewise.
+	(getExtensionValue(String)): Likewise.
+	(isRevoked(Certificate)): Likewise. Remove unnecessary
+	cast.
+	(parse(InputStream)): Remove unnecessary cast.
+	* gnu/java/security/x509/X509CRLEntry.java:
+	(getEncoded()): Remove unncessary cast.
+	(hasUnsupportedCriticalExtension()): Add @Override.
+	(getCriticialExtensionOIDs()): Likewise.
+	(getNonCriticalExtensionOIDs()): Likewise.
+	(getExtensionValue(String)): Likewise.
+	* gnu/java/security/x509/X509CRLSelectorImpl.java:
+	(addIssuerName(String)): Throw IOException as specified.
+	* gnu/java/security/x509/X509CertPath.java:
+	(getCertificates()): Add @Override.
+	(getEncoded()): Likewise. Remove unnecessary casts.
+	(getEncodings()): Add @Override.
+	(parse(InputStream, String)): Rename path to parsedPath
+	to avoid shadowing.
+	* gnu/java/security/x509/X509CertSelectorImpl.java:
+	(addIssuerName(String)): Throw IOException as specified.
+	* gnu/java/security/x509/X509Certificate.java:
+	Remove unneeded Serializable reference.
+	(checkValidity()): Add @Override.
+	(checkValidity(Date)): Likewise.
+	(getVersion()): Likewise.
+	(getSerialNumber()): Likewise.
+	(getIssuerDN()): Likewise.
+	(getIssuerX500Principal()): Likewise.
+	(getSubjectDN()): Likewise.
+	(getSubjectX500Principal()): Likewise.
+	(getNotBefore()): Likewise.
+	(getNotAfter()): Likewise.
+	(getTBSCertificate()): Likewise. Remove unnecessary cast.
+	(getSignature()): Likewise.
+	(getSigAlgName()): Add @Override.
+	(getSigAlgOID()): Likewise.
+	(getSigAlgParams()): Likewise. Remove unnecessary cast.
+	(getIssuerUniqueID()): Add @Override.
+	(getSubjectUniqueID()): Likewise.
+	(getKeyUsage()): Likewise.
+	(getExtendedKeyUsage()): Likewise.
+	(getBasicConstraints()): Likewise.
+	(getSubjectAlternativeNames()): Likewise. Make conversion
+	from int to Integer explicit.
+	(getIssuerAlternativeNames()): Likewise.
+	(hasUnsupportedCriticalExtension()): Add @Override.
+	(getCriticialExtensionOIDs()): Likewise.
+	(getNonCriticalExtensionOIDs()): Likewise.
+	(getExtensionValue(String)): Likewise.
+	(getEncoded()): Likewise. Remove unnecessary cast.
+	(verify(PublicKey)): Add @Override.
+	(verify(PublicKey, String)): Likewise.
+	(toString()): Likewise.
+	(getPublicKey()): Likewise.
+	(parse(InputStream)): Rename encoded to enc to avoid shadowing.
+	Avoid unnecessary cast.
+	* gnu/java/security/x509/ext/AuthorityKeyIdentifier.java:
+	(toString()): Add @Override.
+	* gnu/java/security/x509/ext/BasicConstraints.java:
+	(getEncoded()): Add @Override. Remove unncessary casts.
+	(toString()): Add @Override.
+	* gnu/java/security/x509/ext/CRLNumber.java:
+	(getEncoded()): Add @Override. Remove unncessary casts.
+	(toString()): Add @Override.
+	* gnu/java/security/x509/ext/CertificatePolicies.java:
+	(CertificatePolicies(List,Map)): Swap empty for-loop
+	for a while loop.
+	(getEncoded()): Add @Override. Remove unnecessary cast.
+	(toString()): Add @Override.
+	* gnu/java/security/x509/ext/ExtendedKeyUsage.java:
+	(toString()): Add @Override.
+	* gnu/java/security/x509/ext/Extension.java:
+	(Extension(byte[])): Remove unnecessary cast.
+	(getEncoded()): Likewise.
+	(toString()): Add @Override.
+	(Value.Value(byte[])): Remove unnecessary cast.
+	(Value.getEncoded()): Likewise.
+	(hashCode()): Add @Override.
+	(equals(Object)): Likewise.
+	(toString()): Likewise.
+	* gnu/java/security/x509/ext/GeneralName.java:
+	(Kind.forTag(int)): Add default case.
+	(Kind): Remove unnecessary ; on closing brace.
+	(GeneralName(Kind,byte[])): Remove unnecessary cast.
+	(name()): Likewise.
+	(encoded()): Check for null rather than catching exception.
+	Remove unnecessary cast.
+	(equals(Object)): Add @Override. Avoid unnecessary method call.
+	(hashCode()): Implemented using java.util.Objects.hash.
+	(toString()): Add @Override.
+	* gnu/java/security/x509/ext/GeneralNames.java:
+	(toString()): Add @Override.
+	* gnu/java/security/x509/ext/GeneralSubtree.java:
+	(toString()): Add @Override.
+	* gnu/java/security/x509/ext/IssuerAlternativeNames.java:
+	(toString()): Add @Override.
+	* gnu/java/security/x509/ext/KeyUsage.java:
+	(toString()): Add @Override.
+	* gnu/java/security/x509/ext/NameConstraints.java:
+	(toString()): Add @Override.
+	* gnu/java/security/x509/ext/PolicyConstraint.java:
+	(toString()): Add @Override.
+	* gnu/java/security/x509/ext/PolicyMappings.java:
+	(toString()): Add @Override.
+	* gnu/java/security/x509/ext/PrivateKeyUsagePeriod.java:
+	(toString()): Add @Override.
+	* gnu/java/security/x509/ext/ReasonCode.java:
+	(toString()): Add @Override.
+	* gnu/java/security/x509/ext/SubjectAlternativeNames.java:
+	(toString()): Add @Override.
+	* gnu/java/security/x509/ext/SubjectKeyIdentifier.java:
+	(getKeyIdentifier()): Remove unnecessary cast.
+	(toString()): Add @Override.
+	* gnu/javax/security/auth/Password.java:
+	(doDestroy): Add @Override. Remove unneeded else block.
+	(isDestroyed): Add @Override.
+	* gnu/javax/security/auth/callback/AWTCallbackHandler.java:
+	(handleChoice(ChoiceCallback)): Add @Override.
+	(handleConfirmation(ConfirmationCallback)): Likewise.
+	(handleLanguage(LanguageCallback)): Likewise.
+	(handleName(NameCallback)): Likewise.
+	(handlePassword(PasswordCallback)): Likewise.
+	(handleTextInput(TextInputCallback)): Likewise.
+	(handleTextOutput(TextOutputCallback)): Likewise.
+	(actionPerformed(ActionEvent)): Likewise.
+	(windowClosing(WindowEvent)): Likewise.
+	(windowOpened(WindowEvent)): Likewise.
+	(windowClosed(WindowEvent)): Likewise.
+	(windowIconified(WindowEvent)): Likewise.
+	(windowDeiconified(WindowEvent)): Likewise.
+	(windowActivated(WindowEvent)): Likewise.
+	(windowDeactivated(WindowEvent)): Likewise.
+	* gnu/javax/security/auth/callback/AbstractCallbackHandler.java:
+	(AbstractCallbackHandler(String)): Reference getBundle by class
+	where it is implemented (ResourceBundle).
+	(handle(Callback[])): Add @Override.
+	(handleChoice(ChoiceCallback)): Allow and document an
+	UnsupportedCallbackException being thrown.
+	(handleConfirmation(ConfirmationCallback)): Likewise.
+	(handleLanguage(LanguageCallback)): Likewise.
+	(handleName(NameCallback)): Likewise.
+	(handlePassword(PasswordCallback)): Likewise.
+	(handleTextInput(TextInputCallback)): Likewise.
+	(handleTextOutput(TextOutputCallback)): Likewise.
+	(handleOther(Callback)): Suppress warnings resulting from
+	unused variables, unthrown exceptions and lack of IOException
+	being thrown. They are necessary for subclasses.
+	* gnu/javax/security/auth/callback/ConsoleCallbackHandler.java:
+	(handleChoice(ChoiceCallback)): Add @Override. Drop unnecessary
+	cast.
+	(handleConfirmation(ConfirmationCallback)): Add @Override.
+	(handleLanguage(LanguageCallback)): Likewise.
+	(handleName(NameCallback)): Likewise.
+	(handlePassword(PasswordCallback)): Likewise.
+	(handleTextInput(TextInputCallback)): Likewise.
+	(handleTextOutput(TextOutputCallback)): Likewise.
+	* gnu/javax/security/auth/callback/DefaultCallbackHandler.java:
+	(handleChoice(ChoiceCallback)): Add @Override.
+	(handleConfirmation(ConfirmationCallback)): Likewise.
+	(handleLanguage(LanguageCallback)): Likewise.
+	(handleName(NameCallback)): Likewise.
+	(handlePassword(PasswordCallback)): Likewise.
+	(handleTextInput(TextInputCallback)): Likewise.
+	(handleTextOutput(TextOutputCallback)): Likewise.
+	* gnu/javax/security/auth/callback/GnuCallbacks.java:
+	(GnuCallbacks()): Add @Override to run() implementation
+	in anonymous inner class.
+	* gnu/javax/security/auth/callback/SwingCallbackHandler.java:
+	(handleChoice(ChoiceCallback)): Add @Override to method
+	and methods of anonymous inner classes. Refer to
+	constants using interface where they appear.
+	(handleConfirmation(ConfirmationCallback)): Add @Override
+	to method and methods of anonymous inner class. Declare
+	UnsupportedCallbackException as thrown and add default
+	cases and fall-through markers to switch statements.
+	(handleLanguage(LanguageCallback)): Add @Override. Remove
+	unused variable defaultIndex.
+	(handleName(NameCallback)): Add @Override to method and
+	method of anonymous inner class.
+	(handlePassword(PasswordCallback)): Likewise.
+	(handleTextInput(TextInputCallback)): Likewise. Refer to
+	constants using interface where they appear.
+	(handleTextOutput(TextOutputCallback)): Likewise. Declare
+	UnsupportedCallbackException as thrown and add default
+	case to switch statement.
+	(waitForInput(JDialog, Callback)): Make static.
+	* gnu/javax/security/auth/login/ConfigFileParser.java:
+	(initParser(Reader)): Don't declare IOException as thrown
+	as one is never thrown.
+	(expandParamValue(String)): Make static.
+	* gnu/javax/security/auth/login/GnuConfiguration.java:
+	(getAppConfigurationEntry(String)): Add @Override.
+	(refresh()): Likewise.
+	(getInputStreamFromURL(String)): Make static.
+	(parseConfig(InputStream)): Remove unneeded variable.
+	(getUserName()): Make static.
+	(getConfigFromUserName(File,String)): Likewise.
+	* java/security/AccessControlContext.java:
+	(equals(Object)): Add @Override.
+	(hashCode()): Likewise.
+	* java/security/AlgorithmParameters.java:
+	(toString()): Add @Override.
+	* java/security/AllPermission.java:
+	(AllPermission(String,String)): Suppress
+	warning about actions variable being unused.
+	(implies(Permission)): Add @Override.
+	(equals(Object)): Likewise.
+	(hashCode()): Likewise.
+	(getActions()): Likewise.
+	(newPermissionCollection()): Likewise.
+	(AllPermissionCollection()): Add public constructor
+	to avoid generating a synthetic accessor method.
+	* java/security/BasicPermission.java:
+	Remove unneeded Serializable reference.
+	(BasicPermission(String,String)): Suppress
+	warnings about actions variable being unused.
+	(getActions()): Add @Override.
+	(newPermissionCollection()): Likewise.
+	* java/security/Certificate.java:
+	Mark with @Deprecated. Fix typo in documentation.
+	* java/security/DigestInputStream.java:
+	(read()): Add @Override.
+	(read(byte[],int,int)): Likewise.
+	(toString()): Likewise.
+	* java/security/DigestOutputStream.java:
+	(write(int)): Add @Override.
+	(write(byte[],int,int)): Likewise.
+	(toString()): Likewise.
+	* java/security/DummyKeyPairGenerator.java:
+	(clone()): Add @Override.
+	(initialize(int,SecureRandom)): Likewise.
+	(initialize(AlgorithmParameterSpec,SecureRandom)):
+	Likewise.
+	(generateKeyPair()): Likewise.
+	* java/security/DummyMessageDigest.java:
+	(clone()): Add @Override.
+	(engineDigest()): Likewise.
+	(engineDigest(byte[],int,int)): Likewise.
+	(engineGetDigestLength()): Likewise.
+	(engineReset()): Likewise.
+	(engineUpdate(byte)): Likewise.
+	(engineUpdate(byte[],int,int)): Likewise.
+	* java/security/Identity.java:
+	Mark as @Deprecated. Fix typo in documentation.
+	(getName()): Add @Override.
+	(equals(Object)): Likewise.
+	(toString()): Likewise.
+	(toString(boolean)): Remove unnecessary else clause.
+	(hashCode()): Add @Override.
+	* java/security/IdentityScope.java:
+	Mark as @Deprecated.
+	(toString()): Add @Override.
+	* java/security/IntersectingDomainCombiner.java:
+	(combine(ProtectionDomain[],ProtectionDomain[])):
+	Add @Override.
+	* java/security/KeyPairGenerator.java:
+	(generateKeyPair()): Add @Override.
+	* java/security/KeyPairGeneratorSpi.java:
+	(initialize(AlgorithmParameterSpec,SecureRandom)):
+	Suppress warning about making this method static.
+	Intended to be overridden by subclasses.
+	(clone()): Add @Override.
+	* java/security/KeyStore.java:
+	(getInstance(String,Provider)): Fix typo in documentation.
+	(getDefaultType()): Add @Override to run() in anonymous
+	inner class.
+	* java/security/MessageDigest.java:
+	(toString()): Add @Override.
+	(clone()): Likewise.
+	* java/security/MessageDigestSpi.java:
+	(engineGetDigestLength()): Suppress warning about
+	making this method static. Intended to be overridden
+	by subclasses.
+	(clone()): Add @Override.
+	* java/security/Permission.java:
+	(checkGuard(Object)): Add @Override.
+	(equals(Object)): Likewise.
+	(hashCode()): Likewise.
+	(newPermissionCollection()): Likewise.
+	(toString()): Likewise.
+	* java/security/PermissionCollection.java:
+	(toString()): Add @Override.
+	* java/security/Permissions.java:
+	Remove unneeded Serializable reference.
+	(elements()): Add @Override to hasMoreElements
+	and nextElement methods in anonymous inner class.
+	(PermissionsHash.PermissionsHash()): Add explicit
+	constructor to avoid a synthetic accessor method.
+	(add(Permission)): Mark synchronized.
+	(implies(Permission)): Likewise.
+	* java/security/Policy.java:
+	(implies(ProtectionDomain,Permission)): Remove
+	unnecessary cast.
+	* java/security/Principal.java:
+	(equals(Object)): Add @Override.
+	(toString()): Likewise.
+	(hashCode()): Likewise.
+	* java/security/PrivilegedActionException.java:
+	(getCause()): Add @Override.
+	(toString()): Removed; pointless as it just calls
+	superclass version.
+	* java/security/ProtectionDomain.java:
+	(ProtectionDomain(CodeSource,PermissionCollection,
+	ClassLoader,Principal[],boolean)): Remove unnecessary
+	cast.
+	(getPrincipals()): Add @Override.
+	(toString()): Likewise.
+	* java/security/Provider.java:
+	Remove unneeded Serializable reference.
+	(put(Object,Object)): Add @Override. Suppress warnings
+	about overridding a synchronized method as all collection
+	modifications are made in synchronized superclass method.
+	(get(Object)): Likewise.
+	(remove(Object)): Likewise.
+	(clear()): Likewise.
+	(toString()): Add @Override. Suppress warning about
+	overridding a synchronized method as the collection isn't
+	used.
+	(toCanonicalKey(Object)): Make static.
+	* java/security/SecureClassLoader.java:
+	(getPermissions(CodeSource)): Suppress warning about
+	making this method static; may potentially be overridden
+	by subclasses. Avoid unnecessary variable policy.
+	* java/security/SecureRandom.java:
+	(setSeed(byte[])): Make synchronized to prevent
+	concurrent access to secureRandomSpi.
+	(setSeed(long)): Add @Override and make synchronized.
+	(nextBytes(byte[])): Likewise.
+	(next(int)): Likewise.
+	(generateSeed(byte[])): Make synchronized.
+	* java/security/Security.java:
+	(getAlgorithmProperty(String,String)): Add @Deprecated.
+	(getProvider(String)): Remove unnecessary else clause.
+	(getAlgorithm(String)): Use provs instead of providers
+	to avoid shadowing class variable.
+	(provides(Provider,String,String,String,String)): Set
+	serviceDotAlgorithm to the empty string to avoid null
+	pointer issues.
+	* java/security/SecurityPermission.java:
+	(SecurityPermission(String,String)): Suppress warning
+	due to nothing being done with actions.
+	* java/security/Signature.java:
+	(sign()): Remove unnecessary else clause.
+	(sign(byte[],int,int)): Likewise.
+	(verify(byte[])): Likewise.
+	(toString()): Mark @Override.
+	(setParameter(String,Object)): Add @Deprecated.
+	(getParameter(String)): Likewise.
+	(clone()): Add @Override.
+	* java/security/SignatureSpi.java:
+	(engineSetParameter(String,Object)): Add @Deprecated.
+	(engineSetParameter(AlgorithmParameterSpec)): Suppress
+	warnings about unused variables, unthrown exceptions and
+	ability to be a static method. Subclasses override this.
+	(engineGetParameters()): Suppress warnings about making
+	this method static.
+	(engineGetParameter(String)): Add @Deprecated.
+	* java/security/SignedObject.java:
+	(getSignature()): Remove unnecessary cast.
+	(readObject(ObjectInputStream)): Likewise x 2.
+	* java/security/Signer.java:
+	Mark as @Deprecated.
+	(toString()): Add @Override.
+	* java/security/UnresolvedPermission.java:
+	(getUnresolvedCerts()): Remove unnecessaary cast.
+	(UnresolvedPermissionCollection.elements()):
+	Add @Override to hasMoreElements and nextElement.
+	* java/security/acl/Acl.java:
+	(toString()): Add @Override.
+	* java/security/acl/AclEntry.java:
+	(setPrincipal(Principal)): Fix formatting of documentation.
+	(addPermission(Permission)): Likewise.
+	(removePermission(Permission)): Likewise.
+	(checkPermission(Permission)): Likewise.
+	(toString()): Add @Override.
+	* java/security/acl/Permission.java:
+	(equals(Object)): Add @Override.
+	(toString()): Likewise.
+	* java/security/cert/CRL.java:
+	(toString()): Add @Override.
+	* java/security/cert/CertPath.java:
+	(equals(Object)): Add @Override.
+	(hashCode()): Likewise.
+	(toString()): Likewise.
+	* java/security/cert/CertPathBuilderException.java:
+	(CertPathBuilderException(Throwable)): Just call
+	superclass constructor.
+	(CertPathBuilderException(String,Throwable)): Likewise.
+	(getMessage()): Removed; provided by superclass.
+	(getCause()): Likewise.
+	(toString()): Likewise.
+	(printStackTrace()): Likewise.
+	(printStackTrace(PrintStream)): Likewise.
+	(printStackTrace(PrintWriter)): Likewise.
+	* java/security/cert/CertPathValidatorException.java:
+	(CertPathValidatorException(String,Throwable)): Just call
+	superclass with both arguments, rather than initCause.
+	(getMessage()): Removed; provided by superclass.
+	(getCause()): Likewise.
+	(toString()): Likewise.
+	(printStackTrace()): Likewise.
+	(printStackTrace(PrintStream)): Likewise.
+	(printStackTrace(PrintWriter)): Likewise.
+	* java/security/cert/CertStoreException.java:
+	(CertStoreException(Throwable)): Just call superclass
+	constructor.
+	(CertStoreException(String,Throwable)): Likewise.
+	(getMessage()): Removed; provided by superclass.
+	(getCause()): Likewise.
+	(toString()): Likewise.
+	(printStackTrace()): Likewise.
+	(printStackTrace(PrintStream)): Likewise.
+	(printStackTrace(PrintWriter)): Likewise.
+	* java/security/cert/CertStoreSpi.java:
+	(CertStoreSpi(CertStoreParameters)): Suppress warnings
+	about exception not being thrown. Present for subclasses.
+	* java/security/cert/Certificate.java:
+	(equals(Object)): Add @Override.
+	(hashCode()): Likewise.
+	(toString()): Likewise.
+	* java/security/cert/CertificateFactorySpi.java:
+	(engineGenerateCertPath(InputStream)): Suppress warnings
+	about unused arguments, exceptions not being thrown and
+	method can be static. Provided for subclass implementations.
+	(engineGenerateCertPath(InputStream,String)): Likewise.
+	(engineGenerateCertPath(List)): Likewise.
+	(engineGetCertPathEncodings()): Likewise.
+	* java/security/cert/CollectionCertStoreParameters.java:
+	(toString()): Add @Override.
+	* java/security/cert/LDAPCertStoreParameters.java:
+	(clone()): Add @Override.
+	(toString()): Likewise.
+	* java/security/cert/PKIXBuilderParameters.java:
+	(toString()): Likewise.
+	* java/security/cert/PKIXCertPathBuilderResult.java:
+	(getCertPath()): Add @Override.
+	(toString()): Likewise.
+	* java/security/cert/PKIXCertPathChecker.java:
+	(clone()): Add @Override.
+	* java/security/cert/PKIXCertPathValidatorResult.java:
+	(clone()): Add @Override.
+	(toString()): Likewise.
+	* java/security/cert/PKIXParameters.java:
+	(clone()): Add @Overrride.
+	(toString()): Likewise.
+	* java/security/cert/PolicyQualifierInfo.java:
+	(PolicyQualifierInfo(byte[])): Remove unnecessary cast.
+	(getEncoded()): Likewise.
+	(toString()): Add @Override.
+	* java/security/cert/TrustAnchor.java:
+	(TrustAnchor(X509Certificate,byte[])): Remove unnecessary cast.
+	(TrustAnchor(String,PublicKey,byte[])): Document exceptions.
+	Catch IOException and throw as IllegalArgumentException.
+	Remove unnecessary casts.
+	(toString()): Add @Override.
+	* java/security/cert/X509CRL.java:
+	(equals(Object)): Add @Override.
+	(hashCode()): Likewise.
+	(getIssuerX500Principal()): Suppress warning about making this
+	static. Should be overridden by subclasses.
+	* java/security/cert/X509CRLEntry.java:
+	(equals(Object):: Add @Override.
+	(hashCode()): Likewise.
+	(toString()): Likewise.
+	* java/security/cert/X509CRLSelector.java:
+	Remove unneeded Cloneable reference.
+	(getIssuerNames()): Remove unneeded else block.
+	(toString()): Add @Override.
+	(match(CRL)): Likewise.
+	(clone()): LIkewise.
+	* java/security/cert/X509CertSelector.java:
+	Remove unneeded Cloneable reference.
+	(makeName(int,String)): Re-use earlier result of Kind.forTag(id).
+	Add default case.
+	(clone()): Add @Override.
+	(getAuthorityKeyIdentifier()): Remove unneeded else block
+	and cast.
+	(getCertificateValid()): Remove unneeded else block.
+	(getExtendedKeyUsage()): Likewise.
+	(getIssuerAsBytes()): Likewise.
+	(getIssuerAsString()): Likewise.
+	(getKeyUsage()): Likewise and remove unneeded cast.
+	(getNameConstraints()): Likewise.
+	(getPathToNames()): Explicitly convert int to Integer.
+	(getPrivateKeyValid()): Suppress static method warning.
+	Method is deliberately useless.
+	(getSubjectAlternativeNames()): Explicitly convert int to
+	Integer.
+	(getSubjectAsBytes()): Remove unneeded else block.
+	(getSubjectAsString()): Likewise.
+	(getSubjectKeyIdentifier()): Likewise and remove unneeded
+	cast.
+	(match(Certificate)): Add @Override. Rename cert to other
+	to avoid shadowing.
+	(setNameConstraints(byte[])): Remove unnecessary cast.
+	Suppress warnings about NameConstraints instance being unused.
+	(setPrivateKeyValid()): Suppress unused variable warning.
+	Method is deliberately useless.
+	(setSubjectPublicKey(PublicKey)): Remove unneeded cast.
+	(toString()): Add @Override.
+	* java/security/cert/X509Certificate.java:
+	(getExtendedKeyUsage()): Suppress unthrown exception warning
+	and static method suggestion. Overridden by subclasses.
+	(getSubjectAlternativeNames()): Likewise.
+	(getIssuerAlternativeNames()): Likewise.
+	(getSubjectX500Principal()): Suppress static method suggestion.
+	Overridden by subclasses.
+	(getIssuerX500Principal()): Likewise.
+	* java/security/spec/DSAParameterSpec.java:
+	(getP()): Add @Override.
+	(getQ()): Likewise.
+	(getG()): Likewise.
+	* java/security/spec/PKCS8EncodedKeySpec.java:
+	(getEncoded()): Add @Override.
+	(getFormat()): Likewise.
+	* java/security/spec/RSAMultiPrimePrivateCrtKeySpec.java:
+	(RSAMultiPrimePrivateCrtKeySpec(BigInteger,BigInteger,BigInteger,
+	BigInteger,BigInteger,BigInteger,BigInteger,BigInteger,
+	RSAOtherPrimeInfo[])): Remove unneeded else block.
+	* java/security/spec/X509EncodedKeySpec.java:
+	(getEncoded()): Add @Override.
+	(getFormat()): Likewise.
+	* javax/security/auth/Policy.java:
+	Add @Deprecated.
+	* javax/security/auth/PrivateCredentialPermission.java:
+	Remove unneeded Serializable reference.
+	(equals(Object)): Add @Override. Rename principals to
+	thisPrincipals to avoid shadowing.
+	(getActions()): Add @Override.
+	(hashCode()): Likewise.
+	(implies(Permission)): Likewise. Rename principals to
+	thisPrincipals to avoid shadowing.
+	(newPermissionCollection()): Add @Override to method
+	and anonymous inner class implementations of equals(Object) &
+	hashCode().
+	* javax/security/auth/SubjectDomainCombiner.java:
+	(combine(ProtectionDomain[],ProtectionDomain[])): Add @Override.
+	* javax/security/auth/callback/ConfirmationCallback.java:
+	(setOptions(String[],int)): Move reference to options.length to
+	after options null check.
+	* javax/security/auth/kerberos/KerberosKey.java:
+	Remove unneeded Serializable reference.
+	(getAlgorithm()): Add @Override.
+	(getFormat()): Likewise.
+	(getEncoded()): Likewise and remove unnecessary cast.
+	(destroy()): Add @Override.
+	(isDestroyed()): Likewise.
+	(toString()): Likewise.
+	* javax/security/auth/kerberos/KerberosPrincipal.java:
+	(getName()): Add @Override.
+	(hashCode()): Likewise.
+	(equals(Object)): Likewise.
+	(toString()): Likewise.
+	* javax/security/auth/kerberos/KerberosTicket.java:
+	(asn1Encoding): Remove @SuppressWarnings.
+	(KerberosTicket(byte[],KerberosPrincipal,KerberosPrincipal,
+	byte[],int,boolean[],Date,Date,Date,Date,InetAddress[])):
+	Remove unnecessary cast. Remove duplicate assignment to flags.
+	(destroy()): Add @Override.
+	(isDestroyed()): Likewise.
+	(isCurrent()): Likewise.
+	(refresh()): Likewise.
+	(getFlags()): Remove unnecessary cast.
+	(getEncoded()): Likewise.
+	(toString()): Add @Override.
+	* javax/security/auth/kerberos/KeyImpl.java:
+	Remove unneeded Serializable reference.
+	(KeyImpl(byte[],int)): Remove unnecessary cast.
+	(getAlgorithm()): Add @Override.
+	(getEncoded()): Likewise.
+	(getFormat()): Likewise.
+	(toString()): Likewise.
+	* javax/security/auth/login/AppConfigurationEntry.java:
+	(toString()): Add @Override.
+	(LoginModuleControlFlag.toString()): Likewise.
+	* javax/security/auth/login/Configuration.java:
+	(getConfig()): Use GetSecurityPropertyAction rather than
+	a bespoke PrivilegedAction implementation.
+	* javax/security/auth/login/LoginContext.java:
+	(LoginContext(String,Subject,CallbackHandler,Configuration)):
+	Rename entries to appEntries to avoid shadowing.
+	(lookupModule(AppConfigurationEntry,Subject,Map)): Rename
+	subject to subj to avoid shadowing. Check module is null
+	rather than cause is non-null.
+	* javax/security/auth/login/NullConfiguration.java:
+	(getAppConfigurationEntry(String)): Add @Override.
+	(refresh()): Likewise.
+	* javax/security/auth/x500/X500Principal.java:
+	(hashCode()): Add @Override.
+	(equals(Object)): Likewise.
+	(getEncoded()): Remove unnecessary cast.
+	(getName()): Add @Override.
+	(toString()): Likewise.
+	(readAttributeType(Reader)): Make static.
+	(parseDer(InputStream)): Rename encoded to encodedStream to
+	avoid shadowing.
+	* javax/security/auth/x500/X500PrivateCredential.java:
+	(destroy()): Add @Override.
+	(isDestroyed()): Likewise.
+	* javax/security/cert/Certificate.java:
+	(equals(Object)): Add @Override.
+	(hashCode()): Likewise.
+	(toString()): Likewise.
+	* javax/security/cert/X509CertBridge.java:
+	(getEncoded()): Add @Override.
+	(verify(PublicKey)): Likewise.
+	(verify(PublicKey,String)): Likewise.
+	(toString()): Likewise.
+	(getPublicKey()): Likewise.
+	(checkValidity()): Likewise.
+	(checkValidity(Date)): Likewise.
+	(getVersion()): Likewise.
+	(getSerialNumber()): Likewise.
+	(getIssuerDN()): Likewise.
+	(getSubjectDN()): Likewise.
+	(getNotBefore()): Likewise.
+	(getNotAfter()): Likewise.
+	(getSigAlgName()): Likewise.
+	(getSigAlgOID()): Likewise.
+	(getSigAlgParams()): Likewise.
+	* javax/security/sasl/Sasl.java:
+	(createSaslClient(String[],String,String,String,Map,CallbackHandler)):
+	Remove unnecessary else clause and pointless result assignment.
+	(createSaslServer(String,String,String,Map,CallbackHandler)): Likewise.
+	* javax/security/sasl/SaslException.java:
+	Remove unneeded Serializable reference.
+	(SaslException(String,Throwable)): Add cause to superclass call.
+	(getCause()): Add @Override.
+	(printStackTrace()): Removed; provided by superclass.
+	(printStackTrace(PrintStream)): Likewise.
+	(printStackTrace(PrintWriter)): Likewise.
+	(initCause(Throwable)): Call superclass version, then sync the
+	local copy.
+	(toString()): Add @Override.
+
 2015-02-02  Andrew John Hughes  <gnu_andrew@member.fsf.org>
 
 	PR classpath/64902
diff --git a/configure.ac b/configure.ac
index 2a4177893..547ca1dcc 100644
--- a/configure.ac
+++ b/configure.ac
@@ -872,7 +872,7 @@ AC_ARG_ENABLE([warnings],
 AC_MSG_RESULT(${WARNINGS})
 if test "x$WARNINGS" = "xtrue"; then
   JAVAC_WARNINGS="-Xlint:unchecked,cast,divzero,empty,finally,overrides"
-  ECJ_WARNINGS="-warn:+all -warn:-deprecation,emptyBlock,nls,resource,serial,unavoidableGenericProblems,unqualifiedField,unusedPrivate"
+  ECJ_WARNINGS="-warn:+all -warn:-deprecation,emptyBlock,nls,resource,serial,unavoidableGenericProblems,unqualifiedField,unusedPrivate,paramAssign,super,boxing"
   AC_SUBST(JAVAC_WARNINGS)
   AC_SUBST(ECJ_WARNINGS)
 else
diff --git a/gnu/java/security/OID.java b/gnu/java/security/OID.java
index c6b977e00..2a5355490 100644
--- a/gnu/java/security/OID.java
+++ b/gnu/java/security/OID.java
@@ -1,5 +1,5 @@
 /* OID.java -- numeric representation of an object identifier
-   Copyright (C) 2003, 2004, 2005, 2006, 2014  Free Software Foundation, Inc.
+   Copyright (C) 2003, 2004, 2005, 2006, 2014, 2015  Free Software Foundation, Inc.
 
 This file is part of GNU Classpath.
 
@@ -125,7 +125,7 @@ public class OID implements Cloneable, Comparable<OID>, java.io.Serializable
   {
     if (components == null || components.length == 0)
       throw new IllegalArgumentException();
-    this.components = (int[]) components.clone();
+    this.components = components.clone();
     this.relative = relative;
   }
 
@@ -221,7 +221,7 @@ public class OID implements Cloneable, Comparable<OID>, java.io.Serializable
    */
   public OID(byte[] encoded, boolean relative) throws IOException
   {
-    der = (byte[]) encoded.clone();
+    der = encoded.clone();
     this.relative = relative;
     try
       {
@@ -245,7 +245,7 @@ public class OID implements Cloneable, Comparable<OID>, java.io.Serializable
    */
   public int[] getIDs()
   {
-    return (int[]) components.clone();
+    return components.clone();
   }
 
   /**
@@ -269,7 +269,7 @@ public class OID implements Cloneable, Comparable<OID>, java.io.Serializable
           encodeSubID(bout, components[i]);
         der = bout.toByteArray();
       }
-    return (byte[]) der.clone();
+    return der.clone();
   }
 
   /**
@@ -321,6 +321,7 @@ public class OID implements Cloneable, Comparable<OID>, java.io.Serializable
    *
    * @return The copy.
    */
+  @Override
   public Object clone()
   {
     try
@@ -355,21 +356,19 @@ public class OID implements Cloneable, Comparable<OID>, java.io.Serializable
    *
    * @return The string representation.
    */
+  @Override
   public String toString()
   {
     if (strRep != null)
       return strRep;
-    else
+    CPStringBuilder buf = new CPStringBuilder();
+    for (int i = 0; i < components.length; i++)
       {
-        CPStringBuilder buf = new CPStringBuilder();
-        for (int i = 0; i < components.length; i++)
-          {
-            buf.append((long) components[i] & 0xFFFFFFFFL);
-            if (i < components.length - 1)
-              buf.append('.');
-          }
-        return (strRep = buf.toString());
+	buf.append(components[i] & 0xFFFFFFFFL);
+	if (i < components.length - 1)
+	  buf.append('.');
       }
+    return (strRep = buf.toString());
   }
 
   /**
@@ -377,6 +376,7 @@ public class OID implements Cloneable, Comparable<OID>, java.io.Serializable
    *
    * @return The hash code.
    */
+  @Override
   public int hashCode()
   {
     int ret = 0;
@@ -390,6 +390,7 @@ public class OID implements Cloneable, Comparable<OID>, java.io.Serializable
    *
    * @return Whether or not this OID equals the other.
    */
+  @Override
   public boolean equals(Object o)
   {
     if (!(o instanceof OID))
@@ -410,6 +411,7 @@ public class OID implements Cloneable, Comparable<OID>, java.io.Serializable
    *         argument.
    * @throws ClassCastException If <i>o</i> is not an OID.
    */
+  @Override
   public int compareTo(OID o)
   {
     if (equals(o))
diff --git a/gnu/java/security/PolicyFile.java b/gnu/java/security/PolicyFile.java
index 96957b0ed..ff066c29d 100644
--- a/gnu/java/security/PolicyFile.java
+++ b/gnu/java/security/PolicyFile.java
@@ -1,5 +1,5 @@
 /* PolicyFile.java -- policy file reader
-   Copyright (C) 2004, 2005, 2006  Free Software Foundation, Inc.
+   Copyright (C) 2004, 2005, 2006, 2015  Free Software Foundation, Inc.
 
 This file is part of GNU Classpath.
 
@@ -176,6 +176,7 @@ public final class PolicyFile extends Policy
   // Instance methods.
   // -------------------------------------------------------------------------
 
+  @Override
   public PermissionCollection getPermissions(CodeSource codeSource)
   {
     Permissions perms = new Permissions();
@@ -201,6 +202,7 @@ public final class PolicyFile extends Policy
     return perms;
   }
 
+  @Override
   public void refresh()
   {
     cs2pc.clear();
@@ -213,6 +215,7 @@ public final class PolicyFile extends Policy
         AccessController.doPrivileged(
           new PrivilegedExceptionAction<Void>()
           {
+	    @Override
             public Void run() throws Exception
             {
               String allow = Security.getProperty ("policy.allowSystemProperty");
@@ -270,6 +273,7 @@ public final class PolicyFile extends Policy
       }
   }
 
+  @Override
   public String toString()
   {
     return super.toString() + " [ " + cs2pc.toString() + " ]";
@@ -290,6 +294,7 @@ public final class PolicyFile extends Policy
    * @throws IOException if an I/O error occurs, or if the policy file
    * cannot be parsed.
    */
+  @SuppressWarnings("null") // Exception is thrown if p == null
   private void parse(final URL url) throws IOException
   {
     logger.log (Component.POLICY, "reading policy file from {0}", url);
@@ -343,6 +348,7 @@ public final class PolicyFile extends Policy
             if (tok != ';')
               in.pushBack();
             continue;
+	  default: // do nothing
           }
         if (tok != StreamTokenizer.TT_WORD)
           {
@@ -376,7 +382,7 @@ public final class PolicyFile extends Policy
               }
             catch (Exception x)
               {
-                error(url, in, x.toString());
+                error(url, in, x);
               }
           }
         else if (in.sval.equalsIgnoreCase("grant"))
@@ -408,7 +414,7 @@ public final class PolicyFile extends Policy
                       }
                     catch (KeyStoreException kse)
                       {
-                        error(url, in, kse.toString());
+                        error(url, in, kse);
                       }
                   }
               }
@@ -436,7 +442,7 @@ public final class PolicyFile extends Policy
               }
             catch (MalformedURLException mue)
               {
-                error(url, in, mue.toString());
+                error(url, in, mue);
               }
             tok = in.nextToken();
             if (tok != ',')
@@ -463,8 +469,9 @@ public final class PolicyFile extends Policy
                   }
                 catch (Exception x)
                   {
-                    error(url, in, x.toString());
+                    error(url, in, x);
                   }
+		if (p == null) error(url, in, "Principal object not created");
                 for (Iterator<KeyStore> it = keystores.iterator(); it.hasNext(); )
                   {
                     KeyStore ks = it.next();
@@ -479,14 +486,14 @@ public final class PolicyFile extends Policy
                                 if (!(cert instanceof X509Certificate))
                                   continue;
                                 if (p.equals(((X509Certificate) cert).getSubjectDN()) ||
-                                    p.equals(((X509Certificate) cert).getSubjectX500Principal()))
+				    p.equals(((X509Certificate) cert).getSubjectX500Principal()))
                                   currentCerts.add(cert);
                               }
                           }
                       }
                     catch (KeyStoreException kse)
                       {
-                        error(url, in, kse.toString());
+                        error(url, in, kse);
                       }
                   }
               }
@@ -503,7 +510,7 @@ public final class PolicyFile extends Policy
                       }
                     catch (KeyStoreException kse)
                       {
-                        error(url, in, kse.toString());
+                        error(url, in, kse);
                       }
                   }
               }
@@ -535,7 +542,7 @@ public final class PolicyFile extends Policy
                 if (clazz == null)
                   {
                     currentPerms.add(new UnresolvedPermission(className,
-                      null, null, (Certificate[]) currentCerts.toArray(new Certificate[currentCerts.size()])));
+                      null, null, currentCerts.toArray(new Certificate[currentCerts.size()])));
                     continue;
                   }
                 try
@@ -544,7 +551,7 @@ public final class PolicyFile extends Policy
                   }
                 catch (Exception x)
                   {
-                    error(url, in, x.toString());
+                    error(url, in, x);
                   }
                 continue;
               }
@@ -557,7 +564,7 @@ public final class PolicyFile extends Policy
                 if (clazz == null)
                   {
                     currentPerms.add(new UnresolvedPermission(className,
-                      target, null, (Certificate[]) currentCerts.toArray(new Certificate[currentCerts.size()])));
+                      target, null, currentCerts.toArray(new Certificate[currentCerts.size()])));
                     continue;
                   }
                 try
@@ -569,7 +576,7 @@ public final class PolicyFile extends Policy
                   }
                 catch (Exception x)
                   {
-                    error(url, in, x.toString());
+                    error(url, in, x);
                   }
                 continue;
               }
@@ -589,7 +596,7 @@ public final class PolicyFile extends Policy
                   }
                 catch (Exception x)
                   {
-                    error(url, in, x.toString());
+                    error(url, in, x);
                   }
                 in.pushBack();
                 continue;
@@ -603,20 +610,17 @@ public final class PolicyFile extends Policy
 		  target, action, (currentCerts.toArray(new Certificate[currentCerts.size()]))));
                 continue;
               }
-            else
-              {
-                try
-                  {
-                    Constructor<?> c = clazz.getConstructor(
-                      new Class[] { String.class, String.class });
-                    currentPerms.add((Permission) c.newInstance(
-                      new Object[] { target, action }));
-                  }
-                catch (Exception x)
-                  {
-                    error(url, in, x.toString());
-                  }
-              }
+	    try
+	      {
+		Constructor<?> c = clazz.getConstructor(
+                    new Class[] { String.class, String.class });
+		currentPerms.add((Permission) c.newInstance(
+                    new Object[] { target, action }));
+	      }
+	    catch (Exception x)
+	      {
+		error(url, in, x);
+	      }
             tok = in.nextToken();
             if (tok != ';' && tok != ',')
               error(url, in, "expecting ';' or ','");
@@ -631,7 +635,7 @@ public final class PolicyFile extends Policy
   private static String expand(final String s)
   {
     final CPStringBuilder result = new CPStringBuilder();
-    final CPStringBuilder prop = new CPStringBuilder();
+    final CPStringBuilder propBuf = new CPStringBuilder();
     int state = 0;
     for (int i = 0; i < s.length(); i++)
       {
@@ -655,32 +659,41 @@ public final class PolicyFile extends Policy
           case 2:
             if (s.charAt(i) == '}')
               {
-                String p = prop.toString();
+                String p = propBuf.toString();
                 if (p.equals("/"))
                   p = "file.separator";
                 p = System.getProperty(p);
                 if (p == null)
                   p = "";
                 result.append(p);
-                prop.setLength(0);
+                propBuf.setLength(0);
                 state = 0;
               }
             else
-              prop.append(s.charAt(i));
+              propBuf.append(s.charAt(i));
             break;
+	  default:
+	    // State is never set to anything else
           }
       }
     if (state != 0)
-      result.append('$').append('{').append(prop);
+      result.append('$').append('{').append(propBuf);
     return result.toString();
   }
 
   /**
    * I miss macros.
    */
+  private static void error(URL base, StreamTokenizer in, Throwable cause)
+    throws IOException
+  {
+    throw new IOException(base+":"+in.lineno()+": "+cause.toString(), cause);
+  }
+
   private static void error(URL base, StreamTokenizer in, String msg)
     throws IOException
   {
     throw new IOException(base+":"+in.lineno()+": "+msg);
   }
+
 }
diff --git a/gnu/java/security/Properties.java b/gnu/java/security/Properties.java
index 7a664fc74..2ecb87a06 100644
--- a/gnu/java/security/Properties.java
+++ b/gnu/java/security/Properties.java
@@ -1,5 +1,5 @@
 /* Properties.java -- run-time configuration properties.
-   Copyright (C) 2003, 2004, 2006, 2010, 2014  Free Software Foundation, Inc.
+   Copyright (C) 2003, 2004, 2006, 2010, 2014, 2015  Free Software Foundation, Inc.
 
 This file is a part of GNU Classpath.
 
@@ -312,14 +312,14 @@ public final class Properties
     handleBooleanProperty(CHECK_WEAK_KEYS);
     handleBooleanProperty(DO_RSA_BLINDING);
     // re-sync the 'known' properties
-    reproducible = Boolean.valueOf((String) props.get(REPRODUCIBLE_PRNG)).booleanValue();
-    checkForWeakKeys = Boolean.valueOf((String) props.get(CHECK_WEAK_KEYS)).booleanValue();
-    doRSABlinding = Boolean.valueOf((String) props.get(DO_RSA_BLINDING)).booleanValue();
+    reproducible = Boolean.valueOf(props.get(REPRODUCIBLE_PRNG)).booleanValue();
+    checkForWeakKeys = Boolean.valueOf(props.get(CHECK_WEAK_KEYS)).booleanValue();
+    doRSABlinding = Boolean.valueOf(props.get(DO_RSA_BLINDING)).booleanValue();
     // This does not change.
     props.put(VERSION, Registry.VERSION_STRING);
   }
 
-  private void handleBooleanProperty(final String name)
+  private static void handleBooleanProperty(final String name)
   {
     String s = null;
     try
diff --git a/gnu/java/security/action/GetPropertyAction.java b/gnu/java/security/action/GetPropertyAction.java
index 7295d8d5a..248bb32ec 100644
--- a/gnu/java/security/action/GetPropertyAction.java
+++ b/gnu/java/security/action/GetPropertyAction.java
@@ -1,5 +1,5 @@
 /* GetPropertyAction.java
-   Copyright (C) 2004 Free Software Foundation, Inc.
+   Copyright (C) 2004, 2015 Free Software Foundation, Inc.
 
 This file is part of GNU Classpath.
 
@@ -68,6 +68,7 @@ public class GetPropertyAction implements PrivilegedAction<String>
     setParameters(propName, defaultValue);
   }
 
+  @Override
   public String run()
   {
     return System.getProperty(name, value);
diff --git a/gnu/java/security/action/GetSecurityPropertyAction.java b/gnu/java/security/action/GetSecurityPropertyAction.java
index ac928ca33..46484e9f8 100644
--- a/gnu/java/security/action/GetSecurityPropertyAction.java
+++ b/gnu/java/security/action/GetSecurityPropertyAction.java
@@ -1,5 +1,5 @@
 /* GetSecurityPropertyAction.java
-   Copyright (C) 2004 Free Software Foundation, Inc.
+   Copyright (C) 2004, 2015 Free Software Foundation, Inc.
 
 This file is part of GNU Classpath.
 
@@ -83,6 +83,7 @@ public class GetSecurityPropertyAction implements PrivilegedAction<String>
     return this;
   }
 
+  @Override
   public String run()
   {
     String val = Security.getProperty(name);
diff --git a/gnu/java/security/ber/BERReader.java b/gnu/java/security/ber/BERReader.java
index 53a3f3ee9..bb653600d 100644
--- a/gnu/java/security/ber/BERReader.java
+++ b/gnu/java/security/ber/BERReader.java
@@ -1,5 +1,5 @@
 /* BERReader.java -- basic encoding rules (BER) reader.
-   Copyright (C) 2004  Free Software Foundation, Inc.
+   Copyright (C) 2004, 2015  Free Software Foundation, Inc.
 
 This file is part of GNU Classpath.
 
@@ -73,6 +73,7 @@ public class BERReader extends DERReader implements BER
     super(in);
   }
 
+  @Override
   public DERValue read() throws IOException
   {
     in.mark(2);
@@ -86,11 +87,8 @@ public class BERReader extends DERReader implements BER
           return END_OF_SEQUENCE;
         return new BERValue(tag, CONSTRUCTED_VALUE, new byte[] { (byte) tag, 0 });
       }
-    else
-      {
-        in.reset();
-        return super.read();
-      }
+    in.reset();
+    return super.read();
   }
 
   public int peek() throws IOException
diff --git a/gnu/java/security/ber/BERValue.java b/gnu/java/security/ber/BERValue.java
index aeaef39bf..b9acd222d 100644
--- a/gnu/java/security/ber/BERValue.java
+++ b/gnu/java/security/ber/BERValue.java
@@ -1,5 +1,5 @@
 /* BERReader.java -- basic encoding rules (BER) value.
-   Copyright (C) 2004  Free Software Foundation, Inc.
+   Copyright (C) 2004, 2015  Free Software Foundation, Inc.
 
 This file is part of GNU Classpath.
 
@@ -73,6 +73,7 @@ public class BERValue extends DERValue
     return indefinite;
   }
 
+  @Override
   public int getLength()
   {
     if (indefinite)
diff --git a/gnu/java/security/der/BitString.java b/gnu/java/security/der/BitString.java
index c7032ccfc..f44480385 100644
--- a/gnu/java/security/der/BitString.java
+++ b/gnu/java/security/der/BitString.java
@@ -1,5 +1,5 @@
 /* BitString.java -- Java representation of the BIT STRING type.
-   Copyright (C) 2003, 2014 Free Software Foundation, Inc.
+   Copyright (C) 2003, 2014, 2015 Free Software Foundation, Inc.
 
 This file is part of GNU Classpath.
 
@@ -197,10 +197,10 @@ public class BitString implements Cloneable, Comparable<BitString>
   public byte[] toByteArray()
   {
     if (ignoredBits == 0)
-      return (byte[]) bytes.clone();
+      return bytes.clone();
     if (externBytes == null)
       externBytes = new BigInteger(bytes).shiftRight(ignoredBits).toByteArray();
-    return (byte[]) externBytes.clone();
+    return externBytes.clone();
   }
 
   /**
@@ -212,7 +212,7 @@ public class BitString implements Cloneable, Comparable<BitString>
    */
   public byte[] getShiftedByteArray()
   {
-    return (byte[]) bytes.clone();
+    return bytes.clone();
   }
 
   /**
@@ -258,9 +258,10 @@ public class BitString implements Cloneable, Comparable<BitString>
               }
           }
       }
-    return (boolean[]) boolVal.clone();
+    return boolVal.clone();
   }
 
+  @Override
   public Object clone()
   {
     try
@@ -288,6 +289,7 @@ public class BitString implements Cloneable, Comparable<BitString>
     return 0; // not reached.
   }
 
+  @Override
   public int hashCode()
   {
     int result = 0;
@@ -301,6 +303,7 @@ public class BitString implements Cloneable, Comparable<BitString>
     return result;
   }
 
+  @Override
   public boolean equals(Object o)
   {
     if (!(o instanceof BitString))
@@ -314,6 +317,7 @@ public class BitString implements Cloneable, Comparable<BitString>
     return false;
   }
 
+  @Override
   public String toString()
   {
     CPStringBuilder sb = new CPStringBuilder();
diff --git a/gnu/java/security/der/DERReader.java b/gnu/java/security/der/DERReader.java
index cd552c8be..b061a27e2 100644
--- a/gnu/java/security/der/DERReader.java
+++ b/gnu/java/security/der/DERReader.java
@@ -1,5 +1,5 @@
 /* DERReader.java -- parses ASN.1 DER sequences
-   Copyright (C) 2003 Free Software Foundation, Inc.
+   Copyright (C) 2003, 2014, 2015 Free Software Foundation, Inc.
 
 This file is part of GNU Classpath.
 
@@ -346,7 +346,7 @@ public class DERReader implements DER
     return str.toString();
   }
 
-  private Date makeTime(int tag, byte[] value) throws IOException
+  private static Date makeTime(int tag, byte[] value) throws IOException
   {
     Calendar calendar = Calendar.getInstance();
     String str = makeString(PRINTABLE_STRING, value);
@@ -415,18 +415,23 @@ public class DERReader implements DER
               Integer.parseInt(date.substring(8, 10)), 0); // hour, min
             switch (date.length())
               {
-                case 19:
+	        case 19:
                 case 18:
                 case 17:
                 case 16:
                   calendar.set(Calendar.MILLISECOND,
                     Integer.parseInt(date.substring(15)));
+		  //$FALL-THROUGH$
                 case 14:
                   calendar.set(Calendar.SECOND,
                     Integer.parseInt(date.substring(12, 14)));
+		  //$FALL-THROUGH$
                 case 12:
                   calendar.set(Calendar.MINUTE,
                     Integer.parseInt(date.substring(10, 12)));
+		  break;
+	        default: // length of 15, 13 or 11
+		  throw new DEREncodingException("cannot parse date"); 
               }
           }
         catch (NumberFormatException nfe)
diff --git a/gnu/java/security/der/DERValue.java b/gnu/java/security/der/DERValue.java
index 2cbe34573..1cc6d4e39 100644
--- a/gnu/java/security/der/DERValue.java
+++ b/gnu/java/security/der/DERValue.java
@@ -1,5 +1,5 @@
 /* DERValue.java -- a value read or written to a DER encoding.
-   Copyright (C) 2003 Free Software Foundation, Inc.
+   Copyright (C) 2003, 2014, 2015 Free Software Foundation, Inc.
 
 This file is part of GNU Classpath.
 
@@ -67,7 +67,7 @@ public class DERValue implements DER
     this.length = length;
     this.value = value;
     if (encoded != null)
-      this.encoded = (byte[]) encoded.clone();
+      this.encoded = encoded.clone();
   }
 
   public DERValue(int tag, Object value)
@@ -125,9 +125,9 @@ public class DERValue implements DER
 
   public Object getValueAs (final int derType) throws IOException
   {
-    byte[] encoded = getEncoded ();
-    encoded[0] = (byte) derType;
-    return DERReader.read (encoded).getValue ();
+    byte[] enc = getEncoded();
+    enc[0] = (byte) derType;
+    return DERReader.read(enc).getValue();
   }
 
   public byte[] getEncoded()
@@ -147,7 +147,7 @@ public class DERValue implements DER
             throw iae;
           }
       }
-    return (byte[]) encoded.clone();
+    return encoded.clone();
   }
 
   public int getEncodedLength()
@@ -170,6 +170,7 @@ public class DERValue implements DER
     return encoded.length;
   }
 
+  @Override
   public String toString()
   {
     String start = "DERValue ( [";
diff --git a/gnu/java/security/hash/BaseHash.java b/gnu/java/security/hash/BaseHash.java
index bab930f28..ab41b7175 100644
--- a/gnu/java/security/hash/BaseHash.java
+++ b/gnu/java/security/hash/BaseHash.java
@@ -1,5 +1,5 @@
 /* BaseHash.java --
-   Copyright (C) 2001, 2002, 2006 Free Software Foundation, Inc.
+   Copyright (C) 2001, 2002, 2006, 2014 Free Software Foundation, Inc.
 
 This file is a part of GNU Classpath.
 
@@ -78,21 +78,25 @@ public abstract class BaseHash
     resetContext();
   }
 
+  @Override
   public String name()
   {
     return name;
   }
-
+  
+  @Override
   public int hashSize()
   {
     return hashSize;
   }
 
+  @Override
   public int blockSize()
   {
     return blockSize;
   }
 
+  @Override
   public void update(byte b)
   {
     // compute number of bytes still unhashed; ie. present in buffer
@@ -103,11 +107,13 @@ public abstract class BaseHash
       transform(buffer, 0);
   }
 
+  @Override
   public void update(byte[] b)
   {
     update(b, 0, b.length);
   }
 
+  @Override
   public void update(byte[] b, int offset, int len)
   {
     int n = (int) (count % blockSize);
@@ -128,7 +134,8 @@ public abstract class BaseHash
     if (i < len)
       System.arraycopy(b, offset + i, buffer, n, len - i);
   }
-
+  
+  @Override
   public byte[] digest()
   {
     byte[] tail = padBuffer(); // pad remaining bytes in buffer
@@ -140,6 +147,7 @@ public abstract class BaseHash
     return result;
   }
 
+  @Override
   public void reset()
   { // reset this instance for future re-use
     count = 0L;
@@ -149,8 +157,10 @@ public abstract class BaseHash
     resetContext();
   }
 
+  @Override
   public abstract Object clone();
 
+  @Override
   public abstract boolean selfTest();
 
   /**
diff --git a/gnu/java/security/hash/Haval.java b/gnu/java/security/hash/Haval.java
index 15c303934..0d6635da1 100644
--- a/gnu/java/security/hash/Haval.java
+++ b/gnu/java/security/hash/Haval.java
@@ -1,5 +1,5 @@
 /* Haval.java --
-   Copyright (C) 2003, 2006 Free Software Foundation, Inc.
+   Copyright (C) 2003, 2006, 2015 Free Software Foundation, Inc.
 
 This file is a part of GNU Classpath.
 
@@ -176,14 +176,16 @@ public class Haval
     this.h6 = md.h6;
     this.h7 = md.h7;
     this.count = md.count;
-    this.buffer = (byte[]) md.buffer.clone();
+    this.buffer = md.buffer.clone();
   }
 
+  @Override
   public Object clone()
   {
     return new Haval(this);
   }
 
+  @Override
   protected synchronized void transform(byte[] in, int i)
   {
     int X0 = (in[i++] & 0xFF)
@@ -511,6 +513,7 @@ public class Haval
     h0 += t0;
   }
 
+  @Override
   protected byte[] padBuffer()
   {
     // pad out to 118 mod 128. other 10 bytes have special use.
@@ -540,6 +543,7 @@ public class Haval
     return result;
   }
 
+  @Override
   protected byte[] getResult()
   {
     tailorDigestBits(); // tailor context for the designated output size
@@ -592,6 +596,7 @@ public class Haval
     return result;
   }
 
+  @Override
   protected void resetContext()
   {
     h0 = 0x243F6A88;
@@ -604,6 +609,7 @@ public class Haval
     h7 = 0xEC4E6C89;
   }
 
+  @Override
   public boolean selfTest()
   {
     if (valid == null)
@@ -676,6 +682,9 @@ public class Haval
         h4 += ((h7 >>>  9) & 0x0F);
         h5 += ((h7 >>>  4) & 0x1F);
         h6 +=  (h7         & 0x0F);
+	break;
+      default:
+	// do nothing
       }
   }
 
@@ -772,35 +781,35 @@ public class Haval
     return (t >>> 7 | t << 25) + (x7 >>> 11 | x7 << 21) + w + c;
   }
 
-  private int FF5(int x7, int x6, int x5, int x4, int x3, int x2, int x1,
-                  int x0, int w, int c)
+  private static int FF5(int x7, int x6, int x5, int x4, int x3, int x2, int x1,
+			 int x0, int w, int c)
   {
     int t = f5(x2, x5, x0, x6, x4, x3, x1);
     return (t >>> 7 | t << 25) + (x7 >>> 11 | x7 << 21) + w + c;
   }
 
-  private int f1(int x6, int x5, int x4, int x3, int x2, int x1, int x0)
+  private static int f1(int x6, int x5, int x4, int x3, int x2, int x1, int x0)
   {
     return x1 & (x0 ^ x4) ^ x2 & x5 ^ x3 & x6 ^ x0;
   }
 
-  private int f2(int x6, int x5, int x4, int x3, int x2, int x1, int x0)
+  private static int f2(int x6, int x5, int x4, int x3, int x2, int x1, int x0)
   {
     return x2 & (x1 & ~x3 ^ x4 & x5 ^ x6 ^ x0) ^ x4 & (x1 ^ x5) ^ x3 & x5 ^ x0;
   }
 
-  private int f3(int x6, int x5, int x4, int x3, int x2, int x1, int x0)
+  private static int f3(int x6, int x5, int x4, int x3, int x2, int x1, int x0)
   {
     return x3 & (x1 & x2 ^ x6 ^ x0) ^ x1 & x4 ^ x2 & x5 ^ x0;
   }
 
-  private int f4(int x6, int x5, int x4, int x3, int x2, int x1, int x0)
+  private static int f4(int x6, int x5, int x4, int x3, int x2, int x1, int x0)
   {
     return x4 & (x5 & ~x2 ^ x3 & ~x6 ^ x1 ^ x6 ^ x0) ^ x3
            & (x1 & x2 ^ x5 ^ x6) ^ x2 & x6 ^ x0;
   }
 
-  private int f5(int x6, int x5, int x4, int x3, int x2, int x1, int x0)
+  private static int f5(int x6, int x5, int x4, int x3, int x2, int x1, int x0)
   {
     return x0 & (x1 & x2 & x3 ^ ~x5) ^ x1 & x4 ^ x2 & x5 ^ x3 & x6;
   }
diff --git a/gnu/java/security/hash/MD2.java b/gnu/java/security/hash/MD2.java
index d78af93fa..7f84dd542 100644
--- a/gnu/java/security/hash/MD2.java
+++ b/gnu/java/security/hash/MD2.java
@@ -1,5 +1,5 @@
 /* MD2.java --
-   Copyright (C) 2001, 2002, 2006 Free Software Foundation, Inc.
+   Copyright (C) 2001, 2002, 2006, 2015 Free Software Foundation, Inc.
 
 This file is a part of GNU Classpath.
 
@@ -132,17 +132,19 @@ public class MD2
 
     // superclass field
     this.count = md2.count;
-    this.buffer = (byte[]) md2.buffer.clone();
+    this.buffer = md2.buffer.clone();
     // private field
-    this.checksum = (byte[]) md2.checksum.clone();
-    this.work = (byte[]) md2.work.clone();
+    this.checksum = md2.checksum.clone();
+    this.work = md2.work.clone();
   }
 
+  @Override
   public Object clone()
   {
     return new MD2(this);
   }
 
+  @Override
   protected byte[] getResult()
   {
     byte[] result = new byte[DIGEST_LENGTH];
@@ -154,12 +156,14 @@ public class MD2
     return result;
   }
 
+  @Override
   protected void resetContext()
   {
     checksum = new byte[BLOCK_LENGTH];
     work = new byte[BLOCK_LENGTH * 3];
   }
 
+  @Override
   public boolean selfTest()
   {
     if (valid == null)
@@ -180,6 +184,7 @@ public class MD2
    * @return the bytes to pad the remaining bytes in the buffer before
    * completing a hash operation.
    */
+  @Override
   protected byte[] padBuffer()
   {
     int length = BLOCK_LENGTH - (int) (count % BLOCK_LENGTH);
@@ -199,6 +204,7 @@ public class MD2
    * @param in the byte array to take the <code>BLOCK_LENGTH</code> bytes from.
    * @param off the offset to start from in the given byte array.
    */
+  @Override
   protected void transform(byte[] in, int off)
   {
     updateCheckSumAndEncryptBlock(in, off);
diff --git a/gnu/java/security/hash/MD4.java b/gnu/java/security/hash/MD4.java
index e6ac11bc8..c01c938e8 100644
--- a/gnu/java/security/hash/MD4.java
+++ b/gnu/java/security/hash/MD4.java
@@ -1,5 +1,5 @@
 /* MD4.java --
-   Copyright (C) 2001, 2002, 2006 Free Software Foundation, Inc.
+   Copyright (C) 2001, 2002, 2006, 2014 Free Software Foundation, Inc.
 
 This file is a part of GNU Classpath.
 
@@ -105,14 +105,16 @@ public class MD4
     this.c = that.c;
     this.d = that.d;
     this.count = that.count;
-    this.buffer = (byte[]) that.buffer.clone();
+    this.buffer = that.buffer.clone();
   }
-
+  
+  @Override
   public Object clone()
   {
     return new MD4(this);
   }
 
+  @Override
   protected byte[] getResult()
   {
     return new byte[] {
@@ -122,6 +124,7 @@ public class MD4
         (byte) d, (byte)(d >>> 8), (byte)(d >>> 16), (byte)(d >>> 24) };
   }
 
+  @Override
   protected void resetContext()
   {
     a = A;
@@ -130,16 +133,18 @@ public class MD4
     d = D;
   }
 
+  @Override
   public boolean selfTest()
   {
     if (valid == null)
       {
-        String d = Util.toString(new MD4().digest());
-        valid = Boolean.valueOf(DIGEST0.equals(d));
+        String digest = Util.toString(new MD4().digest());
+        valid = Boolean.valueOf(DIGEST0.equals(digest));
       }
     return valid.booleanValue();
   }
 
+  @Override
   protected byte[] padBuffer()
   {
     int n = (int)(count % BLOCK_LENGTH);
@@ -158,6 +163,7 @@ public class MD4
     return pad;
   }
 
+  @Override
   protected void transform(byte[] in, int i)
   {
     int X0 = (in[i++] & 0xFF)
diff --git a/gnu/java/security/hash/MD5.java b/gnu/java/security/hash/MD5.java
index dfffd3c80..045ccf04e 100644
--- a/gnu/java/security/hash/MD5.java
+++ b/gnu/java/security/hash/MD5.java
@@ -1,5 +1,5 @@
 /* MD5.java --
-   Copyright (C) 2001, 2002, 2006 Free Software Foundation, Inc.
+   Copyright (C) 2001, 2002, 2006, 2015 Free Software Foundation, Inc.
 
 This file is a part of GNU Classpath.
 
@@ -88,14 +88,16 @@ public class MD5
     this.h2 = md.h2;
     this.h3 = md.h3;
     this.count = md.count;
-    this.buffer = (byte[]) md.buffer.clone();
+    this.buffer = md.buffer.clone();
   }
 
+  @Override
   public Object clone()
   {
     return new MD5(this);
   }
 
+  @Override
   protected synchronized void transform(byte[] in, int i)
   {
     int X0 = (in[i++] & 0xFF)
@@ -321,6 +323,7 @@ public class MD5
     h3 += D;
   }
 
+  @Override
   protected byte[] padBuffer()
   {
     int n = (int)(count % BLOCK_SIZE);
@@ -341,6 +344,7 @@ public class MD5
     return result;
   }
 
+  @Override
   protected byte[] getResult()
   {
     return new byte[] {
@@ -350,6 +354,7 @@ public class MD5
         (byte) h3, (byte)(h3 >>> 8), (byte)(h3 >>> 16), (byte)(h3 >>> 24) };
   }
 
+  @Override
   protected void resetContext()
   {
     // magic MD5/RIPEMD128 initialisation constants
@@ -359,6 +364,7 @@ public class MD5
     h3 = 0x10325476;
   }
 
+  @Override
   public boolean selfTest()
   {
     if (valid == null)
diff --git a/gnu/java/security/hash/RipeMD128.java b/gnu/java/security/hash/RipeMD128.java
index bd0adc5e0..9751ed707 100644
--- a/gnu/java/security/hash/RipeMD128.java
+++ b/gnu/java/security/hash/RipeMD128.java
@@ -1,5 +1,5 @@
 /* RipeMD128.java --
-   Copyright (C) 2001, 2002, 2006 Free Software Foundation, Inc.
+   Copyright (C) 2001, 2002, 2006, 2015 Free Software Foundation, Inc.
 
 This file is a part of GNU Classpath.
 
@@ -114,14 +114,16 @@ public class RipeMD128
     this.h2 = md.h2;
     this.h3 = md.h3;
     this.count = md.count;
-    this.buffer = (byte[]) md.buffer.clone();
+    this.buffer = md.buffer.clone();
   }
 
+  @Override
   public Object clone()
   {
     return new RipeMD128(this);
   }
 
+  @Override
   protected void transform(byte[] in, int offset)
   {
     int A, B, C, D, Ap, Bp, Cp, Dp, T, s, i;
@@ -206,6 +208,7 @@ public class RipeMD128
     h0 = T;
   }
 
+  @Override
   protected byte[] padBuffer()
   {
     int n = (int)(count % BLOCK_SIZE);
@@ -226,6 +229,7 @@ public class RipeMD128
     return result;
   }
 
+  @Override
   protected byte[] getResult()
   {
     return new byte[] {
@@ -236,6 +240,7 @@ public class RipeMD128
     };
   }
 
+  @Override
   protected void resetContext()
   {
     // magic RIPEMD128 initialisation constants
@@ -245,6 +250,7 @@ public class RipeMD128
     h3 = 0x10325476;
   }
 
+  @Override
   public boolean selfTest()
   {
     if (valid == null)
diff --git a/gnu/java/security/hash/RipeMD160.java b/gnu/java/security/hash/RipeMD160.java
index 795f5a4b0..ea503c79f 100644
--- a/gnu/java/security/hash/RipeMD160.java
+++ b/gnu/java/security/hash/RipeMD160.java
@@ -1,5 +1,5 @@
 /* RipeMD160.java --
-   Copyright (C) 2001, 2002, 2006 Free Software Foundation, Inc.
+   Copyright (C) 2001, 2002, 2006, 2015 Free Software Foundation, Inc.
 
 This file is a part of GNU Classpath.
 
@@ -118,14 +118,16 @@ public class RipeMD160
     this.h3 = md.h3;
     this.h4 = md.h4;
     this.count = md.count;
-    this.buffer = (byte[]) md.buffer.clone();
+    this.buffer = md.buffer.clone();
   }
 
+  @Override
   public Object clone()
   {
     return (new RipeMD160(this));
   }
 
+  @Override
   protected void transform(byte[] in, int offset)
   {
     int A, B, C, D, E, Ap, Bp, Cp, Dp, Ep, T, s, i;
@@ -238,6 +240,7 @@ public class RipeMD160
     h0 = T;
   }
 
+  @Override
   protected byte[] padBuffer()
   {
     int n = (int)(count % BLOCK_SIZE);
@@ -258,6 +261,7 @@ public class RipeMD160
     return result;
   }
 
+  @Override
   protected byte[] getResult()
   {
     return new byte[] {
@@ -269,6 +273,7 @@ public class RipeMD160
     };
   }
 
+  @Override
   protected void resetContext()
   {
     // magic RIPEMD160 initialisation constants
@@ -279,6 +284,7 @@ public class RipeMD160
     h4 = 0xC3D2E1F0;
   }
 
+  @Override
   public boolean selfTest()
   {
     if (valid == null)
diff --git a/gnu/java/security/hash/Sha160.java b/gnu/java/security/hash/Sha160.java
index 88bf0e405..981a36db1 100644
--- a/gnu/java/security/hash/Sha160.java
+++ b/gnu/java/security/hash/Sha160.java
@@ -1,5 +1,5 @@
 /* Sha160.java --
-   Copyright (C) 2001, 2002, 2006 Free Software Foundation, Inc.
+   Copyright (C) 2001, 2002, 2006, 2015 Free Software Foundation, Inc.
 
 This file is a part of GNU Classpath.
 
@@ -102,7 +102,7 @@ public class Sha160
     this.h3 = md.h3;
     this.h4 = md.h4;
     this.count = md.count;
-    this.buffer = (byte[]) md.buffer.clone();
+    this.buffer = md.buffer.clone();
   }
 
   public static final int[] G(int hh0, int hh1, int hh2, int hh3, int hh4,
@@ -111,11 +111,13 @@ public class Sha160
     return sha(hh0, hh1, hh2, hh3, hh4, in, offset);
   }
 
+  @Override
   public Object clone()
   {
     return new Sha160(this);
   }
 
+  @Override
   protected void transform(byte[] in, int offset)
   {
     int[] result = sha(h0, h1, h2, h3, h4, in, offset);
@@ -126,6 +128,7 @@ public class Sha160
     h4 = result[4];
   }
 
+  @Override
   protected byte[] padBuffer()
   {
     int n = (int)(count % BLOCK_SIZE);
@@ -146,6 +149,7 @@ public class Sha160
     return result;
   }
 
+  @Override
   protected byte[] getResult()
   {
     return new byte[] {
@@ -156,6 +160,7 @@ public class Sha160
         (byte)(h4 >>> 24), (byte)(h4 >>> 16), (byte)(h4 >>> 8), (byte) h4 };
   }
 
+  @Override
   protected void resetContext()
   {
     // magic SHA-1/RIPEMD160 initialisation constants
@@ -166,6 +171,7 @@ public class Sha160
     h4 = 0xC3D2E1F0;
   }
 
+  @Override
   public boolean selfTest()
   {
     if (valid == null)
diff --git a/gnu/java/security/hash/Sha256.java b/gnu/java/security/hash/Sha256.java
index 76e28d4e0..b411851ac 100644
--- a/gnu/java/security/hash/Sha256.java
+++ b/gnu/java/security/hash/Sha256.java
@@ -1,5 +1,5 @@
 /* Sha256.java --
-   Copyright (C) 2003, 2006 Free Software Foundation, Inc.
+   Copyright (C) 2003, 2006, 2015 Free Software Foundation, Inc.
 
 This file is a part of GNU Classpath.
 
@@ -110,7 +110,7 @@ public class Sha256
     this.h6 = md.h6;
     this.h7 = md.h7;
     this.count = md.count;
-    this.buffer = (byte[]) md.buffer.clone();
+    this.buffer = md.buffer.clone();
   }
 
   public static final int[] G(int hh0, int hh1, int hh2, int hh3, int hh4,
@@ -118,12 +118,14 @@ public class Sha256
   {
     return sha(hh0, hh1, hh2, hh3, hh4, hh5, hh6, hh7, in, offset);
   }
-
+  
+  @Override
   public Object clone()
   {
     return new Sha256(this);
   }
 
+  @Override
   protected void transform(byte[] in, int offset)
   {
     int[] result = sha(h0, h1, h2, h3, h4, h5, h6, h7, in, offset);
@@ -137,6 +139,7 @@ public class Sha256
     h7 = result[7];
   }
 
+  @Override
   protected byte[] padBuffer()
   {
     int n = (int)(count % BLOCK_SIZE);
@@ -157,6 +160,7 @@ public class Sha256
     return result;
   }
 
+  @Override
   protected byte[] getResult()
   {
     return new byte[] {
@@ -170,6 +174,7 @@ public class Sha256
         (byte)(h7 >>> 24), (byte)(h7 >>> 16), (byte)(h7 >>> 8), (byte) h7 };
   }
 
+  @Override
   protected void resetContext()
   {
     // magic SHA-256 initialisation constants
@@ -183,6 +188,7 @@ public class Sha256
     h7 = 0x5be0cd19;
   }
 
+  @Override
   public boolean selfTest()
   {
     if (valid == null)
diff --git a/gnu/java/security/hash/Sha384.java b/gnu/java/security/hash/Sha384.java
index 5fea4f3b1..4fb3d6b0f 100644
--- a/gnu/java/security/hash/Sha384.java
+++ b/gnu/java/security/hash/Sha384.java
@@ -1,5 +1,5 @@
 /* Sha384.java --
-   Copyright (C) 2003, 2006 Free Software Foundation, Inc.
+   Copyright (C) 2003, 2006, 2015 Free Software Foundation, Inc.
 
 This file is a part of GNU Classpath.
 
@@ -121,7 +121,7 @@ public class Sha384
     this.h6 = md.h6;
     this.h7 = md.h7;
     this.count = md.count;
-    this.buffer = (byte[]) md.buffer.clone();
+    this.buffer = md.buffer.clone();
   }
 
   public static final long[] G(long hh0, long hh1, long hh2, long hh3,
@@ -131,11 +131,13 @@ public class Sha384
     return sha(hh0, hh1, hh2, hh3, hh4, hh5, hh6, hh7, in, offset);
   }
 
+  @Override
   public Object clone()
   {
     return new Sha384(this);
   }
 
+  @Override
   protected void transform(byte[] in, int offset)
   {
     long[] result = sha(h0, h1, h2, h3, h4, h5, h6, h7, in, offset);
@@ -149,6 +151,7 @@ public class Sha384
     h7 = result[7];
   }
 
+  @Override
   protected byte[] padBuffer()
   {
     int n = (int)(count % BLOCK_SIZE);
@@ -171,6 +174,7 @@ public class Sha384
     return result;
   }
 
+  @Override
   protected byte[] getResult()
   {
     return new byte[] {
@@ -188,6 +192,7 @@ public class Sha384
         (byte)(h5 >>> 24), (byte)(h5 >>> 16), (byte)(h5 >>>  8), (byte) h5 };
   }
 
+  @Override
   protected void resetContext()
   {
     // magic SHA-384 initialisation constants
@@ -201,6 +206,7 @@ public class Sha384
     h7 = 0x47b5481dbefa4fa4L;
   }
 
+  @Override
   public boolean selfTest()
   {
     if (valid == null)
diff --git a/gnu/java/security/hash/Sha512.java b/gnu/java/security/hash/Sha512.java
index 17c4323fa..65c486737 100644
--- a/gnu/java/security/hash/Sha512.java
+++ b/gnu/java/security/hash/Sha512.java
@@ -1,5 +1,5 @@
 /* Sha512.java --
-   Copyright (C) 2003, 2006 Free Software Foundation, Inc.
+   Copyright (C) 2003, 2006, 2015 Free Software Foundation, Inc.
 
 This file is a part of GNU Classpath.
 
@@ -121,7 +121,7 @@ public class Sha512
     this.h6 = md.h6;
     this.h7 = md.h7;
     this.count = md.count;
-    this.buffer = (byte[]) md.buffer.clone();
+    this.buffer = md.buffer.clone();
   }
 
   public static final long[] G(long hh0, long hh1, long hh2, long hh3,
@@ -131,11 +131,13 @@ public class Sha512
     return sha(hh0, hh1, hh2, hh3, hh4, hh5, hh6, hh7, in, offset);
   }
 
+  @Override
   public Object clone()
   {
     return new Sha512(this);
   }
 
+  @Override
   protected void transform(byte[] in, int offset)
   {
     long[] result = sha(h0, h1, h2, h3, h4, h5, h6, h7, in, offset);
@@ -149,6 +151,7 @@ public class Sha512
     h7 = result[7];
   }
 
+  @Override
   protected byte[] padBuffer()
   {
     int n = (int)(count % BLOCK_SIZE);
@@ -171,6 +174,7 @@ public class Sha512
     return result;
   }
 
+  @Override
   protected byte[] getResult()
   {
     return new byte[] {
@@ -192,6 +196,7 @@ public class Sha512
         (byte)(h7 >>> 24), (byte)(h7 >>> 16), (byte)(h7 >>>  8), (byte) h7 };
   }
 
+  @Override
   protected void resetContext()
   {
     // magic SHA-512 initialisation constants
@@ -205,6 +210,7 @@ public class Sha512
     h7 = 0x5be0cd19137e2179L;
   }
 
+  @Override
   public boolean selfTest()
   {
     if (valid == null)
diff --git a/gnu/java/security/hash/Tiger.java b/gnu/java/security/hash/Tiger.java
index d2993db9f..d62cf7ba1 100644
--- a/gnu/java/security/hash/Tiger.java
+++ b/gnu/java/security/hash/Tiger.java
@@ -1,5 +1,5 @@
 /* Tiger.java --
-   Copyright (C) 2003, 2006 Free Software Foundation, Inc.
+   Copyright (C) 2003, 2006, 2015 Free Software Foundation, Inc.
 
 This file is a part of GNU Classpath.
 
@@ -456,14 +456,16 @@ public class Tiger
     this.b = that.b;
     this.c = that.c;
     this.count = that.count;
-    this.buffer = (that.buffer != null) ? (byte[]) that.buffer.clone() : null;
+    this.buffer = (that.buffer != null) ? that.buffer.clone() : null;
   }
 
+  @Override
   public Object clone()
   {
     return new Tiger(this);
   }
 
+  @Override
   public boolean selfTest()
   {
     if (valid == null)
@@ -474,6 +476,7 @@ public class Tiger
     return valid.booleanValue();
   }
 
+  @Override
   protected byte[] padBuffer()
   {
     int n = (int)(count % BLOCK_SIZE);
@@ -492,6 +495,7 @@ public class Tiger
     return pad;
   }
 
+  @Override
   protected byte[] getResult()
   {
     return new byte[] {
@@ -503,6 +507,7 @@ public class Tiger
         (byte)(c >>> 32), (byte)(c >>> 40), (byte)(c >>> 48), (byte)(c >>> 56) };
   }
 
+  @Override
   protected void resetContext()
   {
     a = A;
@@ -510,6 +515,7 @@ public class Tiger
     c = C;
   }
 
+  @Override
   protected void transform(byte[] in, int offset)
   {
     long x0, x1, x2, x3, x4, x5, x6, x7;
diff --git a/gnu/java/security/hash/Whirlpool.java b/gnu/java/security/hash/Whirlpool.java
index bb1174e2e..720f17f06 100644
--- a/gnu/java/security/hash/Whirlpool.java
+++ b/gnu/java/security/hash/Whirlpool.java
@@ -1,5 +1,5 @@
 /* Whirlpool.java --
-   Copyright (C) 2001, 2002, 2006, 2010, 2014 Free Software Foundation, Inc.
+   Copyright (C) 2001, 2002, 2006, 2010, 2014, 2015 Free Software Foundation, Inc.
 
 This file is a part of GNU Classpath.
 
@@ -284,14 +284,16 @@ public final class Whirlpool
     this.H6 = md.H6;
     this.H7 = md.H7;
     this.count = md.count;
-    this.buffer = (byte[]) md.buffer.clone();
+    this.buffer = md.buffer.clone();
   }
 
+  @Override
   public Object clone()
   {
     return (new Whirlpool(this));
   }
 
+  @Override
   protected void transform(byte[] in, int offset)
   {
     // apply mu to the input
@@ -539,6 +541,7 @@ public final class Whirlpool
     H7 ^= w7 ^ n7;
   }
 
+  @Override
   protected byte[] padBuffer()
   {
     // [WHIRLPOOL] p. 6:
@@ -569,6 +572,7 @@ public final class Whirlpool
     return result;
   }
 
+  @Override
   protected byte[] getResult()
   {
     // apply inverse mu to the context
@@ -592,11 +596,13 @@ public final class Whirlpool
 
   }
 
+  @Override
   protected void resetContext()
   {
     H0 = H1 = H2 = H3 = H4 = H5 = H6 = H7 = 0L;
   }
 
+  @Override
   public boolean selfTest()
   {
     if (valid == null)
diff --git a/gnu/java/security/jce/hash/MessageDigestAdapter.java b/gnu/java/security/jce/hash/MessageDigestAdapter.java
index 2651ecf92..d0947b86f 100644
--- a/gnu/java/security/jce/hash/MessageDigestAdapter.java
+++ b/gnu/java/security/jce/hash/MessageDigestAdapter.java
@@ -1,5 +1,5 @@
 /* MessageDigestAdapter.java --
-   Copyright (C) 2001, 2002, 2006 Free Software Foundation, Inc.
+   Copyright (C) 2001, 2002, 2006, 2015 Free Software Foundation, Inc.
 
 This file is a part of GNU Classpath.
 
@@ -89,31 +89,37 @@ class MessageDigestAdapter
     this.adaptee = adaptee;
   }
 
+  @Override
   public Object clone()
   {
     return new MessageDigestAdapter((IMessageDigest) adaptee.clone());
   }
 
+  @Override
   public int engineGetDigestLength()
   {
     return adaptee.hashSize();
   }
-
+  
+  @Override
   public void engineUpdate(byte input)
   {
     adaptee.update(input);
   }
 
+  @Override
   public void engineUpdate(byte[] input, int offset, int len)
   {
     adaptee.update(input, offset, len);
   }
 
+  @Override
   public byte[] engineDigest()
   {
     return adaptee.digest();
   }
 
+  @Override
   public int engineDigest(byte[] buf, int offset, int len)
       throws DigestException
   {
@@ -126,6 +132,7 @@ class MessageDigestAdapter
     return result;
   }
 
+  @Override
   public void engineReset()
   {
     adaptee.reset();
diff --git a/gnu/java/security/jce/sig/DSSKeyPairGeneratorSpi.java b/gnu/java/security/jce/sig/DSSKeyPairGeneratorSpi.java
index 971cffe92..9ab5a53f7 100644
--- a/gnu/java/security/jce/sig/DSSKeyPairGeneratorSpi.java
+++ b/gnu/java/security/jce/sig/DSSKeyPairGeneratorSpi.java
@@ -1,5 +1,5 @@
 /* DSSKeyPairGeneratorSpi.java --
-   Copyright 2001, 2002, 2006, 2014 Free Software Foundation, Inc.
+   Copyright 2001, 2002, 2006, 2014, 2015 Free Software Foundation, Inc.
 
 This file is a part of GNU Classpath.
 
@@ -67,11 +67,13 @@ public class DSSKeyPairGeneratorSpi
     super(Registry.DSS_KPG);
   }
 
+  @Override
   public void initialize(int keysize, SecureRandom random)
   {
     this.initialize(keysize, false, random);
   }
 
+  @Override
   public void initialize(AlgorithmParameterSpec params, SecureRandom random)
       throws InvalidAlgorithmParameterException
   {
diff --git a/gnu/java/security/jce/sig/DSSParametersGenerator.java b/gnu/java/security/jce/sig/DSSParametersGenerator.java
index 09c138610..cad1fb380 100644
--- a/gnu/java/security/jce/sig/DSSParametersGenerator.java
+++ b/gnu/java/security/jce/sig/DSSParametersGenerator.java
@@ -1,5 +1,5 @@
 /* DSSParametersGenerator.java -- JCE Adapter for a generator of DSS parameters
-   Copyright (C) 2006 Free Software Foundation, Inc.
+   Copyright (C) 2006, 2015 Free Software Foundation, Inc.
 
 This file is part of GNU Classpath.
 
@@ -73,7 +73,7 @@ public class DSSParametersGenerator
   private FIPS186 fips;
 
   // default 0-arguments constructor
-
+  @Override
   protected void engineInit(int size, SecureRandom random)
   {
     if ((size % 64) != 0 || size < 512 || size > 1024)
@@ -85,6 +85,7 @@ public class DSSParametersGenerator
     this.rnd = random;
   }
 
+  @Override
   protected void engineInit(AlgorithmParameterSpec spec, SecureRandom random)
       throws InvalidAlgorithmParameterException
   {
@@ -97,6 +98,7 @@ public class DSSParametersGenerator
     this.engineInit(size, random);
   }
 
+  @Override
   protected AlgorithmParameters engineGenerateParameters()
   {
     if (modulusLength < 1)
diff --git a/gnu/java/security/jce/sig/EncodedKeyFactory.java b/gnu/java/security/jce/sig/EncodedKeyFactory.java
index df8bb14b1..9f866fa07 100644
--- a/gnu/java/security/jce/sig/EncodedKeyFactory.java
+++ b/gnu/java/security/jce/sig/EncodedKeyFactory.java
@@ -1,5 +1,5 @@
 /* EncodedKeyFactory.java -- JCE Encoded key factory Adapter
-   Copyright (C) 2006, 2010, 2014  Free Software Foundation, Inc.
+   Copyright (C) 2006, 2010, 2014, 2015  Free Software Foundation, Inc.
 
 This file is part of GNU Classpath.
 
@@ -305,7 +305,7 @@ public class EncodedKeyFactory
    * @return an instance of {@link DSSPublicKey} constructed from the
    *         information in the designated key-specification.
    */
-  private DSSPublicKey decodeDSSPublicKey(DSAPublicKeySpec spec)
+  private static DSSPublicKey decodeDSSPublicKey(DSAPublicKeySpec spec)
   {
     BigInteger p = spec.getP();
     BigInteger q = spec.getQ();
@@ -319,7 +319,7 @@ public class EncodedKeyFactory
    * @return an instance of {@link GnuRSAPublicKey} constructed from the
    *         information in the designated key-specification.
    */
-  private GnuRSAPublicKey decodeRSAPublicKey(RSAPublicKeySpec spec)
+  private static GnuRSAPublicKey decodeRSAPublicKey(RSAPublicKeySpec spec)
   {
     BigInteger n = spec.getModulus();
     BigInteger e = spec.getPublicExponent();
@@ -334,7 +334,7 @@ public class EncodedKeyFactory
    *           {@link DHPublicKey} interface exists at run-time, or if an
    *           exception occurs during its instantiation.
    */
-  private DHPublicKey decodeDHPublicKey(DHPublicKeySpec spec)
+  private static DHPublicKey decodeDHPublicKey(DHPublicKeySpec spec)
       throws InvalidKeySpecException
   {
     BigInteger p = spec.getP();
@@ -355,7 +355,7 @@ public class EncodedKeyFactory
    *           {@link DHPublicKey} interface exists at run-time, or if an
    *           exception occurs during its instantiation.
    */
-  private DHPublicKey decodeDHPublicKey(byte[] encoded)
+  private static DHPublicKey decodeDHPublicKey(byte[] encoded)
       throws InvalidKeySpecException
   {
     Object obj = invokeValueOf("gnu.javax.crypto.key.dh.GnuDHPublicKey",
@@ -368,7 +368,7 @@ public class EncodedKeyFactory
    * @return an instance of {@link DSSPrivateKey} constructed from the
    *         information in the designated key-specification.
    */
-  private PrivateKey decodeDSSPrivateKey(DSAPrivateKeySpec spec)
+  private static PrivateKey decodeDSSPrivateKey(DSAPrivateKeySpec spec)
   {
     BigInteger p = spec.getP();
     BigInteger q = spec.getQ();
@@ -382,7 +382,7 @@ public class EncodedKeyFactory
    * @return an instance of {@link GnuRSAPrivateKey} constructed from the
    *         information in the designated key-specification.
    */
-  private PrivateKey decodeRSAPrivateKey(RSAPrivateCrtKeySpec spec)
+  private static PrivateKey decodeRSAPrivateKey(RSAPrivateCrtKeySpec spec)
   {
     BigInteger n = spec.getModulus();
     BigInteger e = spec.getPublicExponent();
@@ -404,7 +404,7 @@ public class EncodedKeyFactory
    *           {@link DHPrivateKey} interface exists at run-time, or if an
    *           exception occurs during its instantiation.
    */
-  private DHPrivateKey decodeDHPrivateKey(DHPrivateKeySpec spec)
+  private static DHPrivateKey decodeDHPrivateKey(DHPrivateKeySpec spec)
       throws InvalidKeySpecException
   {
     BigInteger p = spec.getP();
@@ -425,7 +425,7 @@ public class EncodedKeyFactory
    *           {@link DHPrivateKey} interface exists at run-time, or if an
    *           exception occurs during its instantiation.
    */
-  private DHPrivateKey decodeDHPrivateKey(byte[] encoded)
+  private static DHPrivateKey decodeDHPrivateKey(byte[] encoded)
       throws InvalidKeySpecException
   {
     Object obj = invokeValueOf("gnu.javax.crypto.key.dh.GnuDHPrivateKey",
diff --git a/gnu/java/security/jce/sig/KeyPairGeneratorAdapter.java b/gnu/java/security/jce/sig/KeyPairGeneratorAdapter.java
index cd612aaa5..8ad0c3d8b 100644
--- a/gnu/java/security/jce/sig/KeyPairGeneratorAdapter.java
+++ b/gnu/java/security/jce/sig/KeyPairGeneratorAdapter.java
@@ -83,12 +83,15 @@ public abstract class KeyPairGeneratorAdapter
     this.adaptee = KeyPairGeneratorFactory.getInstance(localiseName(kpgName));
   }
 
+  @Override
   public abstract void initialize(int keysize, SecureRandom random);
 
+  @Override
   public abstract void initialize(AlgorithmParameterSpec params,
                                   SecureRandom random)
       throws InvalidAlgorithmParameterException;
 
+  @Override
   public KeyPair generateKeyPair()
   {
     if (!adaptee.isInitialized())
@@ -133,7 +136,6 @@ public abstract class KeyPairGeneratorAdapter
    */
   private static String localiseName(String kpgName)
   {
-    /**
     if ("DiffieHellman".equals(kpgName))
       return Registry.DH_KPG;
     if ("DH".equals(kpgName))
@@ -142,7 +144,6 @@ public abstract class KeyPairGeneratorAdapter
       return Registry.DSA_KPG;
     if ("RSA".equals(kpgName))
       return Registry.RSA_KPG;
-    */
     return kpgName;
   }
 
diff --git a/gnu/java/security/jce/sig/RSAKeyPairGeneratorSpi.java b/gnu/java/security/jce/sig/RSAKeyPairGeneratorSpi.java
index fa3cbd5a8..aab10ff98 100644
--- a/gnu/java/security/jce/sig/RSAKeyPairGeneratorSpi.java
+++ b/gnu/java/security/jce/sig/RSAKeyPairGeneratorSpi.java
@@ -1,5 +1,5 @@
 /* RSAKeyPairGeneratorSpi.java -- JCE RSA KeyPairGenerator Adapter
-   Copyright (C) 2001, 2002, 2006, 2014 Free Software Foundation, Inc.
+   Copyright (C) 2001, 2002, 2006, 2014, 2015 Free Software Foundation, Inc.
 
 This file is a part of GNU Classpath.
 
@@ -63,6 +63,7 @@ public class RSAKeyPairGeneratorSpi
     super(Registry.RSA_KPG);
   }
 
+  @Override
   public void initialize(int keysize, SecureRandom random)
   {
     HashMap<String,Object> attributes = new HashMap<String,Object>();
@@ -75,6 +76,7 @@ public class RSAKeyPairGeneratorSpi
     adaptee.setup(attributes);
   }
 
+  @Override
   public void initialize(AlgorithmParameterSpec params, SecureRandom random)
       throws InvalidAlgorithmParameterException
   {
diff --git a/gnu/java/security/jce/sig/SignatureAdapter.java b/gnu/java/security/jce/sig/SignatureAdapter.java
index 7f7c1569f..7fe391ee2 100644
--- a/gnu/java/security/jce/sig/SignatureAdapter.java
+++ b/gnu/java/security/jce/sig/SignatureAdapter.java
@@ -1,5 +1,5 @@
 /* SignatureAdapter.java --
-   Copyright 2001, 2002, 2006, 2010, 2014 Free Software Foundation, Inc.
+   Copyright 2001, 2002, 2006, 2010, 2014, 2015 Free Software Foundation, Inc.
 
 This file is a part of GNU Classpath.
 
@@ -39,7 +39,6 @@ exception statement from your version.  */
 package gnu.java.security.jce.sig;
 
 import gnu.java.security.Configuration;
-import gnu.java.security.sig.BaseSignature;
 import gnu.java.security.sig.ISignature;
 import gnu.java.security.sig.ISignatureCodec;
 import gnu.java.security.sig.SignatureFactory;
@@ -109,6 +108,7 @@ class SignatureAdapter
     this.codec = codec;
   }
 
+  @Override
   public Object clone()
   {
     return new SignatureAdapter((ISignature) adaptee.clone(), codec);
@@ -118,7 +118,7 @@ class SignatureAdapter
   public void engineInitVerify(PublicKey publicKey) throws InvalidKeyException
   {
     HashMap<String,Object> attributes = new HashMap<String,Object>();
-    attributes.put(BaseSignature.VERIFIER_KEY, publicKey);
+    attributes.put(ISignature.VERIFIER_KEY, publicKey);
     try
       {
         adaptee.setupVerify(attributes);
@@ -133,7 +133,7 @@ class SignatureAdapter
   public void engineInitSign(PrivateKey privateKey) throws InvalidKeyException
   {
     HashMap<String,Object> attributes = new HashMap<String,Object>();
-    attributes.put(BaseSignature.SIGNER_KEY, privateKey);
+    attributes.put(ISignature.SIGNER_KEY, privateKey);
     try
       {
         adaptee.setupSign(attributes);
@@ -149,8 +149,8 @@ class SignatureAdapter
       throws InvalidKeyException
   {
     HashMap<String,Object> attributes = new HashMap<String,Object>();
-    attributes.put(BaseSignature.SIGNER_KEY, privateKey);
-    attributes.put(BaseSignature.SOURCE_OF_RANDOMNESS, random);
+    attributes.put(ISignature.SIGNER_KEY, privateKey);
+    attributes.put(ISignature.SOURCE_OF_RANDOMNESS, random);
     try
       {
         adaptee.setupSign(attributes);
diff --git a/gnu/java/security/key/KeyPairCodecFactory.java b/gnu/java/security/key/KeyPairCodecFactory.java
index b4d96e2e2..70d8ea44c 100644
--- a/gnu/java/security/key/KeyPairCodecFactory.java
+++ b/gnu/java/security/key/KeyPairCodecFactory.java
@@ -1,5 +1,5 @@
 /* KeyPairCodecFactory.java --
-   Copyright 2001, 2002, 2006, 2014 Free Software Foundation, Inc.
+   Copyright 2001, 2002, 2006, 2014, 2015 Free Software Foundation, Inc.
 
 This file is a part of GNU Classpath.
 
@@ -154,13 +154,14 @@ public class KeyPairCodecFactory
         return getX509Codec(name);
       case Registry.PKCS8_ENCODING_ID:
         return getPKCS8Codec(name);
+      default:
+	return null;
       }
 
-    return null;
   }
 
   /**
-   * Returns an instance of a keypair codec given a key.
+   * Returns an instance of a keypair codec, given a key.
    *
    * @param key the key to encode.
    * @return an instance of the keypair codec, or <code>null</code> if none
@@ -184,9 +185,10 @@ public class KeyPairCodecFactory
         return getX509Codec(key);
       case Registry.PKCS8_ENCODING_ID:
         return getPKCS8Codec(key);
+      default:
+	return null;
       }
 
-    return null;
   }
 
   /**
diff --git a/gnu/java/security/key/dss/DSSKey.java b/gnu/java/security/key/dss/DSSKey.java
index ed356ef38..e46ec0a72 100644
--- a/gnu/java/security/key/dss/DSSKey.java
+++ b/gnu/java/security/key/dss/DSSKey.java
@@ -1,5 +1,5 @@
 /* DSSKey.java --
-   Copyright 2001, 2002, 2003, 2006, 2014 Free Software Foundation, Inc.
+   Copyright 2001, 2002, 2003, 2006, 2014, 2015 Free Software Foundation, Inc.
 
 This file is a part of GNU Classpath.
 
@@ -50,6 +50,7 @@ import java.security.Key;
 import java.security.interfaces.DSAKey;
 import java.security.interfaces.DSAParams;
 import java.security.spec.DSAParameterSpec;
+import java.util.Objects;
 
 /**
  * A base asbtract class for both public and private DSS (Digital Signature
@@ -128,22 +129,26 @@ public abstract class DSSKey
     this.g = g;
   }
 
+  @Override
   public DSAParams getParams()
   {
     return new DSAParameterSpec(p, q, g);
   }
 
+  @Override
   public String getAlgorithm()
   {
     return "DSA";
   }
 
   /** @deprecated see getEncoded(int). */
+  @Override @Deprecated
   public byte[] getEncoded()
   {
     return getEncoded(defaultFormat);
   }
 
+  @Override
   public String getFormat()
   {
     return FormatUtil.getEncodingShortName(defaultFormat);
@@ -163,6 +168,7 @@ public abstract class DSSKey
    * @return <code>true</code> if the designated object is of the same type
    *         and value as this one.
    */
+  @Override
   public boolean equals(Object obj)
   {
     if (hasInheritedParameters())
@@ -180,11 +186,24 @@ public abstract class DSSKey
            && g.equals(that.getParams().getG());
   }
 
+  /**
+   * Returns the hash code of the key, computed from its
+   * parameter values.
+   *
+   * @return the hash code.
+   */
+  @Override
+  public int hashCode()
+  {
+    return Objects.hash(p, q, g);
+  }
+
+  @Override
   public String toString()
   {
     if (str == null)
       {
-        String ls = (String) AccessController.doPrivileged(new GetPropertyAction("line.separator"));
+        String ls = AccessController.doPrivileged(new GetPropertyAction("line.separator"));
         CPStringBuilder sb = new CPStringBuilder(ls)
             .append("defaultFormat=").append(defaultFormat).append(",")
             .append(ls);
diff --git a/gnu/java/security/key/dss/DSSKeyPairGenerator.java b/gnu/java/security/key/dss/DSSKeyPairGenerator.java
index fe1eeb683..439377d6b 100644
--- a/gnu/java/security/key/dss/DSSKeyPairGenerator.java
+++ b/gnu/java/security/key/dss/DSSKeyPairGenerator.java
@@ -288,12 +288,9 @@ public class DSSKeyPairGenerator
 		  throw new IllegalArgumentException(
                     "Does not provide default parameters for " + L
                     + "-bit modulus length");
-		else
-		  {
-		    p = null;
-		    q = null;
-		    g = null;
-		  }
+		p = null;
+		q = null;
+		g = null;
 	      }
 	  }
 	else
@@ -326,7 +323,6 @@ public class DSSKeyPairGenerator
   {
     if (p == null)
       {
-	System.err.println("Attempting to generate parameters for modulus of length " + L);
         BigInteger[] params = new FIPS186(L, rnd).generateParameters();
         seed = params[FIPS186.DSA_PARAMS_SEED];
         counter = params[FIPS186.DSA_PARAMS_COUNTER];
diff --git a/gnu/java/security/key/dss/DSSKeyPairRawCodec.java b/gnu/java/security/key/dss/DSSKeyPairRawCodec.java
index 5b93c6b1e..f0dc0d7a3 100644
--- a/gnu/java/security/key/dss/DSSKeyPairRawCodec.java
+++ b/gnu/java/security/key/dss/DSSKeyPairRawCodec.java
@@ -1,5 +1,6 @@
 /* DSSKeyPairRawCodec.java --
-   Copyright 2001, 2002, 2003, 2006 Free Software Foundation, Inc.
+   Copyright 2001, 2002, 2003, 2006, 2015
+   Free Software Foundation, Inc.
 
 This file is a part of GNU Classpath.
 
@@ -55,6 +56,7 @@ public class DSSKeyPairRawCodec
 {
   // implicit 0-arguments constructor
 
+  @Override
   public int getFormatID()
   {
     return RAW_FORMAT;
@@ -99,6 +101,7 @@ public class DSSKeyPairRawCodec
    *           (Digital Signature Standard) one.
    * @see Registry#MAGIC_RAW_DSS_PUBLIC_KEY
    */
+  @Override
   public byte[] encodePublicKey(PublicKey key)
   {
     if (! (key instanceof DSSPublicKey))
@@ -148,6 +151,7 @@ public class DSSKeyPairRawCodec
     return baos.toByteArray();
   }
 
+  @Override
   public PublicKey decodePublicKey(byte[] k)
   {
     // magic
@@ -241,6 +245,7 @@ public class DSSKeyPairRawCodec
    * @throws IllegalArgumentException if the designated key is not a DSS
    *           (Digital Signature Standard) one.
    */
+  @Override
   public byte[] encodePrivateKey(PrivateKey key)
   {
     if (! (key instanceof DSSPrivateKey))
@@ -290,6 +295,7 @@ public class DSSKeyPairRawCodec
     return baos.toByteArray();
   }
 
+  @Override
   public PrivateKey decodePrivateKey(byte[] k)
   {
     // magic
diff --git a/gnu/java/security/key/dss/DSSKeyPairX509Codec.java b/gnu/java/security/key/dss/DSSKeyPairX509Codec.java
index 678924851..11bd22ef1 100644
--- a/gnu/java/security/key/dss/DSSKeyPairX509Codec.java
+++ b/gnu/java/security/key/dss/DSSKeyPairX509Codec.java
@@ -1,5 +1,5 @@
 /* DSSKeyPairX509Codec.java -- X.509 Encoding/Decoding handler
-   Copyright (C) 2006, 2014 Free Software Foundation, Inc.
+   Copyright (C) 2006, 2014, 2015 Free Software Foundation, Inc.
 
 This file is part of GNU Classpath.
 
@@ -67,6 +67,7 @@ public class DSSKeyPairX509Codec
 
   // implicit 0-arguments constructor
 
+  @Override
   public int getFormatID()
   {
     return X509_FORMAT;
@@ -116,6 +117,7 @@ public class DSSKeyPairX509Codec
    *        of {@link DSSPublicKey} or if an exception occurs during the
    *        marshalling process.
    */
+  @Override
   public byte[] encodePublicKey(PublicKey key)
   {
     if (! (key instanceof DSSPublicKey))
@@ -179,6 +181,7 @@ public class DSSKeyPairX509Codec
   /**
    * @throws InvalidParameterException ALWAYS.
    */
+  @Override
   public byte[] encodePrivateKey(PrivateKey key)
   {
     throw new InvalidParameterException("Wrong format for private keys");
@@ -192,6 +195,7 @@ public class DSSKeyPairX509Codec
    * @throw InvalidParameterException if an exception occurs during the
    *        unmarshalling process.
    */
+  @Override
   public PublicKey decodePublicKey(byte[] input)
   {
     if (input == null)
@@ -269,6 +273,7 @@ public class DSSKeyPairX509Codec
   /**
    * @throws InvalidParameterException ALWAYS.
    */
+  @Override
   public PrivateKey decodePrivateKey(byte[] input)
   {
     throw new InvalidParameterException("Wrong format for private keys");
diff --git a/gnu/java/security/key/dss/DSSPrivateKey.java b/gnu/java/security/key/dss/DSSPrivateKey.java
index 4b3ccc72d..134c977ec 100644
--- a/gnu/java/security/key/dss/DSSPrivateKey.java
+++ b/gnu/java/security/key/dss/DSSPrivateKey.java
@@ -1,5 +1,6 @@
 /* DSSPrivateKey.java --
-   Copyright 2001, 2002, 2003, 2006, 2014 Free Software Foundation, Inc.
+   Copyright 2001, 2002, 2003, 2006, 2014, 2015
+   Free Software Foundation, Inc.
 
 This file is a part of GNU Classpath.
 
@@ -47,7 +48,6 @@ import gnu.java.security.key.IKeyPairCodec;
 
 import java.math.BigInteger;
 import java.security.AccessController;
-import java.security.PrivateKey;
 import java.security.interfaces.DSAPrivateKey;
 
 /**
@@ -57,7 +57,7 @@ import java.security.interfaces.DSAPrivateKey;
  */
 public class DSSPrivateKey
     extends DSSKey
-    implements PrivateKey, DSAPrivateKey
+    implements DSAPrivateKey
 {
   private static final long serialVersionUID = -4273348785094844114L;
 
@@ -135,6 +135,7 @@ public class DSSPrivateKey
     return (DSSPrivateKey) new DSSKeyPairPKCS8Codec().decodePrivateKey(k);
   }
 
+  @Override
   public BigInteger getX()
   {
     return x;
@@ -150,6 +151,7 @@ public class DSSPrivateKey
    * @exception IllegalArgumentException if the format is not supported.
    * @see DSSKeyPairRawCodec
    */
+  @Override
   public byte[] getEncoded(int format)
   {
     byte[] result;
@@ -177,6 +179,7 @@ public class DSSPrivateKey
    * @return <code>true</code> if the designated object is of the same type
    *         and value as this one.
    */
+  @Override
   public boolean equals(Object obj)
   {
     if (obj == null)
@@ -189,11 +192,26 @@ public class DSSPrivateKey
     return super.equals(that) && x.equals(that.getX());
   }
 
+  /**
+   * Provides a hash code for this object using the DSA
+   * parameter values, mirroring the {@link #equals(Object)}
+   * implementation.
+   *
+   * @return the hash code of this object.
+   * @see #equals(Object)
+   */
+  @Override
+  public int hashCode()
+  {
+    return 31 * super.hashCode() + x.hashCode();
+  }
+
+  @Override
   public String toString()
   {
     if (str == null)
       {
-        String ls = (String) AccessController.doPrivileged
+        String ls = AccessController.doPrivileged
             (new GetPropertyAction("line.separator"));
         str = new CPStringBuilder(this.getClass().getName()).append("(")
             .append(super.toString()).append(",").append(ls)
diff --git a/gnu/java/security/key/dss/DSSPublicKey.java b/gnu/java/security/key/dss/DSSPublicKey.java
index 0f4c08e78..91031c9e7 100644
--- a/gnu/java/security/key/dss/DSSPublicKey.java
+++ b/gnu/java/security/key/dss/DSSPublicKey.java
@@ -1,5 +1,6 @@
 /* DSSPublicKey.java --
-   Copyright 2001, 2002, 2003, 2006, 2014 Free Software Foundation, Inc.
+   Copyright 2001, 2002, 2003, 2006, 2014, 2015
+   Free Software Foundation, Inc.
 
 This file is a part of GNU Classpath.
 
@@ -46,7 +47,6 @@ import gnu.java.security.key.IKeyPairCodec;
 
 import java.math.BigInteger;
 import java.security.AccessController;
-import java.security.PublicKey;
 import java.security.interfaces.DSAPublicKey;
 
 /**
@@ -56,7 +56,7 @@ import java.security.interfaces.DSAPublicKey;
  */
 public class DSSPublicKey
     extends DSSKey
-    implements PublicKey, DSAPublicKey
+    implements DSAPublicKey
 {
   private  static final long serialVersionUID = 4662188565230532792L;
 
@@ -134,6 +134,7 @@ public class DSSPublicKey
     return (DSSPublicKey) new DSSKeyPairX509Codec().decodePublicKey(k);
   }
 
+  @Override
   public BigInteger getY()
   {
     return y;
@@ -149,6 +150,7 @@ public class DSSPublicKey
    * @exception IllegalArgumentException if the format is not supported.
    * @see DSSKeyPairRawCodec
    */
+  @Override
   public byte[] getEncoded(int format)
   {
     byte[] result;
@@ -176,6 +178,7 @@ public class DSSPublicKey
    * @return <code>true</code> if the designated object is of the same type
    *         and value as this one.
    */
+  @Override
   public boolean equals(Object obj)
   {
     if (obj == null)
@@ -188,11 +191,26 @@ public class DSSPublicKey
     return super.equals(that) && y.equals(that.getY());
   }
 
+  /**
+   * Provides a hash code for this object using the DSA
+   * parameter values, mirroring the {@link #equals(Object)}
+   * implementation.
+   *
+   * @return the hash code of this object.
+   * @see #equals(Object)
+   */
+  @Override
+  public int hashCode()
+  {
+    return 31 * super.hashCode() + y.hashCode();
+  }
+
+  @Override
   public String toString()
   {
     if (str == null)
       {
-        String ls = (String) AccessController.doPrivileged
+        String ls = AccessController.doPrivileged
             (new GetPropertyAction("line.separator"));
         str = new CPStringBuilder(this.getClass().getName()).append("(")
             .append(super.toString()).append(",").append(ls)
diff --git a/gnu/java/security/key/rsa/GnuRSAKey.java b/gnu/java/security/key/rsa/GnuRSAKey.java
index 543ebdc56..8954f7574 100644
--- a/gnu/java/security/key/rsa/GnuRSAKey.java
+++ b/gnu/java/security/key/rsa/GnuRSAKey.java
@@ -48,6 +48,7 @@ import java.math.BigInteger;
 import java.security.AccessController;
 import java.security.Key;
 import java.security.interfaces.RSAKey;
+import java.util.Objects;
 
 /**
  * A base asbtract class for both public and private RSA keys.
@@ -90,22 +91,26 @@ public abstract class GnuRSAKey
     this.e = e;
   }
 
+  @Override
   public BigInteger getModulus()
   {
     return getN();
   }
 
+  @Override
   public String getAlgorithm()
   {
     return "RSA";
   }
 
   /** @deprecated see getEncoded(int). */
+  @Override @Deprecated
   public byte[] getEncoded()
   {
     return getEncoded(defaultFormat);
   }
 
+  @Override
   public String getFormat()
   {
     return FormatUtil.getEncodingShortName(defaultFormat);
@@ -149,6 +154,7 @@ public abstract class GnuRSAKey
    * @return <code>true</code> if the designated object is of the same type
    *         and value as this one.
    */
+  @Override
   public boolean equals(final Object obj)
   {
     if (obj == null)
@@ -161,11 +167,24 @@ public abstract class GnuRSAKey
     return n.equals(that.getModulus());
   }
 
+  /**
+   * Provides a hash code for this object using the RSA
+   * modulus.
+   *
+   * @return the hash code of this object.
+   */
+  @Override
+  public int hashCode()
+  {
+    return Objects.hash(n);
+  }
+
+  @Override
   public String toString()
   {
     if (str == null)
       {
-        String ls = (String) AccessController.doPrivileged
+        String ls = AccessController.doPrivileged
             (new GetPropertyAction("line.separator"));
         str = new CPStringBuilder(ls)
             .append("defaultFormat=").append(defaultFormat).append(",").append(ls)
diff --git a/gnu/java/security/key/rsa/GnuRSAPrivateKey.java b/gnu/java/security/key/rsa/GnuRSAPrivateKey.java
index 379650a81..5bc4dd878 100644
--- a/gnu/java/security/key/rsa/GnuRSAPrivateKey.java
+++ b/gnu/java/security/key/rsa/GnuRSAPrivateKey.java
@@ -1,5 +1,6 @@
 /* GnuRSAPrivateKey.java --
-   Copyright 2001, 2002, 2003, 2006, 2014 Free Software Foundation, Inc.
+   Copyright 2001, 2002, 2003, 2006, 2014, 2015
+   Free Software Foundation, Inc.
 
 This file is a part of GNU Classpath.
 
@@ -47,9 +48,9 @@ import gnu.java.security.key.IKeyPairCodec;
 
 import java.math.BigInteger;
 import java.security.AccessController;
-import java.security.PrivateKey;
 import java.security.interfaces.RSAPrivateCrtKey;
 import java.security.interfaces.RSAPrivateKey;
+import java.util.Objects;
 
 /**
  * An object that embodies an RSA private key.
@@ -65,7 +66,7 @@ import java.security.interfaces.RSAPrivateKey;
  */
 public class GnuRSAPrivateKey
     extends GnuRSAKey
-    implements PrivateKey, RSAPrivateCrtKey
+    implements RSAPrivateCrtKey
 {
   private static final long serialVersionUID = -2208207842306185913L;
 
@@ -198,31 +199,37 @@ public class GnuRSAPrivateKey
     return (GnuRSAPrivateKey) new RSAKeyPairPKCS8Codec().decodePrivateKey(k);
   }
 
+  @Override
   public BigInteger getPrimeP()
   {
     return p;
   }
 
+  @Override
   public BigInteger getPrimeQ()
   {
     return q;
   }
 
+  @Override
   public BigInteger getPrimeExponentP()
   {
     return dP;
   }
 
+  @Override
   public BigInteger getPrimeExponentQ()
   {
     return dQ;
   }
 
+  @Override
   public BigInteger getCrtCoefficient()
   {
     return qInv;
   }
 
+  @Override
   public BigInteger getPrivateExponent()
   {
     return d;
@@ -239,6 +246,7 @@ public class GnuRSAPrivateKey
    * @see RSAKeyPairRawCodec
    * @see RSAKeyPairPKCS8Codec
    */
+  @Override
   public byte[] getEncoded(int format)
   {
     final byte[] result;
@@ -265,6 +273,7 @@ public class GnuRSAPrivateKey
    * @return <code>true</code> if the designated object is of the same type
    *         and value as this one.
    */
+  @Override
   public boolean equals(final Object obj)
   {
     if (obj == null)
@@ -287,11 +296,24 @@ public class GnuRSAPrivateKey
     return false;
   }
 
+  /**
+   * Provides a hash code for this object using the RSA
+   * parameter values.
+   *
+   * @return the hash code of this object.
+   */
+  @Override
+  public int hashCode()
+  {
+    return Objects.hash(p, q, dP, dQ, qInv);
+  }
+
+  @Override
   public String toString()
   {
     if (str == null)
       {
-        String ls = (String) AccessController.doPrivileged
+        String ls = AccessController.doPrivileged
             (new GetPropertyAction("line.separator"));
         str = new CPStringBuilder(this.getClass().getName()).append("(")
             .append(super.toString()).append(",").append(ls)
diff --git a/gnu/java/security/key/rsa/GnuRSAPublicKey.java b/gnu/java/security/key/rsa/GnuRSAPublicKey.java
index b8e1ea5b1..917012ce3 100644
--- a/gnu/java/security/key/rsa/GnuRSAPublicKey.java
+++ b/gnu/java/security/key/rsa/GnuRSAPublicKey.java
@@ -1,5 +1,6 @@
 /* GnuRSAPublicKey.java --
-   Copyright 2001, 2002, 2003, 2006, 2014 Free Software Foundation, Inc.
+   Copyright 2001, 2002, 2003, 2006, 2014, 2015
+   Free Software Foundation, Inc.
 
 This file is a part of GNU Classpath.
 
@@ -46,7 +47,6 @@ import gnu.java.security.key.IKeyPairCodec;
 
 import java.math.BigInteger;
 import java.security.AccessController;
-import java.security.PublicKey;
 import java.security.interfaces.RSAPublicKey;
 
 /**
@@ -63,7 +63,7 @@ import java.security.interfaces.RSAPublicKey;
  */
 public class GnuRSAPublicKey
     extends GnuRSAKey
-    implements PublicKey, RSAPublicKey
+    implements RSAPublicKey
 {
   private static final long serialVersionUID = -1206860366945100193L;
 
@@ -137,6 +137,7 @@ public class GnuRSAPublicKey
    * @throws IllegalArgumentException if the format is not supported.
    * @see RSAKeyPairRawCodec
    */
+  @Override
   public byte[] getEncoded(final int format)
   {
     final byte[] result;
@@ -163,6 +164,7 @@ public class GnuRSAPublicKey
    * @return <code>true</code> if the designated object is of the same type
    *         and value as this one.
    */
+  @Override
   public boolean equals(final Object obj)
   {
     if (obj == null)
@@ -176,11 +178,27 @@ public class GnuRSAPublicKey
            && getPublicExponent().equals(that.getPublicExponent());
   }
 
+  /**
+   * Provides a hash code for this object using the RSA
+   * modulus and public exponent, matching the comparisons
+   * used for the {@link #equals(Object)} implementation.
+   *
+   * @return the hash code of this object.
+   * @see #equals(Object)
+   */
+
+  @Override
+  public int hashCode()
+  {
+    return 31 * super.hashCode() + getPublicExponent().hashCode();
+  }
+
+  @Override
   public String toString()
   {
     if (str == null)
       {
-        String ls = (String) AccessController.doPrivileged
+        String ls = AccessController.doPrivileged
             (new GetPropertyAction("line.separator"));
         str = new CPStringBuilder(this.getClass().getName()).append("(")
             .append(super.toString()).append(",").append(ls)
diff --git a/gnu/java/security/key/rsa/RSAKeyPairPKCS8Codec.java b/gnu/java/security/key/rsa/RSAKeyPairPKCS8Codec.java
index ec9874d80..0eece5645 100644
--- a/gnu/java/security/key/rsa/RSAKeyPairPKCS8Codec.java
+++ b/gnu/java/security/key/rsa/RSAKeyPairPKCS8Codec.java
@@ -1,5 +1,5 @@
 /* RSAKeyPairPKCS8Codec.java -- PKCS#8 Encoding/Decoding handler
-   Copyright (C) 2006, 2010, 2014  Free Software Foundation, Inc.
+   Copyright (C) 2006, 2010, 2014, 2015  Free Software Foundation, Inc.
 
 This file is part of GNU Classpath.
 
@@ -71,6 +71,7 @@ public class RSAKeyPairPKCS8Codec
 
   // implicit 0-arguments constructor
 
+  @Override
   public int getFormatID()
   {
     return PKCS8_FORMAT;
@@ -79,6 +80,7 @@ public class RSAKeyPairPKCS8Codec
   /**
    * @throws InvalidParameterException ALWAYS.
    */
+  @Override
   public byte[] encodePublicKey(PublicKey key)
   {
     throw new InvalidParameterException("Wrong format for public keys");
@@ -124,6 +126,7 @@ public class RSAKeyPairPKCS8Codec
    * @throw InvalidParameterException if an error occurs during the marshalling
    *        process.
    */
+  @Override
   public byte[] encodePrivateKey(PrivateKey key)
   {
     if (Configuration.DEBUG)
@@ -203,6 +206,7 @@ public class RSAKeyPairPKCS8Codec
   /**
    * @throws InvalidParameterException ALWAYS.
    */
+  @Override
   public PublicKey decodePublicKey(byte[] input)
   {
     throw new InvalidParameterException("Wrong format for public keys");
@@ -216,6 +220,7 @@ public class RSAKeyPairPKCS8Codec
    * @throw InvalidParameterException if an exception occurs during the
    *        unmarshalling process.
    */
+  @Override
   public PrivateKey decodePrivateKey(byte[] input)
   {
     if (Configuration.DEBUG)
diff --git a/gnu/java/security/key/rsa/RSAKeyPairRawCodec.java b/gnu/java/security/key/rsa/RSAKeyPairRawCodec.java
index f088e794e..b3fb95334 100644
--- a/gnu/java/security/key/rsa/RSAKeyPairRawCodec.java
+++ b/gnu/java/security/key/rsa/RSAKeyPairRawCodec.java
@@ -1,5 +1,6 @@
 /* RSAKeyPairRawCodec.java --
-   Copyright 2001, 2002, 2003, 2006 Free Software Foundation, Inc.
+   Copyright 2001, 2002, 2003, 2006, 2015
+   Free Software Foundation, Inc.
 
 This file is a part of GNU Classpath.
 
@@ -55,6 +56,7 @@ public class RSAKeyPairRawCodec
 {
   // implicit 0-arguments constructor
 
+  @Override
   public int getFormatID()
   {
     return RAW_FORMAT;
@@ -87,6 +89,7 @@ public class RSAKeyPairRawCodec
    * @exception IllegalArgumentException if the designated key is not an RSA
    *                                     one.
    */
+  @Override
   public byte[] encodePublicKey(PublicKey key)
   {
     if (! (key instanceof GnuRSAPublicKey))
@@ -120,6 +123,7 @@ public class RSAKeyPairRawCodec
     return baos.toByteArray();
   }
 
+  @Override
   public PublicKey decodePublicKey(byte[] k)
   {
     // magic
@@ -194,6 +198,7 @@ public class RSAKeyPairRawCodec
    * @param key the key to encode.
    * @return the <i>Raw</i> format encoding of the designated key.
    */
+  @Override
   public byte[] encodePrivateKey(PrivateKey key)
   {
     if (! (key instanceof GnuRSAPrivateKey))
@@ -243,6 +248,7 @@ public class RSAKeyPairRawCodec
     return baos.toByteArray();
   }
 
+  @Override
   public PrivateKey decodePrivateKey(byte[] k)
   {
     // magic
diff --git a/gnu/java/security/pkcs/PKCS7SignedData.java b/gnu/java/security/pkcs/PKCS7SignedData.java
index eccd69141..ea62ec9dc 100644
--- a/gnu/java/security/pkcs/PKCS7SignedData.java
+++ b/gnu/java/security/pkcs/PKCS7SignedData.java
@@ -1,5 +1,6 @@
 /* PKCS7SignedData.java -- reader/writer for PKCS#7 signedData objects
-   Copyright (C) 2004, 2005, 2006, 2010, 2014  Free Software Foundation, Inc.
+   Copyright (C) 2004, 2005, 2006, 2010, 2014, 2015
+   Free Software Foundation, Inc.
 
 This file is part of GNU Classpath.
 
@@ -161,7 +162,7 @@ public class PKCS7SignedData
       throw new BEREncodingException("malformed ContentInfo");
 
     val = ber.read();
-    if (val.getTag() != BER.OBJECT_IDENTIFIER)
+    if (val.getTag() != DER.OBJECT_IDENTIFIER)
       throw new BEREncodingException("malformed ContentType");
 
     if (!PKCS7_SIGNED_DATA.equals(val.getValue()))
@@ -179,7 +180,7 @@ public class PKCS7SignedData
       log.fine("SignedData: " + val);
 
     val = ber.read();
-    if (val.getTag() != BER.INTEGER)
+    if (val.getTag() != DER.INTEGER)
       throw new BEREncodingException("expecting Version");
     version = (BigInteger) val.getValue();
     if (Configuration.DEBUG)
@@ -238,7 +239,7 @@ public class PKCS7SignedData
     if (Configuration.DEBUG)
       log.fine("  ContentInfo: " + val);
     val2 = ber.read();
-    if (val2.getTag() != BER.OBJECT_IDENTIFIER)
+    if (val2.getTag() != DER.OBJECT_IDENTIFIER)
       throw new BEREncodingException("malformed ContentType");
 
     contentType = (OID) val2.getValue();
@@ -295,20 +296,20 @@ public class PKCS7SignedData
           log.fine("  CertificateRevocationLists: " + val);
         count = 0;
         val2 = ber.read();
-        List<CRL> crls = new LinkedList<CRL>();
+        List<CRL> generatedCRLs = new LinkedList<CRL>();
         while (val2 != BER.END_OF_SEQUENCE &&
                (val.getLength() > 0 && val.getLength() > count))
           {
             CRL crl = x509.generateCRL(new ByteArrayInputStream(val2.getEncoded()));
             if (Configuration.DEBUG)
               log.fine("    CRL: " + crl);
-            crls.add(crl);
+            generatedCRLs.add(crl);
             count += val2.getEncodedLength();
             ber.skip(val2.getLength());
             if (BERValue.isIndefinite(val) || val.getLength() > count)
               val2 = ber.read();
           }
-        this.crls = crls.toArray(new CRL[crls.size()]);
+        crls = generatedCRLs.toArray(new CRL[generatedCRLs.size()]);
         val = ber.read();
       }
 
diff --git a/gnu/java/security/pkcs/SignerInfo.java b/gnu/java/security/pkcs/SignerInfo.java
index 155eaaefa..6547d437b 100644
--- a/gnu/java/security/pkcs/SignerInfo.java
+++ b/gnu/java/security/pkcs/SignerInfo.java
@@ -1,5 +1,6 @@
 /* SignerInfo.java -- a SignerInfo object, from PKCS #7
-   Copyright (C) 2004, 2005, 2010. 2014  Free Software Foundation, Inc.
+   Copyright (C) 2004, 2005, 2010. 2014, 2015
+   Free Software Foundation, Inc.
 
 This file is part of GNU Classpath.
 
@@ -108,7 +109,7 @@ public class SignerInfo
       throw new BEREncodingException("malformed SignerInfo");
 
     val = ber.read();
-    if (val.getTag() != BER.INTEGER)
+    if (val.getTag() != DER.INTEGER)
       throw new BEREncodingException("malformed Version");
 
     version = (BigInteger) val.getValue();
@@ -131,7 +132,7 @@ public class SignerInfo
       log.fine("    Issuer: " + issuer);
 
     val = ber.read();
-    if (val.getTag() != BER.INTEGER)
+    if (val.getTag() != DER.INTEGER)
       throw new BEREncodingException("malformed SerialNumber");
 
     serialNumber = (BigInteger) val.getValue();
@@ -145,7 +146,7 @@ public class SignerInfo
       log.fine("  DigestAlgorithmIdentifier: " + val);
 
     DERValue val2 = ber.read();
-    if (val2.getTag() != BER.OBJECT_IDENTIFIER)
+    if (val2.getTag() != DER.OBJECT_IDENTIFIER)
       throw new BEREncodingException("malformed AlgorithmIdentifier");
 
     digestAlgorithmId = (OID) val2.getValue();
@@ -205,7 +206,7 @@ public class SignerInfo
     if (Configuration.DEBUG)
       log.fine("  DigestEncryptionAlgorithmIdentifier: " + val);
     val2 = ber.read();
-    if (val2.getTag() != BER.OBJECT_IDENTIFIER)
+    if (val2.getTag() != DER.OBJECT_IDENTIFIER)
       throw new BEREncodingException("malformed AlgorithmIdentifier");
 
     digestEncryptionAlgorithmId = (OID) val2.getValue();
@@ -242,7 +243,7 @@ public class SignerInfo
                                  "    digestEncryptionAlgorithm params: "));
       }
     val = ber.read();
-    if (val.getTag() != BER.OCTET_STRING)
+    if (val.getTag() != DER.OCTET_STRING)
       throw new BEREncodingException("malformed EncryptedDigest");
 
     encryptedDigest = (byte[]) val.getValue();
diff --git a/gnu/java/security/prng/BasePRNG.java b/gnu/java/security/prng/BasePRNG.java
index 35b6c441a..d9453b558 100644
--- a/gnu/java/security/prng/BasePRNG.java
+++ b/gnu/java/security/prng/BasePRNG.java
@@ -1,5 +1,6 @@
 /* BasePRNG.java --
-   Copyright (C) 2001, 2002, 2006, 2014 Free Software Foundation, Inc.
+   Copyright (C) 2001, 2002, 2006, 2014, 2015
+   Free Software Foundation, Inc.
 
 This file is a part of GNU Classpath.
 
@@ -143,13 +144,13 @@ public abstract class BasePRNG
   }
 
   @Override  
-  public void addRandomBytes(byte[] buffer)
+  public void addRandomBytes(byte[] buf)
   {
-    addRandomBytes(buffer, 0, buffer.length);
+    addRandomBytes(buf, 0, buf.length);
   }
 
   @Override
-  public void addRandomBytes(byte[] buffer, int offset, int length)
+  public void addRandomBytes(byte[] buf, int offset, int length)
   {
     throw new UnsupportedOperationException("random state is non-modifiable");
   }
@@ -174,8 +175,8 @@ public abstract class BasePRNG
   public Object clone() throws CloneNotSupportedException
   {
     BasePRNG result = (BasePRNG) super.clone();
-    if (this.buffer != null)
-      result.buffer = (byte[]) this.buffer.clone();
+    if (buffer != null)
+      result.buffer = buffer.clone();
 
     return result;
   }
diff --git a/gnu/java/security/prng/MDGenerator.java b/gnu/java/security/prng/MDGenerator.java
index 66c1bd85a..781d139c8 100644
--- a/gnu/java/security/prng/MDGenerator.java
+++ b/gnu/java/security/prng/MDGenerator.java
@@ -1,5 +1,6 @@
 /* MDGenerator.java --
-   Copyright (C) 2001, 2002, 2006, 2014  Free Software Foundation, Inc.
+   Copyright (C) 2001, 2002, 2006, 2014, 2015
+   Free Software Foundation, Inc.
 
 This file is a part of GNU Classpath.
 
@@ -54,7 +55,6 @@ import java.util.Map;
  */
 public class MDGenerator
     extends BasePRNG
-    implements Cloneable
 {
   /** Property name of underlying hash algorithm for this generator. */
   public static final String MD_NAME = "gnu.crypto.prng.md.hash.name";
diff --git a/gnu/java/security/prng/RandomEvent.java b/gnu/java/security/prng/RandomEvent.java
index eea21b576..674b52959 100644
--- a/gnu/java/security/prng/RandomEvent.java
+++ b/gnu/java/security/prng/RandomEvent.java
@@ -1,5 +1,5 @@
 /* RandomEvent.java -- an event with random data.
-   Copyright (C) 2004, 2006, 2014 Free Software Foundation, Inc.
+   Copyright (C) 2004, 2006, 2014, 2015 Free Software Foundation, Inc.
 
 This file is a part of GNU Classpath.
 
@@ -63,7 +63,7 @@ public class RandomEvent
     if (data.length == 0 || data.length > 32)
       throw new IllegalArgumentException(
           "random events take between 1 and 32 bytes of data");
-    this.data = (byte[]) data.clone();
+    this.data = data.clone();
   }
 
   public byte getSourceNumber()
diff --git a/gnu/java/security/provider/DefaultPolicy.java b/gnu/java/security/provider/DefaultPolicy.java
index 566c949da..d54b6a5dc 100644
--- a/gnu/java/security/provider/DefaultPolicy.java
+++ b/gnu/java/security/provider/DefaultPolicy.java
@@ -1,5 +1,5 @@
 /* DefaultPolicy.java --
-   Copyright (C) 2001, 2002 Free Software Foundation, Inc.
+   Copyright (C) 2001, 2002, 2015 Free Software Foundation, Inc.
 
 This file is part of GNU Classpath.
 
@@ -54,6 +54,7 @@ public class DefaultPolicy extends Policy
 {
   static Permission allPermission = new AllPermission();
 
+  @Override
   public PermissionCollection getPermissions(CodeSource codesource)
   {
     Permissions perms = new Permissions();
@@ -61,6 +62,7 @@ public class DefaultPolicy extends Policy
     return perms;
   }
 
+  @Override
   public void refresh()
   {
     // Nothing.
diff --git a/gnu/java/security/provider/Gnu.java b/gnu/java/security/provider/Gnu.java
index 1410d9cbf..b1d5c80b2 100644
--- a/gnu/java/security/provider/Gnu.java
+++ b/gnu/java/security/provider/Gnu.java
@@ -57,6 +57,7 @@ public final class Gnu
           + "key pair generator");
     AccessController.doPrivileged (new PrivilegedAction<Void>()
     {
+      @Override
       public Void run()
       {
         // Note that all implementation class names are referenced by using
diff --git a/gnu/java/security/provider/PKIXCertPathValidatorImpl.java b/gnu/java/security/provider/PKIXCertPathValidatorImpl.java
index 7d6169175..e7504b013 100644
--- a/gnu/java/security/provider/PKIXCertPathValidatorImpl.java
+++ b/gnu/java/security/provider/PKIXCertPathValidatorImpl.java
@@ -1,5 +1,6 @@
 /* PKIXCertPathValidatorImpl.java -- PKIX certificate path validator.
-   Copyright (C) 2004, 2005, 2006, 2010, 2014 Free Software Foundation, Inc.
+   Copyright (C) 2004, 2005, 2006, 2010, 2014, 2015
+   Free Software Foundation, Inc.
 
 This file is part of GNU Classpath.
 
@@ -110,6 +111,7 @@ public class PKIXCertPathValidatorImpl
     super();
   }
 
+  @Override
   public CertPathValidatorResult engineValidate(CertPath path,
                                                 CertPathParameters params)
       throws CertPathValidatorException, InvalidAlgorithmParameterException
@@ -144,7 +146,7 @@ public class PKIXCertPathValidatorImpl
     X509Certificate[] p = null;
     try
       {
-        p = (X509Certificate[]) l.toArray(new X509Certificate[l.size()]);
+        p = l.toArray(new X509Certificate[l.size()]);
       }
     catch (ClassCastException cce)
       {
@@ -287,8 +289,7 @@ public class PKIXCertPathValidatorImpl
                   continue;
                 if (xcrl.isRevoked(p[i - 1]))
                   throw new CertPathValidatorException("certificate is revoked");
-                else
-                  certOk = true;
+		certOk = true;
               }
             if (! certOk)
               throw new CertPathValidatorException(
@@ -672,7 +673,7 @@ public class PKIXCertPathValidatorImpl
       throw new CertPathValidatorException("policy tree building failed");
   }
 
-  private boolean checkExplicitPolicy(int depth, List<int[]> explicitPolicies)
+  private static boolean checkExplicitPolicy(int depth, List<int[]> explicitPolicies)
   {
     if (Configuration.DEBUG)
       log.fine("checkExplicitPolicy depth=" + depth);
diff --git a/gnu/java/security/provider/X509CertificateFactory.java b/gnu/java/security/provider/X509CertificateFactory.java
index 4fc13d238..a76913da6 100644
--- a/gnu/java/security/provider/X509CertificateFactory.java
+++ b/gnu/java/security/provider/X509CertificateFactory.java
@@ -1,5 +1,5 @@
 /* X509CertificateFactory.java -- generates X.509 certificates.
-   Copyright (C) 2003, 2014 Free Software Foundation, Inc.
+   Copyright (C) 2003, 2014, 2015 Free Software Foundation, Inc.
 
 This file is part of GNU Classpath.
 
@@ -183,7 +183,7 @@ public class X509CertificateFactory
     return X509CertPath.ENCODINGS.iterator();
   }
 
-  private X509Certificate generateCert(InputStream inStream)
+  private static X509Certificate generateCert(InputStream inStream)
       throws IOException, CertificateException
   {
     if (inStream == null)
@@ -235,15 +235,12 @@ public class X509CertificateFactory
           throw new CertificateException("no end-of-certificate marker");
         return ret;
       }
-    else
-      {
-        inStream.reset();
-        return new X509Certificate(inStream);
-      }
+    inStream.reset();
+    return new X509Certificate(inStream);
   }
 
-  private X509CRL generateCRL(InputStream inStream) throws IOException,
-      CRLException
+  private static X509CRL generateCRL(InputStream inStream)
+    throws IOException, CRLException
   {
     if (inStream == null)
       throw new CRLException("missing input stream");
@@ -294,10 +291,7 @@ public class X509CertificateFactory
           throw new CRLException("no end-of-CRL marker");
         return ret;
       }
-    else
-      {
-        inStream.reset();
-        return new X509CRL(inStream);
-      }
+    inStream.reset();
+    return new X509CRL(inStream);
   }
 }
diff --git a/gnu/java/security/sig/SignatureCodecFactory.java b/gnu/java/security/sig/SignatureCodecFactory.java
index 7bf04ff40..59ef812ed 100644
--- a/gnu/java/security/sig/SignatureCodecFactory.java
+++ b/gnu/java/security/sig/SignatureCodecFactory.java
@@ -1,5 +1,5 @@
 /* SignatureCodecFactory.java -- Factory to instantiate Signature codecs
-   Copyright (C) 2006, 2014 Free Software Foundation, Inc.
+   Copyright (C) 2006, 2014, 2015 Free Software Foundation, Inc.
 
 This file is part of GNU Classpath.
 
@@ -145,9 +145,9 @@ public class SignatureCodecFactory
         return getRawCodec(name);
       case Registry.X509_ENCODING_ID:
         return getX509Codec(name);
+      default:
+	return null;
       }
-
-    return null;
   }
 
   /**
diff --git a/gnu/java/security/sig/dss/DSSSignature.java b/gnu/java/security/sig/dss/DSSSignature.java
index 5e098e337..9b65df54e 100644
--- a/gnu/java/security/sig/dss/DSSSignature.java
+++ b/gnu/java/security/sig/dss/DSSSignature.java
@@ -220,7 +220,7 @@ public class DSSSignature
    * @return an object encapsulating the DSS signature pair <code>r</code> and
    *         <code>s</code>.
    */
-  private Object encodeSignature(BigInteger r, BigInteger s)
+  private static Object encodeSignature(BigInteger r, BigInteger s)
   {
     return new BigInteger[] { r, s };
   }
@@ -231,7 +231,7 @@ public class DSSSignature
    *
    * @return the DSS signature pair <code>r</code> and <code>s</code>.
    */
-  private BigInteger[] decodeSignature(Object signature)
+  private static BigInteger[] decodeSignature(Object signature)
   {
     return (BigInteger[]) signature;
   }
diff --git a/gnu/java/security/sig/dss/DSSSignatureRawCodec.java b/gnu/java/security/sig/dss/DSSSignatureRawCodec.java
index 169f84bd1..1c21d5ef6 100644
--- a/gnu/java/security/sig/dss/DSSSignatureRawCodec.java
+++ b/gnu/java/security/sig/dss/DSSSignatureRawCodec.java
@@ -1,5 +1,6 @@
 /* DSSSignatureRawCodec.java --
-   Copyright (C) 2001, 2002, 2003, 2006 Free Software Foundation, Inc.
+   Copyright (C) 2001, 2002, 2003, 2006, 2015
+   Free Software Foundation, Inc.
 
 This file is a part of GNU Classpath.
 
@@ -51,6 +52,7 @@ import java.math.BigInteger;
 public class DSSSignatureRawCodec
     implements ISignatureCodec
 {
+  @Override
   public int getFormatID()
   {
     return RAW_FORMAT;
@@ -86,6 +88,7 @@ public class DSSSignatureRawCodec
    * @exception IllegalArgumentException if the designated signature is not a
    *              DSS (Digital Signature Standard) one.
    */
+  @Override
   public byte[] encodeSignature(Object signature)
   {
     BigInteger r, s;
@@ -126,6 +129,7 @@ public class DSSSignatureRawCodec
     return baos.toByteArray();
   }
 
+  @Override
   public Object decodeSignature(byte[] k)
   {
     // magic
diff --git a/gnu/java/security/sig/dss/DSSSignatureX509Codec.java b/gnu/java/security/sig/dss/DSSSignatureX509Codec.java
index f7aeda4f0..6d97ccac5 100644
--- a/gnu/java/security/sig/dss/DSSSignatureX509Codec.java
+++ b/gnu/java/security/sig/dss/DSSSignatureX509Codec.java
@@ -1,5 +1,5 @@
 /* DSSSignatureX509Codec.java -- X.509 encoder/decoder for DSS signatures
-   Copyright (C) 2006, 2014 Free Software Foundation, Inc.
+   Copyright (C) 2006, 2014, 2015 Free Software Foundation, Inc.
 
 This file is part of GNU Classpath.
 
@@ -103,6 +103,7 @@ public class DSSSignatureX509Codec
 {
   // implicit 0-arguments constructor
 
+  @Override
   public int getFormatID()
   {
     return Registry.X509_ENCODING_ID;
@@ -123,6 +124,7 @@ public class DSSSignatureX509Codec
    * @throws InvalidParameterException if an exception occurs during the
    *           marshalling process.
    */
+  @Override
   public byte[] encodeSignature(Object signature)
   {
     BigInteger[] rs = (BigInteger[]) signature;
@@ -162,6 +164,7 @@ public class DSSSignatureX509Codec
    * @throw InvalidParameterException if an exception occurs during the
    *        unmarshalling process.
    */
+  @Override
   public Object decodeSignature(byte[] input)
   {
     if (input == null)
diff --git a/gnu/java/security/sig/rsa/EMSA_PKCS1_V1_5.java b/gnu/java/security/sig/rsa/EMSA_PKCS1_V1_5.java
index fad0ac552..905413595 100644
--- a/gnu/java/security/sig/rsa/EMSA_PKCS1_V1_5.java
+++ b/gnu/java/security/sig/rsa/EMSA_PKCS1_V1_5.java
@@ -1,5 +1,6 @@
 /* EMSA_PKCS1_V1_5.java --
-   Copyright (C) 2003, 2006, 2014 Free Software Foundation, Inc.
+   Copyright (C) 2003, 2006, 2014, 2015
+   Free Software Foundation, Inc.
 
 This file is a part of GNU Classpath.
 
@@ -171,6 +172,7 @@ public class EMSA_PKCS1_V1_5
     return new EMSA_PKCS1_V1_5(hash);
   }
 
+  @Override
   public Object clone()
   {
     return getInstance(hash.name());
diff --git a/gnu/java/security/sig/rsa/EMSA_PSS.java b/gnu/java/security/sig/rsa/EMSA_PSS.java
index 7a8e591a3..38a0af1ff 100644
--- a/gnu/java/security/sig/rsa/EMSA_PSS.java
+++ b/gnu/java/security/sig/rsa/EMSA_PSS.java
@@ -1,5 +1,6 @@
 /* EMSA_PSS.java --
-   Copyright (C) 2001, 2002, 2003, 2006, 2010 Free Software Foundation, Inc.
+   Copyright (C) 2001, 2002, 2003, 2006, 2010, 2015
+   Free Software Foundation, Inc.
 
 This file is a part of GNU Classpath.
 
@@ -109,6 +110,7 @@ public class EMSA_PSS
     return new EMSA_PSS(hash);
   }
 
+  @Override
   public Object clone()
   {
     return getInstance(hash.name());
diff --git a/gnu/java/security/sig/rsa/RSA.java b/gnu/java/security/sig/rsa/RSA.java
index 343b2cf65..9a99e2404 100644
--- a/gnu/java/security/sig/rsa/RSA.java
+++ b/gnu/java/security/sig/rsa/RSA.java
@@ -242,6 +242,7 @@ public class RSA
     return result;
   }
 
+  @SuppressWarnings("null") // r != null if rsaBlinding = true
   private static final BigInteger RSADP(final RSAPrivateKey K, BigInteger c)
   {
     // 1. If the representative c is not between 0 and n - 1, output
diff --git a/gnu/java/security/sig/rsa/RSAPKCS1V1_5Signature.java b/gnu/java/security/sig/rsa/RSAPKCS1V1_5Signature.java
index 1420331de..9e350b50e 100644
--- a/gnu/java/security/sig/rsa/RSAPKCS1V1_5Signature.java
+++ b/gnu/java/security/sig/rsa/RSAPKCS1V1_5Signature.java
@@ -1,5 +1,5 @@
 /* RSAPKCS1V1_5Signature.java --
-   Copyright (C) 2001, 2002, 2003, 2006 Free Software Foundation, Inc.
+   Copyright (C) 2001, 2002, 2003, 2006, 2015 Free Software Foundation, Inc.
 
 This file is a part of GNU Classpath.
 
@@ -111,11 +111,13 @@ public class RSAPKCS1V1_5Signature
     this.pkcs1 = (EMSA_PKCS1_V1_5) that.pkcs1.clone();
   }
 
+  @Override
   public Object clone()
   {
     return new RSAPKCS1V1_5Signature(this);
   }
 
+  @Override
   protected void setupForVerification(final PublicKey k)
       throws IllegalArgumentException
   {
@@ -125,6 +127,7 @@ public class RSAPKCS1V1_5Signature
     publicKey = k;
   }
 
+  @Override
   protected void setupForSigning(final PrivateKey k)
       throws IllegalArgumentException
   {
@@ -134,6 +137,7 @@ public class RSAPKCS1V1_5Signature
     privateKey = k;
   }
 
+  @Override
   protected Object generateSignature() throws IllegalStateException
   {
     // 1. EMSA-PKCS1-v1_5 encoding: Apply the EMSA-PKCS1-v1_5 encoding
@@ -163,6 +167,7 @@ public class RSAPKCS1V1_5Signature
     return RSA.I2OSP(s, k);
   }
 
+  @Override
   protected boolean verifySignature(final Object sig)
       throws IllegalStateException
   {
diff --git a/gnu/java/security/sig/rsa/RSAPKCS1V1_5SignatureRawCodec.java b/gnu/java/security/sig/rsa/RSAPKCS1V1_5SignatureRawCodec.java
index 548dc3deb..f1e09718a 100644
--- a/gnu/java/security/sig/rsa/RSAPKCS1V1_5SignatureRawCodec.java
+++ b/gnu/java/security/sig/rsa/RSAPKCS1V1_5SignatureRawCodec.java
@@ -1,5 +1,5 @@
 /* RSAPKCS1V1_5SignatureRawCodec.java -- Raw RSA PKCS1 v1.5 signature codeec
-   Copyright (C) 2006 Free Software Foundation, Inc.
+   Copyright (C) 2006, 2015 Free Software Foundation, Inc.
 
 This file is part of GNU Classpath.
 
@@ -50,6 +50,7 @@ import gnu.java.security.sig.ISignatureCodec;
 public class RSAPKCS1V1_5SignatureRawCodec
     implements ISignatureCodec
 {
+  @Override
   public int getFormatID()
   {
     return RAW_FORMAT;
@@ -79,6 +80,7 @@ public class RSAPKCS1V1_5SignatureRawCodec
    * @exception IllegalArgumentException if the designated signature is not an
    *              RSA-PKCS#1 (v1.5) one.
    */
+  @Override
   public byte[] encodeSignature(Object signature)
   {
     byte[] buffer;
@@ -124,6 +126,7 @@ public class RSAPKCS1V1_5SignatureRawCodec
    *           with the right <i>magic</i> characters, or if the <i>version</i>
    *           is not supported.
    */
+  @Override
   public Object decodeSignature(byte[] input)
   {
     // magic
diff --git a/gnu/java/security/sig/rsa/RSAPKCS1V1_5SignatureX509Codec.java b/gnu/java/security/sig/rsa/RSAPKCS1V1_5SignatureX509Codec.java
index ee8586f7d..c6fd5d340 100644
--- a/gnu/java/security/sig/rsa/RSAPKCS1V1_5SignatureX509Codec.java
+++ b/gnu/java/security/sig/rsa/RSAPKCS1V1_5SignatureX509Codec.java
@@ -1,5 +1,5 @@
 /* RSAPSSSignatureX509Codec.java -- X.509 encoder/decoder for RSA signatures
-   Copyright (C) 2006 Free Software Foundation, Inc.
+   Copyright (C) 2006, 2015 Free Software Foundation, Inc.
 
 This file is part of GNU Classpath.
 
@@ -87,6 +87,7 @@ public class RSAPKCS1V1_5SignatureX509Codec
 {
   // default 0-arguments constructor
 
+  @Override
   public int getFormatID()
   {
     return Registry.X509_ENCODING_ID;
@@ -103,6 +104,7 @@ public class RSAPKCS1V1_5SignatureX509Codec
    * @return the raw bytes of an RSA signature which could be then used as the
    *         contents of a BIT STRING as per rfc-2459.
    */
+  @Override
   public byte[] encodeSignature(Object signature)
   {
     byte[] result = (byte[]) signature;
@@ -118,6 +120,7 @@ public class RSAPKCS1V1_5SignatureX509Codec
    *         case of RSA PKCS1 (v1.5) this is the same as the input.
    * @throw InvalidParameterException if the <code>input</code> array is null.
    */
+  @Override
   public Object decodeSignature(byte[] input)
   {
     if (input == null)
diff --git a/gnu/java/security/sig/rsa/RSAPSSSignature.java b/gnu/java/security/sig/rsa/RSAPSSSignature.java
index 7b042f77f..f9aaade48 100644
--- a/gnu/java/security/sig/rsa/RSAPSSSignature.java
+++ b/gnu/java/security/sig/rsa/RSAPSSSignature.java
@@ -1,5 +1,6 @@
 /* RSAPSSSignature.java --
-   Copyright (C) 2001, 2002, 2003, 2006, 2010 Free Software Foundation, Inc.
+   Copyright (C) 2001, 2002, 2003, 2006, 2010, 2015
+   Free Software Foundation, Inc.
 
 This file is a part of GNU Classpath.
 
@@ -136,28 +137,32 @@ public class RSAPSSSignature
     this.pss = (EMSA_PSS) that.pss.clone();
   }
 
+  @Override
   public Object clone()
   {
     return new RSAPSSSignature(this);
   }
 
+  @Override
   protected void setupForVerification(PublicKey k)
       throws IllegalArgumentException
   {
     if (! (k instanceof RSAPublicKey))
       throw new IllegalArgumentException();
 
-    publicKey = (RSAPublicKey) k;
+    publicKey = k;
   }
 
+  @Override
   protected void setupForSigning(PrivateKey k) throws IllegalArgumentException
   {
     if (! (k instanceof RSAPrivateKey))
       throw new IllegalArgumentException();
 
-    privateKey = (RSAPrivateKey) k;
+    privateKey = k;
   }
 
+  @Override
   protected Object generateSignature() throws IllegalStateException
   {
     // 1. Apply the EMSA-PSS encoding operation to the message M to produce an
@@ -189,6 +194,7 @@ public class RSAPSSSignature
     return RSA.I2OSP(s, k);
   }
 
+  @Override
   protected boolean verifySignature(Object sig) throws IllegalStateException
   {
     if (publicKey == null)
diff --git a/gnu/java/security/sig/rsa/RSAPSSSignatureRawCodec.java b/gnu/java/security/sig/rsa/RSAPSSSignatureRawCodec.java
index b147ea3ea..7b1166291 100644
--- a/gnu/java/security/sig/rsa/RSAPSSSignatureRawCodec.java
+++ b/gnu/java/security/sig/rsa/RSAPSSSignatureRawCodec.java
@@ -1,5 +1,5 @@
 /* RSAPSSSignatureRawCodec.java --
-   Copyright (C) 2001, 2002, 2003, 2006 Free Software Foundation, Inc.
+   Copyright (C) 2001, 2002, 2003, 2006, 2015 Free Software Foundation, Inc.
 
 This file is a part of GNU Classpath.
 
@@ -52,6 +52,7 @@ public class RSAPSSSignatureRawCodec
 {
   // implicit 0-arguments constructor
 
+  @Override
   public int getFormatID()
   {
     return RAW_FORMAT;
@@ -80,6 +81,7 @@ public class RSAPSSSignatureRawCodec
    * @exception IllegalArgumentException if the designated signature is not an
    *              RSA-PSS one.
    */
+  @Override
   public byte[] encodeSignature(Object signature)
   {
     byte[] buffer;
@@ -109,6 +111,7 @@ public class RSAPSSSignatureRawCodec
     return baos.toByteArray();
   }
 
+  @Override
   public Object decodeSignature(byte[] k)
   {
     // magic
diff --git a/gnu/java/security/util/ByteArray.java b/gnu/java/security/util/ByteArray.java
index a9b9e5d00..c7f8dce11 100644
--- a/gnu/java/security/util/ByteArray.java
+++ b/gnu/java/security/util/ByteArray.java
@@ -1,5 +1,5 @@
 /* ByteArray.java -- wrapper around a byte array, with nice toString output.
-   Copyright (C) 2005  Free Software Foundation, Inc.
+   Copyright (C) 2005, 2015  Free Software Foundation, Inc.
 
 This file is part of GNU Classpath.
 
@@ -57,6 +57,7 @@ public final class ByteArray
     return value;
   }
 
+  @Override
   public String toString ()
   {
     StringWriter str = new StringWriter ();
diff --git a/gnu/java/security/util/ByteBufferOutputStream.java b/gnu/java/security/util/ByteBufferOutputStream.java
index 642ccdf68..70dc909c7 100644
--- a/gnu/java/security/util/ByteBufferOutputStream.java
+++ b/gnu/java/security/util/ByteBufferOutputStream.java
@@ -1,6 +1,6 @@
 /* ByteBufferOutputStream.java -- output stream with a growable underlying
                                   byte buffer.
-   Copyright (C) 2006  Free Software Foundation, Inc.
+   Copyright (C) 2006, 2015  Free Software Foundation, Inc.
 
 This file is a part of GNU Classpath.
 
@@ -98,6 +98,7 @@ public class ByteBufferOutputStream extends OutputStream
     return ((ByteBuffer) buffer.duplicate().flip()).slice();
   }
 
+  @Override
   public String toString()
   {
     return super.toString() + " [ buffer: " + buffer + " ]";
diff --git a/gnu/java/security/util/ExpirableObject.java b/gnu/java/security/util/ExpirableObject.java
index e24af249a..c2551c70b 100644
--- a/gnu/java/security/util/ExpirableObject.java
+++ b/gnu/java/security/util/ExpirableObject.java
@@ -1,5 +1,5 @@
 /* ExpirableObject.java -- an object that is automatically destroyed.
-   Copyright (C) 2004, 2006 Free Software Foundation, Inc.
+   Copyright (C) 2004, 2006, 2015 Free Software Foundation, Inc.
 
 This file is a part of GNU Classpath.
 
@@ -107,6 +107,7 @@ public abstract class ExpirableObject
    *
    * @throws DestroyFailedException If this operation fails.
    */
+  @Override
   public final void destroy() throws DestroyFailedException
   {
     doDestroy();
@@ -135,6 +136,7 @@ public abstract class ExpirableObject
       this.target = target;
     }
 
+    @Override
     public void run()
     {
       try
diff --git a/gnu/java/security/util/FormatUtil.java b/gnu/java/security/util/FormatUtil.java
index 35da322b8..e9bb253f8 100644
--- a/gnu/java/security/util/FormatUtil.java
+++ b/gnu/java/security/util/FormatUtil.java
@@ -1,5 +1,5 @@
 /* FormatUtil.java -- Encoding and decoding format utility methods
-   Copyright (C) 2006 Free Software Foundation, Inc.
+   Copyright (C) 2006, 2015 Free Software Foundation, Inc.
 
 This file is part of GNU Classpath.
 
@@ -60,7 +60,7 @@ public class FormatUtil
    */
   public static final String getEncodingName(int formatID)
   {
-    String result = null;
+    String result;
     switch (formatID)
       {
       case Registry.RAW_ENCODING_ID:
@@ -75,6 +75,8 @@ public class FormatUtil
       case Registry.ASN1_ENCODING_ID:
         result = Registry.ASN1_ENCODING;
         break;
+      default:
+	result = null;
       }
 
     return result;
@@ -90,7 +92,7 @@ public class FormatUtil
    */
   public static final String getEncodingShortName(int formatID)
   {
-    String result = null;
+    String result;
     switch (formatID)
       {
       case Registry.RAW_ENCODING_ID:
@@ -105,6 +107,8 @@ public class FormatUtil
       case Registry.ASN1_ENCODING_ID:
         result = Registry.ASN1_ENCODING_SHORT_NAME;
         break;
+      default:
+	result = null;
       }
 
     return result;
diff --git a/gnu/java/security/util/Sequence.java b/gnu/java/security/util/Sequence.java
index 8069ce891..ac9427137 100644
--- a/gnu/java/security/util/Sequence.java
+++ b/gnu/java/security/util/Sequence.java
@@ -1,5 +1,5 @@
 /* Sequence.java -- a sequence of integers.
-   Copyright (C) 2004, 2006, 2014 Free Software Foundation, Inc.
+   Copyright (C) 2004, 2006, 2014, 2015 Free Software Foundation, Inc.
 
 This file is a part of GNU Classpath.
 
@@ -122,13 +122,15 @@ public final class Sequence
     return sequence[index];
   }
 
+  @Override
   public int size()
   {
     return sequence.length;
   }
 
+  @Override
   public Object[] toArray()
   {
-    return (Object[]) sequence.clone();
+    return sequence.clone();
   }
 }
diff --git a/gnu/java/security/util/SimpleList.java b/gnu/java/security/util/SimpleList.java
index 2d3bd3525..cf0d64b3c 100644
--- a/gnu/java/security/util/SimpleList.java
+++ b/gnu/java/security/util/SimpleList.java
@@ -1,5 +1,5 @@
 /* SimpleList.java -- simple way to make tuples.
-   Copyright (C) 2004, 2006, 2014 Free Software Foundation, Inc.
+   Copyright (C) 2004, 2006, 2014, 2015 Free Software Foundation, Inc.
 
 This file is a part of GNU Classpath.
 
@@ -131,6 +131,7 @@ public final class SimpleList
       elements[i++] = o;
   }
 
+  @Override
   public int size()
   {
     if (elements == null)
@@ -138,6 +139,7 @@ public final class SimpleList
     return elements.length;
   }
 
+  @Override
   public Object get(int index)
   {
     if (elements == null)
@@ -147,6 +149,7 @@ public final class SimpleList
     return elements[index];
   }
 
+  @Override
   public String toString()
   {
     return SimpleList.class.getName() + "(" + size() + ") " + super.toString();
diff --git a/gnu/java/security/util/Util.java b/gnu/java/security/util/Util.java
index ef3d480a0..5bbb7264b 100644
--- a/gnu/java/security/util/Util.java
+++ b/gnu/java/security/util/Util.java
@@ -1,5 +1,5 @@
 /* Util.java -- various utility routines.
-   Copyright (C) 2001, 2002, 2003, 2006 Free Software Foundation, Inc.
+   Copyright (C) 2001, 2002, 2003, 2006, 2015 Free Software Foundation, Inc.
 
 This file is a part of GNU Classpath.
 
@@ -467,6 +467,7 @@ public class Util
         b1 = buffer[0];
         b2 = buffer[1];
         break;
+      default: // do nothing
       }
     CPStringBuilder sb = new CPStringBuilder();
     int c;
@@ -499,19 +500,16 @@ public class Util
           }
         if (pos >= len)
           break;
-        else
-          {
-            try
-              {
-                b0 = buffer[pos++];
-                b1 = buffer[pos++];
-                b2 = buffer[pos++];
-              }
-            catch (ArrayIndexOutOfBoundsException x)
-              {
-                break;
-              }
-          }
+	try
+	  {
+	    b0 = buffer[pos++];
+	    b1 = buffer[pos++];
+	    b2 = buffer[pos++];
+	  }
+	catch (ArrayIndexOutOfBoundsException x)
+	  {
+	    break;
+	  }
       }
     while (true);
 
diff --git a/gnu/java/security/x509/PolicyNodeImpl.java b/gnu/java/security/x509/PolicyNodeImpl.java
index 65dd472c7..c5c74cd14 100644
--- a/gnu/java/security/x509/PolicyNodeImpl.java
+++ b/gnu/java/security/x509/PolicyNodeImpl.java
@@ -1,5 +1,5 @@
 /* PolicyNodeImpl.java -- An implementation of a policy tree node.
-   Copyright (C) 2004, 2014  Free Software Foundation, Inc.
+   Copyright (C) 2004, 2014, 2015  Free Software Foundation, Inc.
 
 This file is part of GNU Classpath.
 
@@ -116,11 +116,11 @@ public final class PolicyNodeImpl implements PolicyNode
     expectedPolicies.addAll(policies);
   }
 
-  public void addExpectedPolicy(String policy)
+  public void addExpectedPolicy(String expectedPolicy)
   {
     if (readOnly)
       throw new IllegalStateException("read only");
-    expectedPolicies.add(policy);
+    expectedPolicies.add(expectedPolicy);
   }
 
   @Override
@@ -135,14 +135,18 @@ public final class PolicyNodeImpl implements PolicyNode
     return parent;
   }
 
-  public void addAllPolicyQualifiers (Collection<? extends PolicyQualifierInfo> qualifiers)
+  public void addAllPolicyQualifiers (Collection<? extends PolicyQualifierInfo> policyQualifiers)
   {
-    for (Iterator<? extends PolicyQualifierInfo> it = qualifiers.iterator(); it.hasNext(); )
+    try
       {
-        if (!(it.next() instanceof PolicyQualifierInfo))
-          throw new IllegalArgumentException ("can only add PolicyQualifierInfos");
+	for (Iterator<? extends PolicyQualifierInfo> it = policyQualifiers.iterator(); it.hasNext();) { it.next(); }
       }
-    this.qualifiers.addAll (qualifiers);
+    catch (ClassCastException ex)
+      {
+	throw new IllegalArgumentException ("can only add PolicyQualifierInfos",
+					    ex);
+      }
+    qualifiers.addAll (policyQualifiers);
   }
 
   public void addPolicyQualifier (PolicyQualifierInfo qualifier)
@@ -192,7 +196,8 @@ public final class PolicyNodeImpl implements PolicyNode
     for (Iterator<? extends PolicyNode> it = getChildren(); it.hasNext(); )
       ((PolicyNodeImpl) it.next()).setReadOnly();
   }
-
+  
+  @Override
   public String toString()
   {
     CPStringBuilder buf = new CPStringBuilder();
diff --git a/gnu/java/security/x509/X500DistinguishedName.java b/gnu/java/security/x509/X500DistinguishedName.java
index ab7f99aa9..7c028444c 100644
--- a/gnu/java/security/x509/X500DistinguishedName.java
+++ b/gnu/java/security/x509/X500DistinguishedName.java
@@ -1,5 +1,5 @@
 /* X500DistinguishedName.java -- X.500 distinguished name.
-   Copyright (C) 2004, 2006, 2014  Free Software Foundation, Inc.
+   Copyright (C) 2004, 2006, 2014, 2015  Free Software Foundation, Inc.
 
 This file is part of GNU Classpath.
 
@@ -99,17 +99,10 @@ public class X500DistinguishedName implements Principal
     components.add(currentRdn);
   }
 
-  public X500DistinguishedName(String name)
+  public X500DistinguishedName(String name) throws IOException
   {
     this();
-    try
-      {
-        parseString(name);
-      }
-    catch (IOException ioe)
-      {
-        throw new IllegalArgumentException(ioe.toString());
-      }
+    parseString(name);
   }
 
   public X500DistinguishedName(byte[] encoded) throws IOException
@@ -127,6 +120,7 @@ public class X500DistinguishedName implements Principal
   // Instance methods.
   // -------------------------------------------------------------------------
 
+  @Override
   public String getName()
   {
     return toString();
@@ -246,6 +240,7 @@ public class X500DistinguishedName implements Principal
     currentRdn = Collections.emptyMap();
   }
 
+  @Override
   public int hashCode()
   {
     int sum = 0;
@@ -261,6 +256,7 @@ public class X500DistinguishedName implements Principal
     return sum;
   }
 
+  @Override
   public boolean equals(Object o)
   {
     if (!(o instanceof X500DistinguishedName))
@@ -282,6 +278,7 @@ public class X500DistinguishedName implements Principal
     return true;
   }
 
+  @Override
   public String toString()
   {
     if (fixed && stringRep != null)
@@ -332,7 +329,7 @@ public class X500DistinguishedName implements Principal
   public byte[] getDer()
   {
     if (fixed && encoded != null)
-      return (byte[]) encoded.clone();
+      return encoded.clone();
 
     ArrayList<DERValue> name = new ArrayList<DERValue>(components.size());
     for (Map<OID,String> m : components)
@@ -351,7 +348,7 @@ public class X500DistinguishedName implements Principal
         name.add(new DERValue(DER.SET|DER.CONSTRUCTED, rdn));
       }
     DERValue val = new DERValue(DER.SEQUENCE|DER.CONSTRUCTED, name);
-    return (byte[]) (encoded = val.getEncoded()).clone();
+    return (encoded = val.getEncoded()).clone();
   }
 
   // Own methods.
@@ -375,7 +372,7 @@ public class X500DistinguishedName implements Principal
     setUnmodifiable();
   }
 
-  private String readAttributeType(Reader in) throws IOException
+  private static String readAttributeType(Reader in) throws IOException
   {
     CPStringBuilder buf = new CPStringBuilder();
     int ch;
diff --git a/gnu/java/security/x509/X509CRL.java b/gnu/java/security/x509/X509CRL.java
index 9e1ed0f5c..b95c411ac 100644
--- a/gnu/java/security/x509/X509CRL.java
+++ b/gnu/java/security/x509/X509CRL.java
@@ -136,6 +136,7 @@ public class X509CRL extends java.security.cert.X509CRL
   // X509CRL methods.
   // ------------------------------------------------------------------------
 
+  @Override
   public boolean equals(Object o)
   {
     if (!(o instanceof X509CRL))
@@ -143,6 +144,7 @@ public class X509CRL extends java.security.cert.X509CRL
     return ((X509CRL) o).getRevokedCertificates().equals(revokedCerts.values());
   }
 
+  @Override
   public int hashCode()
   {
     return revokedCerts.hashCode();
@@ -151,7 +153,7 @@ public class X509CRL extends java.security.cert.X509CRL
   @Override
   public byte[] getEncoded() throws CRLException
   {
-    return (byte[]) encoded.clone();
+    return encoded.clone();
   }
 
   @Override
@@ -184,6 +186,7 @@ public class X509CRL extends java.security.cert.X509CRL
     return issuerDN;
   }
 
+  @Override
   public X500Principal getIssuerX500Principal()
   {
     return new X500Principal(issuerDN.getDer());
@@ -218,13 +221,13 @@ public class X509CRL extends java.security.cert.X509CRL
   @Override
   public byte[] getTBSCertList() throws CRLException
   {
-    return (byte[]) tbsCRLBytes.clone();
+    return tbsCRLBytes.clone();
   }
 
   @Override
   public byte[] getSignature()
   {
-    return (byte[]) rawSig.clone();
+    return rawSig.clone();
   }
 
   @Override
@@ -251,13 +254,14 @@ public class X509CRL extends java.security.cert.X509CRL
   public byte[] getSigAlgParams()
   {
     if (sigAlgParams != null)
-      return (byte[]) sigAlgParams.clone();
+      return sigAlgParams.clone();
     return null;
   }
 
   // X509Extension methods.
   // ------------------------------------------------------------------------
 
+  @Override
   public boolean hasUnsupportedCriticalExtension()
   {
     for (Extension e : extensions.values())
@@ -267,7 +271,8 @@ public class X509CRL extends java.security.cert.X509CRL
       }
     return false;
   }
-
+  
+  @Override
   public Set<String> getCriticalExtensionOIDs()
   {
     HashSet<String> s = new HashSet<String>();
@@ -279,6 +284,7 @@ public class X509CRL extends java.security.cert.X509CRL
     return Collections.unmodifiableSet(s);
   }
 
+  @Override
   public Set<String> getNonCriticalExtensionOIDs()
   {
     HashSet<String> s = new HashSet<String>();
@@ -290,6 +296,7 @@ public class X509CRL extends java.security.cert.X509CRL
     return Collections.unmodifiableSet(s);
   }
 
+  @Override
   public byte[] getExtensionValue(String oid)
   {
     Extension e = getExtension(new OID(oid));
@@ -324,13 +331,14 @@ public class X509CRL extends java.security.cert.X509CRL
     return X509CRL.class.getName();
   }
 
+  @Override
   public boolean isRevoked(Certificate cert)
   {
     if (!(cert instanceof java.security.cert.X509Certificate))
       throw new IllegalArgumentException("not a X.509 certificate");
     BigInteger certSerial =
       ((java.security.cert.X509Certificate) cert).getSerialNumber();
-    X509CRLEntry ent = (X509CRLEntry) revokedCerts.get(certSerial);
+    X509CRLEntry ent = revokedCerts.get(certSerial);
     if (ent == null)
       return false;
     return ent.getRevocationDate().compareTo(new Date()) < 0;
@@ -485,7 +493,7 @@ public class X509CRL extends java.security.cert.X509CRL
         if (Configuration.DEBUG)
           log.fine("sig params tag = " + val.getTag() + " len == "
                    + val.getEncodedLength());
-        sigAlgParams = (byte[]) val.getEncoded();
+        sigAlgParams = val.getEncoded();
         if (val.isConstructed())
           in.skip(val.getLength());
       }
diff --git a/gnu/java/security/x509/X509CRLEntry.java b/gnu/java/security/x509/X509CRLEntry.java
index b54f8eae6..d0c8da1d4 100644
--- a/gnu/java/security/x509/X509CRLEntry.java
+++ b/gnu/java/security/x509/X509CRLEntry.java
@@ -131,7 +131,7 @@ class X509CRLEntry extends java.security.cert.X509CRLEntry
   @Override
   public byte[] getEncoded() throws CRLException
   {
-    return (byte[]) encoded.clone();
+    return encoded.clone();
   }
 
   @Override
@@ -162,6 +162,7 @@ class X509CRLEntry extends java.security.cert.X509CRLEntry
   // X509Extension methods.
   // -------------------------------------------------------------------------
 
+  @Override
   public boolean hasUnsupportedCriticalExtension()
   {
     for (Extension e : extensions.values())
@@ -172,6 +173,7 @@ class X509CRLEntry extends java.security.cert.X509CRLEntry
     return false;
   }
 
+  @Override
   public Set<String> getCriticalExtensionOIDs()
   {
     HashSet<String> s = new HashSet<String>();
@@ -183,6 +185,7 @@ class X509CRLEntry extends java.security.cert.X509CRLEntry
     return Collections.unmodifiableSet(s);
   }
 
+  @Override
   public Set<String> getNonCriticalExtensionOIDs()
   {
     HashSet<String> s = new HashSet<String>();
@@ -194,6 +197,7 @@ class X509CRLEntry extends java.security.cert.X509CRLEntry
     return Collections.unmodifiableSet(s);
   }
 
+  @Override
   public byte[] getExtensionValue(String oid)
   {
     Extension e = getExtension(new OID(oid));
diff --git a/gnu/java/security/x509/X509CRLSelectorImpl.java b/gnu/java/security/x509/X509CRLSelectorImpl.java
index c8f25d58d..9112aabf1 100644
--- a/gnu/java/security/x509/X509CRLSelectorImpl.java
+++ b/gnu/java/security/x509/X509CRLSelectorImpl.java
@@ -1,5 +1,5 @@
 /* X509CRLSelectorImpl.java -- implementation of an X509CRLSelector.
-   Copyright (C) 2004, 2014  Free Software Foundation, Inc.
+   Copyright (C) 2004, 2014, 2015  Free Software Foundation, Inc.
 
 This file is part of GNU Classpath.
 
@@ -80,7 +80,7 @@ public class X509CRLSelectorImpl implements CRLSelector
     issuerNames.add(new X500DistinguishedName(issuerName));
   }
 
-  public void addIssuerName(String issuerName)
+  public void addIssuerName(String issuerName) throws IOException
   {
     issuerNames.add(new X500DistinguishedName(issuerName));
   }
diff --git a/gnu/java/security/x509/X509CertPath.java b/gnu/java/security/x509/X509CertPath.java
index d2e12d269..d1be2ee27 100644
--- a/gnu/java/security/x509/X509CertPath.java
+++ b/gnu/java/security/x509/X509CertPath.java
@@ -1,5 +1,5 @@
 /* X509CertPath.java -- an X.509 certificate path.
-   Copyright (C) 2004, 2014  Free Software Fonudation, Inc.
+   Copyright (C) 2004, 2014, 2015  Free Software Fonudation, Inc.
 
 This file is part of GNU Classpath.
 
@@ -117,16 +117,19 @@ public class X509CertPath extends CertPath
   // Instance methods.
   // -------------------------------------------------------------------------
 
+  @Override
   public List<Certificate> getCertificates()
   {
     return path; // already unmodifiable
   }
 
+  @Override
   public byte[] getEncoded() throws CertificateEncodingException
   {
     return getEncoded(ENCODINGS.get(0));
   }
 
+  @Override
   public byte[] getEncoded(String encoding) throws CertificateEncodingException
   {
     if (encoding.equalsIgnoreCase("PkiPath"))
@@ -142,7 +145,7 @@ public class X509CertPath extends CertPath
                 throw new CertificateEncodingException();
               }
           }
-        return (byte[]) pkiEncoded.clone();
+        return pkiEncoded.clone();
       }
     else if (encoding.equalsIgnoreCase("PKCS7"))
       {
@@ -157,12 +160,13 @@ public class X509CertPath extends CertPath
                 throw new CertificateEncodingException();
               }
           }
-        return (byte[]) pkcsEncoded.clone();
+        return pkcsEncoded.clone();
       }
     else
       throw new CertificateEncodingException("unknown encoding: " + encoding);
   }
 
+  @Override
   public Iterator<String> getEncodings()
   {
     return ENCODINGS.iterator(); // already unmodifiable
@@ -175,12 +179,12 @@ public class X509CertPath extends CertPath
     throws CertificateEncodingException, IOException
   {
     DERReader der = new DERReader(in);
-    DERValue path = null;
+    DERValue parsedPath = null;
     if (encoding.equalsIgnoreCase("PkiPath"))
       {
         // PKI encoding is just a SEQUENCE of X.509 certificates.
-        path = der.read();
-        if (!path.isConstructed())
+        parsedPath = der.read();
+        if (!parsedPath.isConstructed())
           throw new DEREncodingException("malformed PkiPath");
       }
     else if (encoding.equalsIgnoreCase("PKCS7"))
@@ -226,8 +230,8 @@ public class X509CertPath extends CertPath
         if (!value.isConstructed())
           throw new DEREncodingException("malformed ContentInfo");
         der.skip(value.getLength());
-        path = der.read();
-        if (!path.isConstructed() || path.getTag() != 0)
+        parsedPath = der.read();
+        if (!parsedPath.isConstructed() || parsedPath.getTag() != 0)
           throw new DEREncodingException("no certificates");
       }
     else
@@ -235,7 +239,7 @@ public class X509CertPath extends CertPath
 
     LinkedList<Certificate> certs = new LinkedList<Certificate>();
     int len = 0;
-    while (len < path.getLength())
+    while (len < parsedPath.getLength())
       {
         DERValue cert = der.read();
         try
@@ -250,7 +254,7 @@ public class X509CertPath extends CertPath
         der.skip(cert.getLength());
       }
 
-    this.path = Collections.unmodifiableList(certs);
+    path = Collections.unmodifiableList(certs);
   }
 
   private byte[] encodePki()
diff --git a/gnu/java/security/x509/X509CertSelectorImpl.java b/gnu/java/security/x509/X509CertSelectorImpl.java
index e7c7ff81b..7e778dda2 100644
--- a/gnu/java/security/x509/X509CertSelectorImpl.java
+++ b/gnu/java/security/x509/X509CertSelectorImpl.java
@@ -1,5 +1,5 @@
 /* X509CertSelectorImpl.java -- implementation of an X509CertSelector.
-   Copyright (C) 2004, 2014  Free Software Foundation, Inc.
+   Copyright (C) 2004, 2014, 2015  Free Software Foundation, Inc.
 
 This file is part of GNU Classpath.
 
@@ -81,7 +81,7 @@ public class X509CertSelectorImpl implements CertSelector
     issuerNames.add(new X500DistinguishedName(issuerName));
   }
 
-  public void addIssuerName(String issuerName)
+  public void addIssuerName(String issuerName) throws IOException
   {
     issuerNames.add(new X500DistinguishedName(issuerName));
   }
diff --git a/gnu/java/security/x509/X509Certificate.java b/gnu/java/security/x509/X509Certificate.java
index c7856bd0c..22e213d17 100644
--- a/gnu/java/security/x509/X509Certificate.java
+++ b/gnu/java/security/x509/X509Certificate.java
@@ -1,5 +1,5 @@
 /* X509Certificate.java -- X.509 certificate.
-   Copyright (C) 2003, 2004, 2006, 2014  Free Software Foundation, Inc.
+   Copyright (C) 2003, 2004, 2006, 2014, 2015  Free Software Foundation, Inc.
 
 This file is part of GNU Classpath.
 
@@ -56,7 +56,6 @@ import gnu.java.security.x509.ext.SubjectAlternativeNames;
 import java.io.IOException;
 import java.io.InputStream;
 import java.io.PrintWriter;
-import java.io.Serializable;
 import java.io.StringWriter;
 import java.math.BigInteger;
 import java.security.AlgorithmParameters;
@@ -97,7 +96,7 @@ import javax.security.auth.x500.X500Principal;
  * @author Casey Marshall (rsdio@metastatic.org)
  */
 public class X509Certificate extends java.security.cert.X509Certificate
-  implements Serializable, GnuPKIExtension
+  implements GnuPKIExtension
 {
 
   // Constants and fields.
@@ -185,12 +184,14 @@ public class X509Certificate extends java.security.cert.X509Certificate
   // X509Certificate methods.
   // ------------------------------------------------------------------------
 
+  @Override
   public void checkValidity()
     throws CertificateExpiredException, CertificateNotYetValidException
   {
     checkValidity(new Date());
   }
 
+  @Override
   public void checkValidity(Date date)
     throws CertificateExpiredException, CertificateNotYetValidException
   {
@@ -203,57 +204,68 @@ public class X509Certificate extends java.security.cert.X509Certificate
         throw new CertificateExpiredException();
       }
   }
-
+ 
+  @Override
   public int getVersion()
   {
     return version;
   }
 
+  @Override
   public BigInteger getSerialNumber()
   {
     return serialNo;
   }
 
+  @Override
   public Principal getIssuerDN()
   {
     return issuer;
   }
 
+  @Override
   public X500Principal getIssuerX500Principal()
   {
     return new X500Principal(issuer.getDer());
   }
 
+  @Override
   public Principal getSubjectDN()
   {
     return subject;
   }
 
+  @Override
   public X500Principal getSubjectX500Principal()
   {
     return new X500Principal(subject.getDer());
   }
 
+  @Override
   public Date getNotBefore()
   {
     return (Date) notBefore.clone();
   }
 
+  @Override
   public Date getNotAfter()
   {
     return (Date) notAfter.clone();
   }
 
+  @Override
   public byte[] getTBSCertificate() throws CertificateEncodingException
   {
-    return (byte[]) tbsCertBytes.clone();
+    return tbsCertBytes.clone();
   }
 
+  @Override
   public byte[] getSignature()
   {
-    return (byte[]) signature.clone();
+    return signature.clone();
   }
 
+  @Override
   public String getSigAlgName()
   {
     if (sigAlgId.equals(ID_DSA_WITH_SHA1))
@@ -275,16 +287,19 @@ public class X509Certificate extends java.security.cert.X509Certificate
     return "unknown";
   }
 
+  @Override
   public String getSigAlgOID()
   {
     return sigAlgId.toString();
   }
 
+  @Override
   public byte[] getSigAlgParams()
   {
-    return (byte[]) sigAlgVal.clone();
+    return sigAlgVal.clone();
   }
 
+  @Override
   public boolean[] getIssuerUniqueID()
   {
     if (issuerUniqueId != null)
@@ -294,6 +309,7 @@ public class X509Certificate extends java.security.cert.X509Certificate
     return null;
   }
 
+  @Override
   public boolean[] getSubjectUniqueID()
   {
     if (subjectUniqueId != null)
@@ -303,6 +319,7 @@ public class X509Certificate extends java.security.cert.X509Certificate
     return null;
   }
 
+  @Override
   public boolean[] getKeyUsage()
   {
     Extension e = getExtension(KeyUsage.ID);
@@ -317,6 +334,7 @@ public class X509Certificate extends java.security.cert.X509Certificate
     return null;
   }
 
+  @Override
   public List<String> getExtendedKeyUsage() throws CertificateParsingException
   {
     Extension e = getExtension(ExtendedKeyUsage.ID);
@@ -331,6 +349,7 @@ public class X509Certificate extends java.security.cert.X509Certificate
     return null;
   }
 
+  @Override
   public int getBasicConstraints()
   {
     Extension e = getExtension(BasicConstraints.ID);
@@ -341,6 +360,7 @@ public class X509Certificate extends java.security.cert.X509Certificate
     return -1;
   }
 
+  @Override
   public Collection<List<?>> getSubjectAlternativeNames()
     throws CertificateParsingException
   {
@@ -353,7 +373,7 @@ public class X509Certificate extends java.security.cert.X509Certificate
         for (GeneralName name : names)
           {
             List<Object> n = new ArrayList<Object>(2);
-            n.add(name.kind().tag());
+            n.add(Integer.valueOf(name.kind().tag()));
             n.add(name.name());
             list.add(n);
           }
@@ -362,6 +382,7 @@ public class X509Certificate extends java.security.cert.X509Certificate
     return null;
   }
 
+  @Override
   public Collection<List<?>> getIssuerAlternativeNames()
     throws CertificateParsingException
   {
@@ -374,7 +395,7 @@ public class X509Certificate extends java.security.cert.X509Certificate
         for (GeneralName name : names)
           {
             List<Object> n = new ArrayList<Object>(2);
-            n.add(name.kind().tag());
+            n.add(Integer.valueOf(name.kind().tag()));
             n.add(name.name());
             list.add(n);
           }
@@ -385,7 +406,8 @@ public class X509Certificate extends java.security.cert.X509Certificate
 
 // X509Extension methods.
   // ------------------------------------------------------------------------
-
+  
+  @Override
   public boolean hasUnsupportedCriticalExtension()
   {
     for (Extension e : extensions.values())
@@ -396,6 +418,7 @@ public class X509Certificate extends java.security.cert.X509Certificate
     return false;
   }
 
+  @Override
   public Set<String> getCriticalExtensionOIDs()
   {
     HashSet<String> s = new HashSet<String>();
@@ -407,6 +430,7 @@ public class X509Certificate extends java.security.cert.X509Certificate
     return Collections.unmodifiableSet(s);
   }
 
+  @Override
   public Set<String> getNonCriticalExtensionOIDs()
   {
     HashSet<String> s = new HashSet<String>();
@@ -418,6 +442,7 @@ public class X509Certificate extends java.security.cert.X509Certificate
     return Collections.unmodifiableSet(s);
   }
 
+  @Override
   public byte[] getExtensionValue(String oid)
   {
     Extension e = getExtension(new OID(oid));
@@ -446,11 +471,13 @@ public class X509Certificate extends java.security.cert.X509Certificate
   // Certificate methods.
   // -------------------------------------------------------------------------
 
+  @Override
   public byte[] getEncoded() throws CertificateEncodingException
   {
-    return (byte[]) encoded.clone();
+    return encoded.clone();
   }
 
+  @Override
   public void verify(PublicKey key)
     throws CertificateException, NoSuchAlgorithmException,
            InvalidKeyException, NoSuchProviderException, SignatureException
@@ -459,6 +486,7 @@ public class X509Certificate extends java.security.cert.X509Certificate
     doVerify(sig, key);
   }
 
+  @Override
   public void verify(PublicKey key, String provider)
     throws CertificateException, NoSuchAlgorithmException,
            InvalidKeyException, NoSuchProviderException, SignatureException
@@ -467,6 +495,7 @@ public class X509Certificate extends java.security.cert.X509Certificate
     doVerify(sig, key);
   }
 
+  @Override
   public String toString()
   {
     StringWriter str = new StringWriter();
@@ -515,6 +544,7 @@ public class X509Certificate extends java.security.cert.X509Certificate
     return str.toString();
   }
 
+  @Override
   public PublicKey getPublicKey()
   {
     return subjectKey;
@@ -562,11 +592,11 @@ public class X509Certificate extends java.security.cert.X509Certificate
   /**
    * Parse a DER stream into an X.509 certificate.
    *
-   * @param encoded The encoded bytes.
+   * @param enc The encoded bytes.
    */
-  private void parse(InputStream encoded) throws Exception
+  private void parse(InputStream enc) throws Exception
   {
-    DERReader der = new DERReader(encoded);
+    DERReader der = new DERReader(enc);
 
     // Certificate ::= SEQUENCE {
     DERValue cert = der.read();
@@ -635,7 +665,7 @@ public class X509Certificate extends java.security.cert.X509Certificate
             algVal = val.getEncoded();
 
             if (val.isConstructed())
-              encoded.skip(val.getLength());
+              enc.skip(val.getLength());
           }
         logger.log (Component.X509, "read algorithm parameters == {0}", algVal);
       }
@@ -744,11 +774,11 @@ public class X509Certificate extends java.security.cert.X509Certificate
           }
         else
           {
-            sigAlgVal = (byte[]) val.getEncoded();
+            sigAlgVal = val.getEncoded();
           }
         if (val.isConstructed())
           {
-            encoded.skip(val.getLength());
+            enc.skip(val.getLength());
           }
         logger.log (Component.X509, "read parameters == {0}", sigAlgVal);
       }
diff --git a/gnu/java/security/x509/ext/AuthorityKeyIdentifier.java b/gnu/java/security/x509/ext/AuthorityKeyIdentifier.java
index a94b76f09..de280b0e3 100644
--- a/gnu/java/security/x509/ext/AuthorityKeyIdentifier.java
+++ b/gnu/java/security/x509/ext/AuthorityKeyIdentifier.java
@@ -1,5 +1,5 @@
 /* AuthorityKeyIdentifier.java -- Authority key identifier extension.
-   Copyright (C) 2004  Free Software Foundation, Inc.
+   Copyright (C) 2004, 2015  Free Software Foundation, Inc.
 
 This file is part of GNU Classpath.
 
@@ -123,6 +123,7 @@ public class AuthorityKeyIdentifier extends Extension.Value
     return authorityCertSerialNumber;
   }
 
+  @Override
   public String toString()
   {
     return AuthorityKeyIdentifier.class.getName() + " [ keyId=" +
diff --git a/gnu/java/security/x509/ext/BasicConstraints.java b/gnu/java/security/x509/ext/BasicConstraints.java
index 52d9f39cd..e4f031abc 100644
--- a/gnu/java/security/x509/ext/BasicConstraints.java
+++ b/gnu/java/security/x509/ext/BasicConstraints.java
@@ -1,5 +1,5 @@
 /* BasicConstraints.java -- the basic constraints extension.
-   Copyright (C) 2004, 2014  Free Software Foundation, Inc.
+   Copyright (C) 2004, 2014, 2015  Free Software Foundation, Inc.
 
 This file is part of GNU Classpath.
 
@@ -107,6 +107,7 @@ public class BasicConstraints extends Extension.Value
     return pathLenConstraint;
   }
 
+  @Override
   public byte[] getEncoded()
   {
     if (encoded == null)
@@ -115,12 +116,13 @@ public class BasicConstraints extends Extension.Value
         bc.add (new DERValue (DER.BOOLEAN, Boolean.valueOf (ca)));
         if (pathLenConstraint >= 0)
           bc.add (new DERValue (DER.INTEGER,
-                                BigInteger.valueOf ((long) pathLenConstraint)));
+                                BigInteger.valueOf (pathLenConstraint)));
         encoded = new DERValue (DER.CONSTRUCTED|DER.SEQUENCE, bc).getEncoded();
       }
-    return (byte[]) encoded.clone();
+    return encoded.clone();
   }
 
+  @Override
   public String toString()
   {
     return BasicConstraints.class.getName() + " [ isCA=" + ca +
diff --git a/gnu/java/security/x509/ext/CRLNumber.java b/gnu/java/security/x509/ext/CRLNumber.java
index 36b1c7b5f..42c3cc7fc 100644
--- a/gnu/java/security/x509/ext/CRLNumber.java
+++ b/gnu/java/security/x509/ext/CRLNumber.java
@@ -1,5 +1,5 @@
 /* CRLNumber.java -- CRL number extension.
-   Copyright (C) 2004  Free Software Foundation, Inc.
+   Copyright (C) 2004, 2015  Free Software Foundation, Inc.
 
 This file is part of GNU Classpath.
 
@@ -81,15 +81,17 @@ public class CRLNumber extends Extension.Value
     return number;
   }
 
+  @Override
   public byte[] getEncoded()
   {
     if (encoded == null)
       {
         encoded = new DERValue (DER.INTEGER, number).getEncoded();
       }
-    return (byte[]) encoded.clone();
+    return encoded.clone();
   }
 
+  @Override
   public String toString()
   {
     return CRLNumber.class.getName() + " [ " + number + " ]";
diff --git a/gnu/java/security/x509/ext/CertificatePolicies.java b/gnu/java/security/x509/ext/CertificatePolicies.java
index 9b36485b2..64879f933 100644
--- a/gnu/java/security/x509/ext/CertificatePolicies.java
+++ b/gnu/java/security/x509/ext/CertificatePolicies.java
@@ -1,5 +1,5 @@
 /* CertificatePolicies.java -- certificate policy extension.
-   Copyright (C) 2004, 2006, 2014 Free Software Foundation, Inc.
+   Copyright (C) 2004, 2006, 2014, 2015 Free Software Foundation, Inc.
 
 This file is part of GNU Classpath.
 
@@ -146,8 +146,8 @@ public class CertificatePolicies extends Extension.Value
 	  }
 	try
 	  {
-	    for (Iterator<PolicyQualifierInfo> i = e.getValue().iterator();
-		 i.hasNext(); i.next());
+	    Iterator<PolicyQualifierInfo> i = e.getValue().iterator();
+	    while (i.hasNext()) { i.next(); }
 	  }
 	catch (ClassCastException cce)
 	  {
@@ -188,6 +188,7 @@ public class CertificatePolicies extends Extension.Value
     return policyQualifierInfos.get(oid);
   }
 
+  @Override
   public byte[] getEncoded()
   {
     if (encoded == null)
@@ -219,9 +220,10 @@ public class CertificatePolicies extends Extension.Value
           }
         encoded = new DERValue(DER.CONSTRUCTED|DER.SEQUENCE, pol).getEncoded();
       }
-    return (byte[]) encoded.clone();
+    return encoded.clone();
   }
 
+  @Override
   public String toString()
   {
     return CertificatePolicies.class.getName() + " [ policies=" + policies +
diff --git a/gnu/java/security/x509/ext/ExtendedKeyUsage.java b/gnu/java/security/x509/ext/ExtendedKeyUsage.java
index 428013d04..d6e08167b 100644
--- a/gnu/java/security/x509/ext/ExtendedKeyUsage.java
+++ b/gnu/java/security/x509/ext/ExtendedKeyUsage.java
@@ -1,5 +1,5 @@
 /* ExtendedKeyUsage.java -- the extended key usage extension.
-   Copyright (C) 2004, 2006  Free Software Foundation, Inc.
+   Copyright (C) 2004, 2006, 2015  Free Software Foundation, Inc.
 
 This file is part of GNU Classpath.
 
@@ -88,6 +88,7 @@ public class ExtendedKeyUsage extends Extension.Value
     return Collections.unmodifiableList(purposeIds);
   }
 
+  @Override
   public String toString()
   {
     return ExtendedKeyUsage.class.getName() + " [ " + purposeIds + " ]";
diff --git a/gnu/java/security/x509/ext/Extension.java b/gnu/java/security/x509/ext/Extension.java
index b740c8ac4..c16c9303c 100644
--- a/gnu/java/security/x509/ext/Extension.java
+++ b/gnu/java/security/x509/ext/Extension.java
@@ -1,5 +1,5 @@
 /* Extension.java -- an X.509 certificate or CRL extension.
-   Copyright (C) 2004, 2006, 2010  Free Software Foundation, Inc.
+   Copyright (C) 2004, 2006, 2010, 2015  Free Software Foundation, Inc.
 
 This file is part of GNU Classpath.
 
@@ -85,7 +85,7 @@ public class Extension
 
   public Extension(byte[] encoded) throws IOException
   {
-    this.encoded = (byte[]) encoded.clone();
+    this.encoded = encoded.clone();
     DERReader der = new DERReader(encoded);
 
     // Extension ::= SEQUENCE {
@@ -220,9 +220,10 @@ public class Extension
   {
     if (encoded == null)
       encode();
-    return (byte[]) encoded.clone();
+    return encoded.clone();
   }
 
+  @Override
   public String toString()
   {
     return Extension.class.getName() + " [ id=" + oid + " critical=" +
@@ -262,7 +263,7 @@ public class Extension
 
     public Value(byte[] encoded)
     {
-      this.encoded = (byte[]) encoded.clone();
+      this.encoded = encoded.clone();
     }
 
     protected Value() { }
@@ -272,9 +273,10 @@ public class Extension
 
     public byte[] getEncoded()
     {
-      return (byte[]) encoded;
+      return encoded;
     }
 
+    @Override
     public int hashCode()
     {
       int result = 0;
@@ -283,6 +285,7 @@ public class Extension
       return result;
     }
 
+    @Override
     public boolean equals(Object o)
     {
       if (!(o instanceof Value))
@@ -290,6 +293,7 @@ public class Extension
       return Arrays.equals(encoded, ((Value) o).encoded);
     }
 
+    @Override
     public String toString()
     {
       return Util.toHexString(encoded, ':');
diff --git a/gnu/java/security/x509/ext/GeneralName.java b/gnu/java/security/x509/ext/GeneralName.java
index f399de1b7..d4a7f9b5e 100644
--- a/gnu/java/security/x509/ext/GeneralName.java
+++ b/gnu/java/security/x509/ext/GeneralName.java
@@ -1,5 +1,5 @@
 /* GeneralName.java -- a GeneralName.
-   Copyright (C) 2006  Free Software Foundation, Inc.
+   Copyright (C) 2006, 2015  Free Software Foundation, Inc.
 
 This file is a part of GNU Classpath.
 
@@ -45,6 +45,7 @@ import gnu.java.security.x509.Util;
 
 import java.io.IOException;
 import java.util.Arrays;
+import java.util.Objects;
 
 /**
  * The GeneralName structure from X.509.
@@ -106,16 +107,16 @@ public class GeneralName
         case 6: return uniformResourceIdentifier;
         case 7: return iPAddress;
         case 8: return registeredId;
+        default:
+	  throw new IllegalArgumentException("invalid tag: " + tag);
       }
-
-      throw new IllegalArgumentException("invalid tag: " + tag);
     }
 
     public int tag()
     {
       return tag;
     }
-  };
+  }
 
   private final Kind kind;
   private final byte[] name;
@@ -185,7 +186,7 @@ public class GeneralName
   public GeneralName(Kind kind, byte[] name)
   {
     this.kind = kind;
-    this.name = (byte[]) name.clone();
+    this.name = name.clone();
     this.encoded = null;
   }
 
@@ -196,27 +197,21 @@ public class GeneralName
 
   public byte[] name()
   {
-    return (byte[]) name.clone();
+    return name.clone();
   }
 
   public byte[] encoded()
   {
-    try
-      {
-        return (byte[]) encoded.clone();
-      }
-    catch (NullPointerException npe)
-      {
-        return null;
-      }
+    return (encoded == null ? null : encoded.clone());
   }
 
+  @Override
   public boolean equals(Object o)
   {
     try
       {
         GeneralName that = (GeneralName) o;
-        return (that.kind() == kind() && Arrays.equals(name, that.name));
+        return (that.kind() == kind && Arrays.equals(name, that.name));
       }
     catch (ClassCastException cce)
       {
@@ -224,6 +219,13 @@ public class GeneralName
       }
   }
 
+  @Override
+  public int hashCode()
+  {
+    return Objects.hash(kind, name);
+  }
+
+  @Override
   public String toString()
   {
     return (super.toString() + " [ kind=" + kind + "; name=" +
diff --git a/gnu/java/security/x509/ext/GeneralNames.java b/gnu/java/security/x509/ext/GeneralNames.java
index f56ee963b..45132ed0f 100644
--- a/gnu/java/security/x509/ext/GeneralNames.java
+++ b/gnu/java/security/x509/ext/GeneralNames.java
@@ -1,5 +1,5 @@
 /* GeneralNames.java -- the GeneralNames object
-   Copyright (C) 2004, 2006  Free Software Foundation, Inc.
+   Copyright (C) 2004, 2006, 2015  Free Software Foundation, Inc.
 
 This file is part of GNU Classpath.
 
@@ -82,6 +82,7 @@ public class GeneralNames
     return Collections.unmodifiableList(names);
   }
 
+  @Override
   public String toString()
   {
     return GeneralNames.class.getName() + " [ " + names + " ]";
diff --git a/gnu/java/security/x509/ext/GeneralSubtree.java b/gnu/java/security/x509/ext/GeneralSubtree.java
index 5d688deaa..f5097a507 100644
--- a/gnu/java/security/x509/ext/GeneralSubtree.java
+++ b/gnu/java/security/x509/ext/GeneralSubtree.java
@@ -1,5 +1,5 @@
 /* GeneralSubtree.java --
-   Copyright (C) 2006  Free Software Foundation, Inc.
+   Copyright (C) 2006, 2015  Free Software Foundation, Inc.
 
 This file is a part of GNU Classpath.
 
@@ -147,6 +147,7 @@ public class GeneralSubtree
     return maximum;
   }
 
+  @Override
   public String toString()
   {
     return (GeneralSubtree.class.getName() + " [ base=" + base
diff --git a/gnu/java/security/x509/ext/IssuerAlternativeNames.java b/gnu/java/security/x509/ext/IssuerAlternativeNames.java
index 080070b98..1c502c37c 100644
--- a/gnu/java/security/x509/ext/IssuerAlternativeNames.java
+++ b/gnu/java/security/x509/ext/IssuerAlternativeNames.java
@@ -1,5 +1,5 @@
 /* IssuerAlternatuveNames.java -- issuer alternative names extension.
-   Copyright (C) 2004, 2006  Free Software Foundation, Inc.
+   Copyright (C) 2004, 2006, 2015  Free Software Foundation, Inc.
 
 This file is part of GNU Classpath.
 
@@ -70,6 +70,7 @@ public class IssuerAlternativeNames extends Extension.Value
     return names.getNames();
   }
 
+  @Override
   public String toString()
   {
     return IssuerAlternativeNames.class.getName() + " [ " + names + " ]";
diff --git a/gnu/java/security/x509/ext/KeyUsage.java b/gnu/java/security/x509/ext/KeyUsage.java
index dcd98181e..f306e71a7 100644
--- a/gnu/java/security/x509/ext/KeyUsage.java
+++ b/gnu/java/security/x509/ext/KeyUsage.java
@@ -1,5 +1,5 @@
 /* KeyUsage.java -- the key usage extension.
-   Copyright (C) 2004  Free Software Foundation, Inc.
+   Copyright (C) 2004, 2015  Free Software Foundation, Inc.
 
 This file is part of GNU Classpath.
 
@@ -85,6 +85,7 @@ public class KeyUsage extends Extension.Value
     return keyUsage;
   }
 
+  @Override
   public String toString()
   {
     return KeyUsage.class.getName() + " [ " + keyUsage + " ]";
diff --git a/gnu/java/security/x509/ext/NameConstraints.java b/gnu/java/security/x509/ext/NameConstraints.java
index 8f374d560..f6104c9a3 100644
--- a/gnu/java/security/x509/ext/NameConstraints.java
+++ b/gnu/java/security/x509/ext/NameConstraints.java
@@ -1,5 +1,5 @@
 /* NameConstraints.java -- the NameConstraints X.509 extension.
-   Copyright (C) 2006  Free Software Foundation, Inc.
+   Copyright (C) 2006, 2015  Free Software Foundation, Inc.
 
 This file is a part of GNU Classpath.
 
@@ -152,6 +152,7 @@ public class NameConstraints extends Value
     return Collections.unmodifiableList(excludedSubtrees);
   }
 
+  @Override
   public String toString()
   {
     return NameConstraints.class.getName() + " [ permittedSubtrees="
diff --git a/gnu/java/security/x509/ext/PolicyConstraint.java b/gnu/java/security/x509/ext/PolicyConstraint.java
index 20cf552a0..3d88987bb 100644
--- a/gnu/java/security/x509/ext/PolicyConstraint.java
+++ b/gnu/java/security/x509/ext/PolicyConstraint.java
@@ -1,5 +1,5 @@
 /* PolicyConstraint.java -- policyConstraint extension
-   Copyright (C) 2004  Free Software Foundation, Inc.
+   Copyright (C) 2004, 2015  Free Software Foundation, Inc.
 
 This file is part of GNU Classpath.
 
@@ -98,6 +98,7 @@ public class PolicyConstraint extends Extension.Value
     return inhibitPolicyMapping;
   }
 
+  @Override
   public String toString()
   {
     return PolicyConstraint.class.getName() + " [ requireExplicitPolicy=" +
diff --git a/gnu/java/security/x509/ext/PolicyMappings.java b/gnu/java/security/x509/ext/PolicyMappings.java
index eeac340d3..27ce33e1a 100644
--- a/gnu/java/security/x509/ext/PolicyMappings.java
+++ b/gnu/java/security/x509/ext/PolicyMappings.java
@@ -1,5 +1,5 @@
 /* PolicyMappings.java -- policy mappings extension.
-   Copyright (C) 2004, 2014 Free Software Foundation, Inc.
+   Copyright (C) 2004, 2014, 2015 Free Software Foundation, Inc.
 
 This file is part of GNU Classpath.
 
@@ -97,6 +97,7 @@ public class PolicyMappings extends Extension.Value
     return mappings.get(issuerDomainPolicy);
   }
 
+  @Override
   public String toString()
   {
     return PolicyMappings.class.getName() + " [ " + mappings + " ]";
diff --git a/gnu/java/security/x509/ext/PrivateKeyUsagePeriod.java b/gnu/java/security/x509/ext/PrivateKeyUsagePeriod.java
index 3b531c055..31416266a 100644
--- a/gnu/java/security/x509/ext/PrivateKeyUsagePeriod.java
+++ b/gnu/java/security/x509/ext/PrivateKeyUsagePeriod.java
@@ -1,5 +1,5 @@
 /* PrivateKeyUsagePeriod.java -- private key usage period extension.
-   Copyright (C) 2004  Free Software Foundation, Inc.
+   Copyright (C) 2004, 2015  Free Software Foundation, Inc.
 
 This file is part of GNU Classpath.
 
@@ -97,6 +97,7 @@ public class PrivateKeyUsagePeriod extends Extension.Value
     return notAfter != null ? (Date) notAfter.clone() : null;
   }
 
+  @Override
   public String toString()
   {
     return PrivateKeyUsagePeriod.class.getName() + " [ notBefore=" + notBefore
diff --git a/gnu/java/security/x509/ext/ReasonCode.java b/gnu/java/security/x509/ext/ReasonCode.java
index a6d59e43a..7bc34af0b 100644
--- a/gnu/java/security/x509/ext/ReasonCode.java
+++ b/gnu/java/security/x509/ext/ReasonCode.java
@@ -1,5 +1,5 @@
 /* ReasonCode.java -- a reason code for a certificate revocation.
-   Copyright (C) 2004  Free Software Foundation, Inc.
+   Copyright (C) 2004, 2015  Free Software Foundation, Inc.
 
 This file is part of GNU Classpath.
 
@@ -78,6 +78,7 @@ public class ReasonCode extends Extension.Value
     return reason;
   }
 
+  @Override
   public String toString()
   {
     return ReasonCode.class.getName() + " [ " + reason + " ]";
diff --git a/gnu/java/security/x509/ext/SubjectAlternativeNames.java b/gnu/java/security/x509/ext/SubjectAlternativeNames.java
index 8b6347d99..590257735 100644
--- a/gnu/java/security/x509/ext/SubjectAlternativeNames.java
+++ b/gnu/java/security/x509/ext/SubjectAlternativeNames.java
@@ -1,5 +1,5 @@
 /* SubjectAlternatuveNames.java -- subject alternative names extension.
-   Copyright (C) 2004, 2006  Free Software Foundation, Inc.
+   Copyright (C) 2004, 2006, 2015  Free Software Foundation, Inc.
 
 This file is part of GNU Classpath.
 
@@ -70,6 +70,7 @@ public class SubjectAlternativeNames extends Extension.Value
     return names.getNames();
   }
 
+  @Override
   public String toString()
   {
     return SubjectAlternativeNames.class.getName() + " [ " + names + " ]";
diff --git a/gnu/java/security/x509/ext/SubjectKeyIdentifier.java b/gnu/java/security/x509/ext/SubjectKeyIdentifier.java
index fc65abe21..eb0e6902d 100644
--- a/gnu/java/security/x509/ext/SubjectKeyIdentifier.java
+++ b/gnu/java/security/x509/ext/SubjectKeyIdentifier.java
@@ -1,5 +1,5 @@
 /* SubjectKeyIdentifier.java -- subject key identifier extension.
-   Copyright (C) 2004  Free Software Foundation, Inc.
+   Copyright (C) 2004, 2015  Free Software Foundation, Inc.
 
 This file is part of GNU Classpath.
 
@@ -73,9 +73,10 @@ public class SubjectKeyIdentifier extends Extension.Value
 
   public byte[] getKeyIdentifier()
   {
-    return (byte[]) keyIdentifier.clone();
+    return keyIdentifier.clone();
   }
 
+  @Override
   public String toString()
   {
     return SubjectKeyIdentifier.class.getName() + " [ " +
diff --git a/gnu/javax/security/auth/Password.java b/gnu/javax/security/auth/Password.java
index 8fb07ee6b..1f639a160 100644
--- a/gnu/javax/security/auth/Password.java
+++ b/gnu/javax/security/auth/Password.java
@@ -1,5 +1,5 @@
 /* Password.java -- opaque wrapper around a password.
-   Copyright (C) 2004, 2006 Free Software Foundation, Inc.
+   Copyright (C) 2004, 2006, 2015 Free Software Foundation, Inc.
 
 This file is a part of GNU Classpath.
 
@@ -257,18 +257,16 @@ public final class Password extends ExpirableObject
    * method, {@link ExpirableObject#doDestroy()}.  See also,
    * {@link ExpirableObject#destroy()}.
    */
+  @Override
   protected synchronized void doDestroy()
   {
     if (isDestroyed())
       return;
-    else
-      {
-        for (int i = 0; i < password.length; i++)
-          password[i] = 0;
-        for (int i = 0; i < bPassword.length; i++)
-          bPassword[i] = 0;
-        mIsDestroyed = true;
-      }
+    for (int i = 0; i < password.length; i++)
+      password[i] = 0;
+    for (int i = 0; i < bPassword.length; i++)
+      bPassword[i] = 0;
+    mIsDestroyed = true;
   }
 
   /**
@@ -276,6 +274,7 @@ public final class Password extends ExpirableObject
    * {@link doDestroy()} method has been called.  See also,
    * {@ExpirableObject#destroy()}.
    */
+  @Override
   public synchronized boolean isDestroyed()
   {
     return (mIsDestroyed);
diff --git a/gnu/javax/security/auth/callback/AWTCallbackHandler.java b/gnu/javax/security/auth/callback/AWTCallbackHandler.java
index 5aad0335d..579dc5f7c 100644
--- a/gnu/javax/security/auth/callback/AWTCallbackHandler.java
+++ b/gnu/javax/security/auth/callback/AWTCallbackHandler.java
@@ -92,6 +92,7 @@ public class AWTCallbackHandler extends AbstractCallbackHandler
   // Instance methods.
   // -------------------------------------------------------------------------
 
+  @Override
   protected synchronized void handleChoice(ChoiceCallback c)
   {
     Frame ownerFrame = new Frame();
@@ -142,6 +143,7 @@ public class AWTCallbackHandler extends AbstractCallbackHandler
     ownerFrame.dispose();
   }
 
+  @Override
   protected synchronized void handleConfirmation(ConfirmationCallback c)
   {
     Frame ownerFrame = new Frame();
@@ -230,6 +232,7 @@ public class AWTCallbackHandler extends AbstractCallbackHandler
     ownerFrame.dispose();
   }
 
+  @Override
   protected synchronized void handleLanguage(LanguageCallback c)
   {
     Locale[] locales = Locale.getAvailableLocales();
@@ -279,6 +282,7 @@ public class AWTCallbackHandler extends AbstractCallbackHandler
       }
   }
 
+  @Override
   protected synchronized void handleName(NameCallback c)
   {
     Frame ownerFrame = new Frame();
@@ -316,6 +320,7 @@ public class AWTCallbackHandler extends AbstractCallbackHandler
     ownerFrame.dispose();
   }
 
+  @Override
   protected synchronized void handlePassword(PasswordCallback c)
   {
     Frame ownerFrame = new Frame();
@@ -353,6 +358,7 @@ public class AWTCallbackHandler extends AbstractCallbackHandler
     ownerFrame.dispose();
   }
 
+  @Override
   protected synchronized void handleTextInput(TextInputCallback c)
   {
     Frame ownerFrame = new Frame();
@@ -390,6 +396,7 @@ public class AWTCallbackHandler extends AbstractCallbackHandler
     ownerFrame.dispose();
   }
 
+  @Override
   protected synchronized void handleTextOutput(TextOutputCallback c)
   {
     Frame ownerFrame = new Frame();
@@ -428,6 +435,7 @@ public class AWTCallbackHandler extends AbstractCallbackHandler
   // ActionListener interface implementation.
   // -------------------------------------------------------------------------
 
+  @Override
   public synchronized void actionPerformed(ActionEvent ae)
   {
     actionCommand = ae.getActionCommand();
@@ -437,16 +445,17 @@ public class AWTCallbackHandler extends AbstractCallbackHandler
   // WindowListener interface implementation.
   // -------------------------------------------------------------------------
 
+  @Override
   public synchronized void windowClosing(WindowEvent we)
   {
     actionCommand = ACTION_NONE;
     notifyAll();
   }
 
-  public void windowOpened(WindowEvent we) { }
-  public void windowClosed(WindowEvent we) { }
-  public void windowIconified(WindowEvent we) { }
-  public void windowDeiconified(WindowEvent we) { }
-  public void windowActivated(WindowEvent we) { }
-  public void windowDeactivated(WindowEvent we) { }
+  @Override public void windowOpened(WindowEvent we) { }
+  @Override public void windowClosed(WindowEvent we) { }
+  @Override public void windowIconified(WindowEvent we) { }
+  @Override public void windowDeiconified(WindowEvent we) { }
+  @Override public void windowActivated(WindowEvent we) { }
+  @Override public void windowDeactivated(WindowEvent we) { }
 }
diff --git a/gnu/javax/security/auth/callback/AbstractCallbackHandler.java b/gnu/javax/security/auth/callback/AbstractCallbackHandler.java
index 31a7f5aca..4a0765b80 100644
--- a/gnu/javax/security/auth/callback/AbstractCallbackHandler.java
+++ b/gnu/javax/security/auth/callback/AbstractCallbackHandler.java
@@ -1,5 +1,5 @@
 /* AbstractCallbackHandler.java --
-   Copyright (C) 2005, 2006  Free Software Foundation, Inc.
+   Copyright (C) 2005, 2006, 2015  Free Software Foundation, Inc.
 
 This file is a part of GNU Classpath.
 
@@ -42,7 +42,6 @@ import gnu.java.security.Engine;
 
 import java.io.IOException;
 import java.lang.reflect.InvocationTargetException;
-import java.util.PropertyResourceBundle;
 import java.util.ResourceBundle;
 
 import java.security.NoSuchAlgorithmException;
@@ -79,7 +78,7 @@ public abstract class AbstractCallbackHandler implements CallbackHandler
   protected AbstractCallbackHandler (final String name)
   {
     super();
-    messages = PropertyResourceBundle.getBundle("gnu/javax/security/auth/callback/MessagesBundle");
+    messages = ResourceBundle.getBundle("gnu/javax/security/auth/callback/MessagesBundle");
     this.name = name;
   }
 
@@ -179,6 +178,7 @@ public abstract class AbstractCallbackHandler implements CallbackHandler
     throw x;
   }
 
+  @Override
   public void handle(Callback[] callbacks)
     throws IOException, UnsupportedCallbackException
   {
@@ -220,63 +220,70 @@ public abstract class AbstractCallbackHandler implements CallbackHandler
    *
    * @param callback The choice callback.
    * @throws IOException If an I/O error occurs.
+   * @throws UnsupportedCallbackException if the callback can't be handled.
    */
   protected abstract void handleChoice(ChoiceCallback callback)
-    throws IOException;
+    throws IOException, UnsupportedCallbackException;
 
   /**
    * Handles a {@link ConfirmationCallback}.
    *
    * @param callback The confirmation callback.
    * @throws IOException If an I/O error occurs.
+   * @throws UnsupportedCallbackException if the callback can't be handled.
    */
   protected abstract void handleConfirmation(ConfirmationCallback callback)
-    throws IOException;
+    throws IOException, UnsupportedCallbackException;
 
   /**
    * Handles a {@link LanguageCallback}.
    *
    * @param callback The language callback.
    * @throws IOException If an I/O error occurs.
+   * @throws UnsupportedCallbackException if the callback can't be handled.
    */
   protected abstract void handleLanguage(LanguageCallback callback)
-    throws IOException;
+    throws IOException, UnsupportedCallbackException;
 
   /**
    * Handles a {@link NameCallback}.
    *
    * @param callback The name callback.
    * @throws IOException If an I/O error occurs.
+   * @throws UnsupportedCallbackException if the callback can't be handled.
    */
   protected abstract void handleName(NameCallback callback)
-    throws IOException;
+    throws IOException, UnsupportedCallbackException;
 
   /**
    * Handles a {@link PasswordCallback}.
    *
    * @param callback The password callback.
    * @throws IOException If an I/O error occurs.
+   * @throws UnsupportedCallbackException if the callback can't be handled.
    */
   protected abstract void handlePassword(PasswordCallback callback)
-    throws IOException;
+    throws IOException, UnsupportedCallbackException;
 
   /**
    * Handles a {@link TextInputCallback}.
    *
    * @param callback The text input callback.
    * @throws IOException If an I/O error occurs.
+   * @throws UnsupportedCallbackException if the callback can't be handled.
    */
   protected abstract void handleTextInput(TextInputCallback callback)
-    throws IOException;
+    throws IOException, UnsupportedCallbackException;
 
   /**
    * Handles a {@link TextOutputCallback}.
    *
    * @param callback The text output callback.
    * @throws IOException If an I/O error occurs.
+   * @throws UnsupportedCallbackException if the callback can't be handled.
    */
   protected abstract void handleTextOutput(TextOutputCallback callback)
-    throws IOException;
+    throws IOException, UnsupportedCallbackException;
 
   /**
    * Handles an unknown callback. The default implementation simply throws
@@ -284,9 +291,10 @@ public abstract class AbstractCallbackHandler implements CallbackHandler
    *
    * @param callback The callback to handle.
    * @throws IOException If an I/O error occurs.
-   * @throws UnsupportedCallbackException If the specified callback is not
+   * @throws UnsupportedCallbackException if the specified callback is not
    *   supported.
    */
+  @SuppressWarnings({"static-method","unused"})
   protected void handleOther(Callback callback)
     throws IOException, UnsupportedCallbackException
   {
diff --git a/gnu/javax/security/auth/callback/ConsoleCallbackHandler.java b/gnu/javax/security/auth/callback/ConsoleCallbackHandler.java
index bb25ca049..298ee6f67 100644
--- a/gnu/javax/security/auth/callback/ConsoleCallbackHandler.java
+++ b/gnu/javax/security/auth/callback/ConsoleCallbackHandler.java
@@ -1,5 +1,5 @@
 /* ConsoleCallbackHandler.java --
-   Copyright (C) 2005, 2006, 2014  Free Software Foundation, Inc.
+   Copyright (C) 2005, 2006, 2014, 2015  Free Software Foundation, Inc.
 
 This file is a part of GNU Classpath.
 
@@ -85,6 +85,7 @@ public class ConsoleCallbackHandler extends AbstractCallbackHandler
   // Instance methods.
   // -------------------------------------------------------------------------
 
+  @Override
   protected void handleChoice(ChoiceCallback c) throws IOException
   {
     BufferedReader in = new BufferedReader(new InputStreamReader(System.in));
@@ -147,12 +148,13 @@ public class ConsoleCallbackHandler extends AbstractCallbackHandler
             int[] ii = new int[indices.size()];
             int i = 0;
             for (Iterator<Integer> it = indices.iterator(); it.hasNext(); )
-              ii[i++] = ((Integer) it.next()).intValue();
+              ii[i++] = it.next().intValue();
             c.setSelectedIndexes(ii);
           }
       }
   }
 
+  @Override
   protected void handleConfirmation(ConfirmationCallback c) throws IOException
   {
     BufferedReader in = new BufferedReader(new InputStreamReader(System.in));
@@ -249,6 +251,7 @@ public class ConsoleCallbackHandler extends AbstractCallbackHandler
     c.setSelectedIndex(c.getDefaultOption());
   }
 
+  @Override
   protected void handleLanguage(LanguageCallback c) throws IOException
   {
     BufferedReader in = new BufferedReader(new InputStreamReader(System.in));
@@ -265,6 +268,7 @@ public class ConsoleCallbackHandler extends AbstractCallbackHandler
       }
   }
 
+  @Override
   protected void handleName(NameCallback c) throws IOException
   {
     BufferedReader in = new BufferedReader(new InputStreamReader(System.in));
@@ -274,6 +278,7 @@ public class ConsoleCallbackHandler extends AbstractCallbackHandler
       c.setName(name.trim());
   }
 
+  @Override
   protected void handlePassword(PasswordCallback c) throws IOException
   {
     out.print(c.getPrompt());
@@ -283,6 +288,7 @@ public class ConsoleCallbackHandler extends AbstractCallbackHandler
     c.setPassword(pass.toCharArray());
   }
 
+  @Override
   protected void handleTextInput(TextInputCallback c) throws IOException
   {
     BufferedReader in = new BufferedReader(new InputStreamReader(System.in));
@@ -292,6 +298,7 @@ public class ConsoleCallbackHandler extends AbstractCallbackHandler
       c.setText(text);
   }
 
+  @Override
   protected void handleTextOutput(TextOutputCallback c)
   {
     out.print(c.getMessage());
diff --git a/gnu/javax/security/auth/callback/DefaultCallbackHandler.java b/gnu/javax/security/auth/callback/DefaultCallbackHandler.java
index df0360b2e..afe1fb261 100644
--- a/gnu/javax/security/auth/callback/DefaultCallbackHandler.java
+++ b/gnu/javax/security/auth/callback/DefaultCallbackHandler.java
@@ -1,5 +1,5 @@
 /* DefaultCallbackHandler.java --
-   Copyright (C) 2004, 2006 Free Software Foundation, Inc.
+   Copyright (C) 2004, 2006, 2015 Free Software Foundation, Inc.
 
 This file is a part of GNU Classpath.
 
@@ -66,11 +66,13 @@ public class DefaultCallbackHandler extends AbstractCallbackHandler
   // Instance methods.
   // -------------------------------------------------------------------------
 
+  @Override
   protected void handleChoice(ChoiceCallback c)
   {
     c.setSelectedIndex(c.getDefaultChoice());
   }
 
+  @Override
   protected void handleConfirmation(ConfirmationCallback c)
   {
     if (c.getOptionType() == ConfirmationCallback.YES_NO_OPTION)
@@ -83,26 +85,31 @@ public class DefaultCallbackHandler extends AbstractCallbackHandler
       c.setSelectedIndex(c.getDefaultOption());
   }
 
+  @Override
   protected void handleLanguage(LanguageCallback c)
   {
     c.setLocale(Locale.getDefault());
   }
 
+  @Override
   protected void handleName(NameCallback c)
   {
     c.setName(System.getProperty("user.name"));
   }
 
+  @Override
   protected void handlePassword(PasswordCallback c)
   {
     c.setPassword(new char[0]);
   }
 
+  @Override
   protected void handleTextInput(TextInputCallback c)
   {
     c.setText("");
   }
 
+  @Override
   protected void handleTextOutput(TextOutputCallback c)
   {
   }
diff --git a/gnu/javax/security/auth/callback/GnuCallbacks.java b/gnu/javax/security/auth/callback/GnuCallbacks.java
index 810452010..cc1bcb77e 100644
--- a/gnu/javax/security/auth/callback/GnuCallbacks.java
+++ b/gnu/javax/security/auth/callback/GnuCallbacks.java
@@ -53,6 +53,7 @@ public final class GnuCallbacks extends Provider
 
     AccessController.doPrivileged(new PrivilegedAction<Void>()
       {
+	@Override
         public Void run()
         {
           put("CallbackHandler.Default", DefaultCallbackHandler.class.getName());
diff --git a/gnu/javax/security/auth/callback/SwingCallbackHandler.java b/gnu/javax/security/auth/callback/SwingCallbackHandler.java
index c9d5b3eb5..8076ffba1 100644
--- a/gnu/javax/security/auth/callback/SwingCallbackHandler.java
+++ b/gnu/javax/security/auth/callback/SwingCallbackHandler.java
@@ -1,5 +1,5 @@
  /* SwingCallbackHandler.java --
-    Copyright (C) 2006  Free Software Foundation, Inc.
+    Copyright (C) 2006, 2014, 2015  Free Software Foundation, Inc.
 
 This file is a part of GNU Classpath.
 
@@ -60,6 +60,7 @@ import javax.security.auth.callback.NameCallback;
 import javax.security.auth.callback.PasswordCallback;
 import javax.security.auth.callback.TextInputCallback;
 import javax.security.auth.callback.TextOutputCallback;
+import javax.security.auth.callback.UnsupportedCallbackException;
 
 import javax.swing.JButton;
 import javax.swing.JDialog;
@@ -71,6 +72,8 @@ import javax.swing.JScrollPane;
 import javax.swing.JTextArea;
 import javax.swing.JTextField;
 import javax.swing.ListSelectionModel;
+import javax.swing.SwingConstants;
+import javax.swing.ScrollPaneConstants;
 
 public class SwingCallbackHandler extends AbstractCallbackHandler
 {
@@ -79,6 +82,7 @@ public class SwingCallbackHandler extends AbstractCallbackHandler
     super ("SWING");
   }
 
+  @Override
   protected void handleChoice (final ChoiceCallback callback)
     throws IOException
   {
@@ -87,7 +91,7 @@ public class SwingCallbackHandler extends AbstractCallbackHandler
     Container content = dialog.getContentPane ();
     GridBagLayout layout = new GridBagLayout ();
     content.setLayout (layout);
-    JLabel prompt = new JLabel (callback.getPrompt (), JLabel.LEFT);
+    JLabel prompt = new JLabel (callback.getPrompt (), SwingConstants.LEFT);
     content.add (prompt, new GridBagConstraints (0, 0, 1, 1, 0, 0,
                                                  GridBagConstraints.WEST,
                                                  GridBagConstraints.NONE,
@@ -96,8 +100,8 @@ public class SwingCallbackHandler extends AbstractCallbackHandler
     String[] choices = callback.getChoices ();
     final JList choicesList = new JList (choices);
     JScrollPane choicesPane = new JScrollPane (choicesList,
-                                               JScrollPane.VERTICAL_SCROLLBAR_AS_NEEDED,
-                                               JScrollPane.HORIZONTAL_SCROLLBAR_AS_NEEDED);
+                                               ScrollPaneConstants.VERTICAL_SCROLLBAR_AS_NEEDED,
+                                               ScrollPaneConstants.HORIZONTAL_SCROLLBAR_AS_NEEDED);
     final int defaultChoice = callback.getDefaultChoice ();
     choicesList.setSelectedIndex (defaultChoice);
     choicesList.setSelectionMode (callback.allowMultipleSelections ()
@@ -123,6 +127,7 @@ public class SwingCallbackHandler extends AbstractCallbackHandler
 
     cancel.addActionListener (new ActionListener ()
       {
+	@Override
         public void actionPerformed (final ActionEvent ae)
         {
           callback.setSelectedIndex (defaultChoice);
@@ -135,6 +140,7 @@ public class SwingCallbackHandler extends AbstractCallbackHandler
       });
     ok.addActionListener (new ActionListener ()
       {
+	@Override
         public void actionPerformed (final ActionEvent ae)
         {
           if (callback.allowMultipleSelections ())
@@ -167,8 +173,9 @@ public class SwingCallbackHandler extends AbstractCallbackHandler
     waitForInput (dialog, callback);
   }
 
+  @Override
   protected void handleConfirmation (final ConfirmationCallback callback)
-    throws IOException
+    throws IOException, UnsupportedCallbackException
   {
     final JDialog dialog = new JDialog ();
     switch (callback.getMessageType ())
@@ -182,6 +189,9 @@ public class SwingCallbackHandler extends AbstractCallbackHandler
       case ConfirmationCallback.INFORMATION:
         dialog.setTitle (messages.getString ("callback.information"));
         break;
+      default:
+	throw new UnsupportedCallbackException(callback,
+					       "Invalid message type.");
       }
     Container content = dialog.getContentPane ();
     content.setLayout (new GridBagLayout ());
@@ -199,6 +209,7 @@ public class SwingCallbackHandler extends AbstractCallbackHandler
     final String[] options = callback.getOptions ();
     ActionListener listener = new ActionListener ()
       {
+	@Override
         public void actionPerformed (ActionEvent ae)
         {
           String cmd = ae.getActionCommand ();
@@ -236,14 +247,13 @@ public class SwingCallbackHandler extends AbstractCallbackHandler
     buttons.setLayout (new FlowLayout (FlowLayout.RIGHT));
     switch (callback.getOptionType ())
       {
-      case ConfirmationCallback.YES_NO_CANCEL_OPTION:
+      case ConfirmationCallback.YES_NO_CANCEL_OPTION: //$FALL-THROUGH$
         {
           JButton cancel = new JButton (messages.getString ("callback.cancel"));
           buttons.add (cancel);
           cancel.setActionCommand ("cancel");
           cancel.addActionListener (listener);
-        }
-        /* Fall-through. */
+        } //$FALL-THROUGH$
       case ConfirmationCallback.YES_NO_OPTION:
         {
           JButton yes = new JButton (messages.getString ("callback.yes"));
@@ -280,6 +290,10 @@ public class SwingCallbackHandler extends AbstractCallbackHandler
             if (i == options.length - 1)
               dialog.getRootPane ().setDefaultButton (button);
           }
+	break;
+      default:
+	throw new UnsupportedCallbackException(callback,
+					       "Invalid option type.");
       }
     content.add (buttons,
                  new GridBagConstraints (0, GridBagConstraints.RELATIVE,
@@ -293,21 +307,19 @@ public class SwingCallbackHandler extends AbstractCallbackHandler
     waitForInput (dialog, callback);
   }
 
+  @Override
   protected void handleLanguage (final LanguageCallback callback)
     throws IOException
   {
     Locale locale = Locale.getDefault ();
     Locale[] locales = Locale.getAvailableLocales ();
     String[] localeNames = new String[locales.length+1];
-    int defaultIndex = 0;
     for (int i = 0; i < locales.length; i++)
       {
         localeNames[i+1] = locales[i].getDisplayLanguage (locales[i]);
         String country = locales[i].getDisplayCountry (locales[i]);
         if (country.length () > 0)
           localeNames[i+1] += " (" + country + ")";
-        if (locales[i].equals (locale))
-          defaultIndex = i;
       }
     locales[0] = locale;
     localeNames[0] = locale.getDisplayLanguage (locale);
@@ -325,6 +337,7 @@ public class SwingCallbackHandler extends AbstractCallbackHandler
       callback.setLocale (locale);
   }
 
+  @Override
   protected void handleName (final NameCallback callback)
     throws IOException
   {
@@ -350,6 +363,7 @@ public class SwingCallbackHandler extends AbstractCallbackHandler
 
     ActionListener listener = new ActionListener ()
       {
+	@Override
         public void actionPerformed (ActionEvent ae)
         {
           String cmd = ae.getActionCommand ();
@@ -385,6 +399,7 @@ public class SwingCallbackHandler extends AbstractCallbackHandler
     waitForInput (dialog, callback);
   }
 
+  @Override
   protected void handlePassword (final PasswordCallback callback)
     throws IOException
   {
@@ -408,6 +423,7 @@ public class SwingCallbackHandler extends AbstractCallbackHandler
 
     ActionListener listener = new ActionListener ()
       {
+	@Override
         public void actionPerformed (ActionEvent ae)
         {
           String cmd = ae.getActionCommand ();
@@ -443,6 +459,7 @@ public class SwingCallbackHandler extends AbstractCallbackHandler
     waitForInput (dialog, callback);
   }
 
+  @Override
   protected void handleTextInput (final TextInputCallback callback)
     throws IOException
   {
@@ -463,8 +480,8 @@ public class SwingCallbackHandler extends AbstractCallbackHandler
       text.setText (_text);
     text.setFont (new Font ("Monospaced", Font.PLAIN, 12));
     JScrollPane textPane = new JScrollPane (text,
-                                            JScrollPane.VERTICAL_SCROLLBAR_AS_NEEDED,
-                                            JScrollPane.HORIZONTAL_SCROLLBAR_AS_NEEDED);
+                                            ScrollPaneConstants.VERTICAL_SCROLLBAR_AS_NEEDED,
+                                            ScrollPaneConstants.HORIZONTAL_SCROLLBAR_AS_NEEDED);
     content.add (textPane,
                  new GridBagConstraints (0, 1, 1, 1, 1, 1,
                                          GridBagConstraints.CENTER,
@@ -473,6 +490,7 @@ public class SwingCallbackHandler extends AbstractCallbackHandler
 
     ActionListener listener = new ActionListener ()
       {
+	@Override
         public void actionPerformed (ActionEvent ae)
         {
           String cmd = ae.getActionCommand ();
@@ -508,8 +526,9 @@ public class SwingCallbackHandler extends AbstractCallbackHandler
     waitForInput (dialog, callback);
   }
 
+  @Override
   protected void handleTextOutput (final TextOutputCallback callback)
-    throws IOException
+    throws IOException, UnsupportedCallbackException
   {
     final JDialog dialog = new JDialog ();
     switch (callback.getMessageType ())
@@ -523,6 +542,9 @@ public class SwingCallbackHandler extends AbstractCallbackHandler
       case TextOutputCallback.INFORMATION:
         dialog.setTitle (messages.getString ("callback.information"));
         break;
+      default:
+	throw new UnsupportedCallbackException(callback,
+					       "Invalid message type.");
       }
     Container content = dialog.getContentPane ();
     content.setLayout (new GridBagLayout ());
@@ -532,8 +554,8 @@ public class SwingCallbackHandler extends AbstractCallbackHandler
     text.setText (callback.getMessage ());
     text.setFont (new Font ("Monospaced", Font.PLAIN, 12));
     JScrollPane textPane = new JScrollPane (text,
-                                            JScrollPane.VERTICAL_SCROLLBAR_AS_NEEDED,
-                                            JScrollPane.HORIZONTAL_SCROLLBAR_AS_NEEDED);
+                                            ScrollPaneConstants.VERTICAL_SCROLLBAR_AS_NEEDED,
+                                            ScrollPaneConstants.HORIZONTAL_SCROLLBAR_AS_NEEDED);
     content.add (textPane,
                  new GridBagConstraints (0, 0, 1, 1, 1, 1,
                                          GridBagConstraints.CENTER,
@@ -542,6 +564,7 @@ public class SwingCallbackHandler extends AbstractCallbackHandler
 
     ActionListener listener = new ActionListener ()
       {
+	@Override
         public void actionPerformed (ActionEvent ae)
         {
           dialog.setVisible (false);
@@ -567,7 +590,7 @@ public class SwingCallbackHandler extends AbstractCallbackHandler
     waitForInput (dialog, callback);
   }
 
-  private void waitForInput (JDialog dialog, Callback callback)
+  private static void waitForInput (JDialog dialog, Callback callback)
   {
     synchronized (callback)
       {
diff --git a/gnu/javax/security/auth/login/ConfigFileParser.java b/gnu/javax/security/auth/login/ConfigFileParser.java
index e86e4a8c6..07c81ebf8 100644
--- a/gnu/javax/security/auth/login/ConfigFileParser.java
+++ b/gnu/javax/security/auth/login/ConfigFileParser.java
@@ -1,5 +1,5 @@
 /* ConfigFileParser.java -- JAAS Login Configuration default syntax parser
-   Copyright (C) 2006, 2010, 2014  Free Software Foundation, Inc.
+   Copyright (C) 2006, 2010, 2014, 2015  Free Software Foundation, Inc.
 
 This file is part of GNU Classpath.
 
@@ -130,7 +130,7 @@ public final class ConfigFileParser
       }
   }
 
-  private void initParser(Reader r) throws IOException
+  private void initParser(Reader r)
   {
     map.clear();
 
@@ -304,7 +304,7 @@ public final class ConfigFileParser
    * the string is not a known System property name, then the complete sequence
    * (incl. the ${} characters are passed AS IS.
    */
-  private String expandParamValue(String s)
+  private static String expandParamValue(String s)
   {
     String result = s;
     try
diff --git a/gnu/javax/security/auth/login/GnuConfiguration.java b/gnu/javax/security/auth/login/GnuConfiguration.java
index b7c3b5a44..86961f6b8 100644
--- a/gnu/javax/security/auth/login/GnuConfiguration.java
+++ b/gnu/javax/security/auth/login/GnuConfiguration.java
@@ -1,5 +1,5 @@
 /* GnuConfiguration.java -- GNU Classpath implementation of JAAS Configuration
-   Copyright (C) 2006, 2010, 2014  Free Software Foundation, Inc.
+   Copyright (C) 2006, 2010, 2014, 2015  Free Software Foundation, Inc.
 
 This file is part of GNU Classpath.
 
@@ -163,6 +163,7 @@ public final class GnuConfiguration extends Configuration
   /* (non-Javadoc)
    * @see javax.security.auth.login.Configuration#getAppConfigurationEntry(java.lang.String)
    */
+  @Override
   public AppConfigurationEntry[] getAppConfigurationEntry(String appName)
   {
     if (appName == null)
@@ -193,6 +194,7 @@ public final class GnuConfiguration extends Configuration
    * <code>refreshLoginConfiguration</code>.
    * @see AuthPermission
    */
+  @Override
   public void refresh()
   {
     SecurityManager sm = System.getSecurityManager();
@@ -289,7 +291,7 @@ public final class GnuConfiguration extends Configuration
    * @throws IOException
    *           if an exception occurs during the operation.
    */
-  private InputStream getInputStreamFromURL(String s) throws IOException
+  private static InputStream getInputStreamFromURL(String s) throws IOException
   {
     InputStream result = null;
     try
@@ -385,8 +387,7 @@ public final class GnuConfiguration extends Configuration
   private void parseConfig(InputStream configStream) throws IOException
   {
     cp.parse(new InputStreamReader(configStream, "UTF-8"));
-    Map<String,List<AppConfigurationEntry>> loginModulesMap = cp.getLoginModulesMap();
-    mergeLoginModules(loginModulesMap);
+    mergeLoginModules(cp.getLoginModulesMap());
   }
 
   private void mergeLoginModules(Map<String,List<AppConfigurationEntry>> otherLoginModules)
@@ -409,7 +410,7 @@ public final class GnuConfiguration extends Configuration
       }
   }
 
-  private File getUserHome()
+  private static File getUserHome()
   {
     String uh = System.getProperty("user.home");
     if (uh == null || uh.trim().length() == 0)
@@ -441,7 +442,7 @@ public final class GnuConfiguration extends Configuration
     return result;
   }
 
-  private File getConfigFromUserHome(File userHome, String fileName)
+  private static File getConfigFromUserHome(File userHome, String fileName)
   {
     File result = new File(userHome, fileName);
     if (! result.exists())
diff --git a/java/security/AccessControlContext.java b/java/security/AccessControlContext.java
index 726a6f6e6..5e491cb01 100644
--- a/java/security/AccessControlContext.java
+++ b/java/security/AccessControlContext.java
@@ -1,5 +1,5 @@
 /* AccessControlContext.java --- Access Control Context Class
-   Copyright (C) 1999, 2004, 2014 Free Software Foundation, Inc.
+   Copyright (C) 1999, 2004, 2014, 2015 Free Software Foundation, Inc.
 
 This file is part of GNU Classpath.
 
@@ -172,6 +172,7 @@ public final class AccessControlContext
    *
    * @return true if equal, false otherwise
    */
+  @Override
   public boolean equals(Object obj)
   {
     if (obj instanceof AccessControlContext)
@@ -202,6 +203,7 @@ public final class AccessControlContext
    *
    * @return a hash code representing this class
    */
+  @Override
   public int hashCode()
   {
     int h = 0;
diff --git a/java/security/AlgorithmParameters.java b/java/security/AlgorithmParameters.java
index ba805143e..7cc98f385 100644
--- a/java/security/AlgorithmParameters.java
+++ b/java/security/AlgorithmParameters.java
@@ -1,5 +1,5 @@
 /* AlgorithmParameters.java --- Algorithm Parameters Implementation Class
-   Copyright (C) 1999, 2003, 2004  Free Software Foundation, Inc.
+   Copyright (C) 1999, 2003, 2004, 2015  Free Software Foundation, Inc.
 
 This file is part of GNU Classpath.
 
@@ -310,6 +310,7 @@ public class AlgorithmParameters
    *
    * @return a string representation of the encoded form.
    */
+  @Override
   public final String toString()
   {
     return paramSpi.engineToString();
diff --git a/java/security/AllPermission.java b/java/security/AllPermission.java
index 0a0a5f2ce..12e7d986a 100644
--- a/java/security/AllPermission.java
+++ b/java/security/AllPermission.java
@@ -1,5 +1,6 @@
 /* AllPermission.java -- Permission to do anything
-   Copyright (C) 1998, 2001, 2002, 2004, 2005, 2014  Free Software Foundation, Inc.
+   Copyright (C) 1998, 2001, 2002, 2004, 2005, 2014, 2015
+   Free Software Foundation, Inc.
 
 This file is part of GNU Classpath.
 
@@ -78,6 +79,7 @@ public final class AllPermission extends Permission
    * @param name ignored
    * @param actions ignored
    */
+  @SuppressWarnings("unused")
   public AllPermission(String name, String actions)
   {
     super("*");
@@ -90,6 +92,7 @@ public final class AllPermission extends Permission
    * @param perm ignored
    * @return true, the permission is implied
    */
+  @Override
   public boolean implies(Permission perm)
   {
     return true;
@@ -100,6 +103,7 @@ public final class AllPermission extends Permission
    *
    * @param obj the <code>Object</code> to test for equality
    */
+  @Override
   public boolean equals(Object obj)
   {
     return obj instanceof AllPermission;
@@ -110,6 +114,7 @@ public final class AllPermission extends Permission
    *
    * @return a hash value for this object
    */
+  @Override
   public int hashCode()
   {
     return 1;
@@ -121,6 +126,7 @@ public final class AllPermission extends Permission
    *
    * @return the action list
    */
+  @Override
   public String getActions()
   {
     return "";
@@ -131,6 +137,7 @@ public final class AllPermission extends Permission
    *
    * @return a permission collection
    */
+  @Override
   public PermissionCollection newPermissionCollection()
   {
     return new AllPermissionCollection();
@@ -157,6 +164,15 @@ public final class AllPermission extends Permission
     private boolean all_allowed;
 
     /**
+     * Public constructor to avoid generation of a
+     * synthetic accessor method.
+     */
+    public AllPermissionCollection()
+    {
+      super();
+    }
+
+    /**
      * Add an AllPermission.
      *
      * @param perm the permission to add
diff --git a/java/security/BasicPermission.java b/java/security/BasicPermission.java
index 3bd0bd8f3..86c58f0e0 100644
--- a/java/security/BasicPermission.java
+++ b/java/security/BasicPermission.java
@@ -1,5 +1,5 @@
 /* BasicPermission.java -- implements a simple named permission
-   Copyright (C) 1998, 1999, 2002, 2003, 2004, 2005, 2006, 2014
+   Copyright (C) 1998, 1999, 2002, 2003, 2004, 2005, 2006, 2014, 2015
    Free Software Foundation, Inc.
 
 This file is part of GNU Classpath.
@@ -39,7 +39,6 @@ exception statement from your version. */
 
 package java.security;
 
-import java.io.Serializable;
 import java.util.Enumeration;
 import java.util.Hashtable;
 
@@ -74,7 +73,6 @@ import java.util.Hashtable;
  * @status updated to 1.4
  */
 public abstract class BasicPermission extends Permission
-  implements Serializable
 {
   /**
    * Compatible with JDK 1.1+.
@@ -111,6 +109,7 @@ public abstract class BasicPermission extends Permission
    * @throws NullPointerException if name is null
    * @throws IllegalArgumentException if name is invalid
    */
+  @SuppressWarnings("unused")
   public BasicPermission(String name, String actions)
   {
     this(name);
@@ -183,6 +182,7 @@ public abstract class BasicPermission extends Permission
    *
    * @return the action list
    */
+  @Override
   public String getActions()
   {
     return "";
@@ -197,6 +197,7 @@ public abstract class BasicPermission extends Permission
    *
    * @return a new empty <code>PermissionCollection</code> object
    */
+  @Override
   public PermissionCollection newPermissionCollection()
   {
     return new BasicPermissionCollection(getClass());
diff --git a/java/security/Certificate.java b/java/security/Certificate.java
index 5cdba6e10..cb863b578 100644
--- a/java/security/Certificate.java
+++ b/java/security/Certificate.java
@@ -1,5 +1,5 @@
 /* Certificate.java -- deprecated interface for modeling digital certificates
-   Copyright (C) 1998, 2002, 2004  Free Software Foundation, Inc.
+   Copyright (C) 1998, 2002, 2004, 2015  Free Software Foundation, Inc.
 
 This file is part of GNU Classpath.
 
@@ -45,7 +45,7 @@ import java.io.OutputStream;
 /**
  * This interface models a digital certificate which verifies the
  * authenticity of a party.  This class simply allows certificate
- * information to be queried, it does not guarantee that the certificate
+ * information to be queried; it does not guarantee that the certificate
  * is valid.
  *
  * <p>This class is deprecated in favor of the new java.security.cert package.
@@ -56,6 +56,7 @@ import java.io.OutputStream;
  * @deprecated use {@link java.security.cert} instead
  * @status updated to 1.4
  */
+@Deprecated
 public interface Certificate
 {
   /**
diff --git a/java/security/DigestInputStream.java b/java/security/DigestInputStream.java
index c0a74f3ab..7bd440e26 100644
--- a/java/security/DigestInputStream.java
+++ b/java/security/DigestInputStream.java
@@ -1,5 +1,5 @@
 /* DigestInputStream.java --- An Input stream tied to a message digest
-   Copyright (C) 1999, 2003, 2004, 2005  Free Software Foundation, Inc.
+   Copyright (C) 1999, 2003, 2004, 2005, 2015  Free Software Foundation, Inc.
 
 This file is part of GNU Classpath.
 
@@ -110,6 +110,7 @@ public class DigestInputStream extends FilterInputStream
    * @throws IOException if an IO error occurs in the underlying input stream,
    * this error is thrown
    */
+  @Override
   public int read() throws IOException
   {
     int temp = in.read();
@@ -134,6 +135,7 @@ public class DigestInputStream extends FilterInputStream
    * @throws IOException if an IO error occurs in the underlying input stream,
    * this error is thrown
    */
+  @Override
   public int read(byte[]b, int off, int len) throws IOException
   {
     int temp = in.read(b, off, len);
@@ -160,6 +162,7 @@ public class DigestInputStream extends FilterInputStream
    *
    * @return A string representing the input stream and message digest.
    */
+  @Override
   public String toString()
   {
     return "[Digest Input Stream] " + digest.toString();
diff --git a/java/security/DigestOutputStream.java b/java/security/DigestOutputStream.java
index 748f83d79..2b745adc5 100644
--- a/java/security/DigestOutputStream.java
+++ b/java/security/DigestOutputStream.java
@@ -1,5 +1,5 @@
 /* DigestOutputStream.java --- An output stream tied to a message digest
-   Copyright (C) 1999, 2004, 2005  Free Software Foundation, Inc.
+   Copyright (C) 1999, 2004, 2005, 2015  Free Software Foundation, Inc.
 
 This file is part of GNU Classpath.
 
@@ -108,6 +108,7 @@ public class DigestOutputStream extends FilterOutputStream
    * @exception IOException if the underlying output stream
    * cannot write the byte, this is thrown.
    */
+  @Override
   public void write(int b) throws IOException
   {
     if (state)
@@ -127,6 +128,7 @@ public class DigestOutputStream extends FilterOutputStream
    * @exception IOException if the underlying output stream
    * cannot write the bytes, this is thrown.
    */
+  @Override
   public void write(byte[]b, int off, int len) throws IOException
   {
     if (state)
@@ -151,6 +153,7 @@ public class DigestOutputStream extends FilterOutputStream
    *
    * @return A string representing the output stream and message digest.
    */
+  @Override
   public String toString()
   {
     return "[Digest Output Stream] " + digest.toString();
diff --git a/java/security/DummyKeyPairGenerator.java b/java/security/DummyKeyPairGenerator.java
index da8c362eb..63c89ebd9 100644
--- a/java/security/DummyKeyPairGenerator.java
+++ b/java/security/DummyKeyPairGenerator.java
@@ -1,5 +1,5 @@
 /* DummyKeyPairGenerator.java - Wrapper for KeyPairGeneratorSpi
-   Copyright (C) 1999, 2002 Free Software Foundation, Inc.
+   Copyright (C) 1999, 2002, 2015 Free Software Foundation, Inc.
 
 This file is part of GNU Classpath.
 
@@ -49,6 +49,7 @@ final class DummyKeyPairGenerator extends KeyPairGenerator
     this.kpgSpi = kpgSpi;
   }
 
+  @Override
   public Object clone() throws CloneNotSupportedException
   {
     KeyPairGenerator result = new DummyKeyPairGenerator
@@ -57,17 +58,20 @@ final class DummyKeyPairGenerator extends KeyPairGenerator
     return result;
   }
 
+  @Override
   public void initialize(int keysize, SecureRandom random)
   {
     kpgSpi.initialize(keysize, random);
   }
 
+  @Override
   public void initialize(AlgorithmParameterSpec params, SecureRandom random)
     throws InvalidAlgorithmParameterException
   {
     kpgSpi.initialize(params, random);
   }
 
+  @Override
   public KeyPair generateKeyPair()
   {
     return kpgSpi.generateKeyPair();
diff --git a/java/security/DummyMessageDigest.java b/java/security/DummyMessageDigest.java
index 6cecdcf68..7b78f828a 100644
--- a/java/security/DummyMessageDigest.java
+++ b/java/security/DummyMessageDigest.java
@@ -1,5 +1,5 @@
 /* DummyMessageDigest.java - Wrapper for MessageDigestSpi
-   Copyright (C) 1999, 2002 Free Software Foundation, Inc.
+   Copyright (C) 1999, 2002, 2015 Free Software Foundation, Inc.
 
 This file is part of GNU Classpath.
 
@@ -47,6 +47,7 @@ final class DummyMessageDigest extends MessageDigest
     this.mdSpi = mdSpi;
   }
 
+  @Override
   public Object clone() throws CloneNotSupportedException
   {
     MessageDigest result = new DummyMessageDigest
@@ -57,32 +58,38 @@ final class DummyMessageDigest extends MessageDigest
 
   // java.security.MessageDigestSpi abstract methods implementation ---------
 
+  @Override
   public byte[] engineDigest()
   {
     return mdSpi.engineDigest();
   }
 
+  @Override
   public int engineDigest(byte[] buf, int offset, int len)
     throws DigestException
   {
     return mdSpi.engineDigest(buf, offset, len);
   }
 
+  @Override
   public int engineGetDigestLength()
   {
     return mdSpi.engineGetDigestLength();
   }
 
+  @Override
   public void engineReset()
   {
     mdSpi.engineReset();
   }
 
+  @Override
   public void engineUpdate(byte input)
   {
     mdSpi.engineUpdate(input);
   }
 
+  @Override
   public void engineUpdate(byte[] input, int offset, int len)
   {
     mdSpi.engineUpdate(input, offset, len);
diff --git a/java/security/Identity.java b/java/security/Identity.java
index d3f48e887..9086bb7ab 100644
--- a/java/security/Identity.java
+++ b/java/security/Identity.java
@@ -1,5 +1,5 @@
 /* Identity.java --- Identity Class
-   Copyright (C) 1999, 2003, 2014, Free Software Foundation, Inc.
+   Copyright (C) 1999, 2003, 2014, 2015, Free Software Foundation, Inc.
 
 This file is part of GNU Classpath.
 
@@ -49,7 +49,7 @@ import java.util.Vector;
  * identity. The names cannot be changed and the identities can be scoped. Each
  * identity (name and public key) within a scope are unique to that scope.</p>
  *
- * <p>Each identity has a set of ceritificates which all specify the same
+ * <p>Each identity has a set of certificates which all specify the same
  * public key, but not necessarily the same name.</p>
  *
  * <p>The <code>Identity</code> class can be subclassed to allow additional
@@ -63,6 +63,7 @@ import java.util.Vector;
  * <code>java.security.cert</code> package, and
  * <code>java.security.Principal</code>.
  */
+@Deprecated
 public abstract class Identity implements Principal, Serializable
 {
   private static final long serialVersionUID = 3609922007826600659L;
@@ -110,6 +111,7 @@ public abstract class Identity implements Principal, Serializable
   }
 
   /** @return the name of this identity. */
+  @Override
   public final String getName()
   {
     return name;
@@ -252,6 +254,7 @@ public abstract class Identity implements Principal, Serializable
    * @return <code>true</code> if they are equal, <code>false</code>
    *         otherwise.
    */
+  @Override
   public final boolean equals(Object identity)
   {
     if (identity instanceof Identity)
@@ -290,6 +293,7 @@ public abstract class Identity implements Principal, Serializable
    *           if a {@link SecurityManager} is installed which disallows this
    *           operation.
    */
+  @Override
   public String toString()
   {
     SecurityManager sm = System.getSecurityManager();
@@ -321,14 +325,12 @@ public abstract class Identity implements Principal, Serializable
         /* TODO: Insert proper detailed format here */
         return (name + ":@" + scope + " Public Key: " + publicKey);
       }
-    else
-      {
-        /* TODO: Insert proper format here */
-        return (name + ":@" + scope + " Public Key: " + publicKey);
-      }
+    /* TODO: Insert proper format here */
+    return (name + ":@" + scope + " Public Key: " + publicKey);
   }
 
   /** @return a hashcode of this identity. */
+  @Override
   public int hashCode()
   {
     int ret = name.hashCode();
diff --git a/java/security/IdentityScope.java b/java/security/IdentityScope.java
index 4391fbd49..4cdccdd55 100644
--- a/java/security/IdentityScope.java
+++ b/java/security/IdentityScope.java
@@ -1,5 +1,5 @@
 /* IdentityScope.java --- IdentityScope Class
-   Copyright (C) 1999, 2003, Free Software Foundation, Inc.
+   Copyright (C) 1999, 2003, 2015, Free Software Foundation, Inc.
 
 This file is part of GNU Classpath.
 
@@ -59,6 +59,7 @@ import java.util.Enumeration;
  * @deprecated Use java.security.KeyStore, the java.security.cert package, and
  *             java.security.Principal.
  */
+@Deprecated
 public abstract class IdentityScope extends Identity
 {
   private static final long serialVersionUID = -2337346281189773310L;
@@ -209,6 +210,7 @@ public abstract class IdentityScope extends Identity
    *
    * @return a string representation of this instance.
    */
+  @Override
   public String toString()
   {
     return (super.getName() + " " + super.getScope().getName() + " " + size());
diff --git a/java/security/IntersectingDomainCombiner.java b/java/security/IntersectingDomainCombiner.java
index 9a40ce75e..f93812533 100644
--- a/java/security/IntersectingDomainCombiner.java
+++ b/java/security/IntersectingDomainCombiner.java
@@ -1,5 +1,5 @@
 /* IntersectingDomainCombiner.java --
-   Copyright (C) 2004, 2014  Free Software Foundation, Inc.
+   Copyright (C) 2004, 2014, 2015  Free Software Foundation, Inc.
 
 This file is part of GNU Classpath.
 
@@ -62,6 +62,7 @@ final class IntersectingDomainCombiner implements DomainCombiner
   // Methods.
   // -------------------------------------------------------------------------
 
+  @Override
   public ProtectionDomain[] combine (ProtectionDomain[] currentDomains,
                                      ProtectionDomain[] assignedDomains)
   {
diff --git a/java/security/KeyPairGenerator.java b/java/security/KeyPairGenerator.java
index 457c5a531..190a0a517 100644
--- a/java/security/KeyPairGenerator.java
+++ b/java/security/KeyPairGenerator.java
@@ -315,6 +315,7 @@ public abstract class KeyPairGenerator extends KeyPairGeneratorSpi
    * @return a new unique {@link KeyPair}.
    * @see #genKeyPair()
    */
+  @Override
   public KeyPair generateKeyPair()
   {
     try
diff --git a/java/security/KeyPairGeneratorSpi.java b/java/security/KeyPairGeneratorSpi.java
index 1eaad9832..659f9d760 100644
--- a/java/security/KeyPairGeneratorSpi.java
+++ b/java/security/KeyPairGeneratorSpi.java
@@ -1,5 +1,5 @@
 /* KeyPairGeneratorSpi.java --- Key Pair Generator SPI Class
-   Copyright (C) 1999, 2002 Free Software Foundation, Inc.
+   Copyright (C) 1999, 2002, 2015 Free Software Foundation, Inc.
 
 This file is part of GNU Classpath.
 
@@ -76,6 +76,7 @@ public abstract class KeyPairGeneratorSpi
 
      @throws InvalidAlgorithmParameterException
    */
+  @SuppressWarnings({"unused","static-method"})
   public void initialize(AlgorithmParameterSpec params, SecureRandom random)
     throws InvalidAlgorithmParameterException
   {
@@ -95,6 +96,7 @@ public abstract class KeyPairGeneratorSpi
    * We override clone here to make it accessible for use by
    * DummyKeyPairGenerator.
    */
+  @Override
   protected Object clone() throws CloneNotSupportedException
   {
     return super.clone();
diff --git a/java/security/KeyStore.java b/java/security/KeyStore.java
index 25173e543..baf9a3c94 100644
--- a/java/security/KeyStore.java
+++ b/java/security/KeyStore.java
@@ -1,5 +1,5 @@
 /* KeyStore.java --- Key Store Class
-   Copyright (C) 1999, 2002, 2003, 2004  Free Software Foundation, Inc.
+   Copyright (C) 1999, 2002, 2003, 2004, 2014  Free Software Foundation, Inc.
 
 This file is part of GNU Classpath.
 
@@ -171,7 +171,7 @@ public class KeyStore
    *
    * @param type the type of keystore to create.
    * @param provider the provider to use.
-   * @return a <code>KeyStore</code> repesenting the desired type.
+   * @return a <code>KeyStore</code> representing the desired type.
    * @throws KeyStoreException if the designated type is not implemented by the
    *           given provider.
    * @throws IllegalArgumentException if either <code>type</code> or
@@ -215,6 +215,7 @@ public class KeyStore
     // Security reads every property in java.security so it
     // will return this property if it exists.
     String tmp = AccessController.doPrivileged(new PrivilegedAction<String> () {
+	@Override
         public String run()
         {
           return Security.getProperty("keystore.type");
diff --git a/java/security/MessageDigest.java b/java/security/MessageDigest.java
index a4eeab447..d4e844993 100644
--- a/java/security/MessageDigest.java
+++ b/java/security/MessageDigest.java
@@ -1,5 +1,5 @@
 /* MessageDigest.java --- The message digest interface.
-   Copyright (C) 1999, 2002, 2003, 2006 Free Software Foundation, Inc.
+   Copyright (C) 1999, 2002, 2003, 2006, 2014 Free Software Foundation, Inc.
 
 This file is part of GNU Classpath.
 
@@ -288,6 +288,7 @@ public abstract class MessageDigest extends MessageDigestSpi
    *
    * @return a string representation of this instance.
    */
+  @Override
   public String toString()
   {
     return (getClass()).getName() + " Message Digest <" + digestToString() + ">";
@@ -353,6 +354,7 @@ public abstract class MessageDigest extends MessageDigestSpi
    * @throws CloneNotSupportedException
    *           the implementation does not support cloning.
    */
+  @Override
   public Object clone() throws CloneNotSupportedException
   {
     return super.clone();
diff --git a/java/security/MessageDigestSpi.java b/java/security/MessageDigestSpi.java
index 63cc96047..5c16b66fd 100644
--- a/java/security/MessageDigestSpi.java
+++ b/java/security/MessageDigestSpi.java
@@ -1,5 +1,5 @@
 /* MessageDigestSpi.java --- The message digest service provider interface.
-   Copyright (C) 1999, 2005  Free Software Foundation, Inc.
+   Copyright (C) 1999, 2005, 2014, 2015  Free Software Foundation, Inc.
 
 This file is part of GNU Classpath.
 
@@ -76,6 +76,7 @@ public abstract class MessageDigestSpi
 
      @since 1.2
    */
+  @SuppressWarnings("static-method")
   protected int engineGetDigestLength()
   {
     return 0;
@@ -167,6 +168,7 @@ public abstract class MessageDigestSpi
      implementation has to overload this class in order to be
      cloneable.
    */
+  @Override
   public Object clone() throws CloneNotSupportedException
   {
     return super.clone();
diff --git a/java/security/Permission.java b/java/security/Permission.java
index cf6399b16..f39466f17 100644
--- a/java/security/Permission.java
+++ b/java/security/Permission.java
@@ -1,5 +1,6 @@
 /* Permission.java -- The superclass for all permission objects
-   Copyright (C) 1998, 2001, 2002, 2005  Free Software Foundation, Inc.
+   Copyright (C) 1998, 2001, 2002, 2005, 2014, 2015
+   Free Software Foundation, Inc.
 
 This file is part of GNU Classpath.
 
@@ -105,6 +106,7 @@ public abstract class Permission implements Guard, Serializable
    * @see GuardedObject
    * @see SecurityManager#checkPermission(Permission)
    */
+  @Override
   public void checkGuard(Object obj)
   {
     SecurityManager sm = System.getSecurityManager();
@@ -127,6 +129,7 @@ public abstract class Permission implements Guard, Serializable
    *
    * @param obj the object to compare to
    */
+  @Override
   public abstract boolean equals(Object obj);
 
   /**
@@ -136,6 +139,7 @@ public abstract class Permission implements Guard, Serializable
    *
    * @return a hash value
    */
+  @Override
   public abstract int hashCode();
 
   /**
@@ -168,6 +172,7 @@ public abstract class Permission implements Guard, Serializable
    *
    * @return a new <code>PermissionCollection</code>
    */
+  @SuppressWarnings("static-method")
   public PermissionCollection newPermissionCollection()
   {
     return null;
@@ -181,6 +186,7 @@ public abstract class Permission implements Guard, Serializable
    *
    * @return this object as a <code>String</code>
    */
+  @Override
   public String toString()
   {
     CPStringBuilder string = new CPStringBuilder();
diff --git a/java/security/PermissionCollection.java b/java/security/PermissionCollection.java
index ef87cc7e1..64a5bd038 100644
--- a/java/security/PermissionCollection.java
+++ b/java/security/PermissionCollection.java
@@ -1,5 +1,5 @@
 /* PermissionCollection.java -- A collection of permission objects
-   Copyright (C) 1998, 2001, 2002, 2005  Free Software Foundation, Inc.
+   Copyright (C) 1998, 2001, 2002, 2005, 2014  Free Software Foundation, Inc.
 
 This file is part of GNU Classpath.
 
@@ -156,6 +156,7 @@ public abstract class PermissionCollection implements Serializable
    *
    * @return a <code>String</code> representing this object
    */
+  @Override
   public String toString()
   {
     CPStringBuilder sb = new CPStringBuilder(super.toString());
diff --git a/java/security/Permissions.java b/java/security/Permissions.java
index 40087ba02..669d9140f 100644
--- a/java/security/Permissions.java
+++ b/java/security/Permissions.java
@@ -1,5 +1,6 @@
 /* Permissions.java -- a collection of permission collections
-   Copyright (C) 1998, 2001, 2002, 2004, 2005, 2014 Free Software Foundation, Inc.
+   Copyright (C) 1998, 2001, 2002, 2004, 2005, 2014, 2015
+   Free Software Foundation, Inc.
 
 This file is part of GNU Classpath.
 
@@ -38,7 +39,6 @@ exception statement from your version. */
 
 package java.security;
 
-import java.io.Serializable;
 import java.util.Enumeration;
 import java.util.Hashtable;
 import java.util.NoSuchElementException;
@@ -58,7 +58,6 @@ import java.util.NoSuchElementException;
  * @since 1.1
  */
 public final class Permissions extends PermissionCollection
-  implements Serializable
 {
   /**
    * Compatible with JDK 1.1+.
@@ -159,6 +158,7 @@ public final class Permissions extends PermissionCollection
       Enumeration<PermissionCollection> mainEnum = perms.elements();
       Enumeration<Permission> subEnum;
 
+      @Override
       public boolean hasMoreElements()
       {
         if (subEnum == null)
@@ -181,6 +181,7 @@ public final class Permissions extends PermissionCollection
         return true;
       }
 
+      @Override
       public Permission nextElement()
       {
         if (! hasMoreElements())
@@ -208,8 +209,12 @@ public final class Permissions extends PermissionCollection
      *
      * @serial the stored permissions, both as key and value
      */
-    private final Hashtable<Permission,Permission> perms =
-      new Hashtable<Permission,Permission>();
+    private final Hashtable<Permission,Permission> perms;
+
+    public PermissionsHash()
+    {
+      perms = new Hashtable<Permission,Permission>();
+    }
 
     /**
      * Add a permission. We don't need to check for read-only, as this
@@ -219,7 +224,7 @@ public final class Permissions extends PermissionCollection
      * @param perm the permission to add
      */
     @Override
-    public void add(Permission perm)
+    public synchronized void add(Permission perm)
     {
       perms.put(perm, perm);
     }
@@ -230,9 +235,9 @@ public final class Permissions extends PermissionCollection
      * @param perm the permission to check
      * @return true if it is implied
      */
-    // FIXME: Should this method be synchronized?
+    // Synchronized to avoid elements being added mid-iteration
     @Override
-    public boolean implies(Permission perm)
+    public synchronized boolean implies(Permission perm)
     {
       Enumeration<Permission> elements = elements();
 
diff --git a/java/security/Policy.java b/java/security/Policy.java
index 930315bfd..9f3459c9a 100644
--- a/java/security/Policy.java
+++ b/java/security/Policy.java
@@ -274,7 +274,7 @@ public abstract class Policy
     if (pd2pc == null)
       setup(this);
 
-    PermissionCollection pc = (PermissionCollection) pd2pc.get(domain);
+    PermissionCollection pc = pd2pc.get(domain);
     if (pc != null)
       return pc.implies(permission);
 
diff --git a/java/security/Principal.java b/java/security/Principal.java
index 6d9de6ccd..a3cd851cc 100644
--- a/java/security/Principal.java
+++ b/java/security/Principal.java
@@ -1,5 +1,5 @@
 /* Principal.java -- A security entity
-   Copyright (C) 1998, 2002, 2005  Free Software Foundation, Inc.
+   Copyright (C) 1998, 2002, 2005, 2014  Free Software Foundation, Inc.
 
 This file is part of GNU Classpath.
 
@@ -56,6 +56,7 @@ public interface Principal
    * @param obj the Object to test for equality
    * @return true if the specified <code>Principal</code> is equal
    */
+  @Override
   boolean equals(Object obj);
 
   /**
@@ -64,6 +65,7 @@ public interface Principal
    *
    * @return this <code>Principal</code> represented as a <code>String</code>
    */
+  @Override
   String toString();
 
   /**
@@ -73,6 +75,7 @@ public interface Principal
    *
    * @return a hash value
    */
+  @Override
   int hashCode();
 
   /**
diff --git a/java/security/PrivilegedActionException.java b/java/security/PrivilegedActionException.java
index 3f08c8130..bedd773dd 100644
--- a/java/security/PrivilegedActionException.java
+++ b/java/security/PrivilegedActionException.java
@@ -1,5 +1,5 @@
 /* PrivilegedActionException.java -- wrap an exception in a privileged action
-   Copyright (C) 1998, 2002, 2005  Free Software Foundation, Inc.
+   Copyright (C) 1998, 2002, 2005, 2014  Free Software Foundation, Inc.
 
 This file is part of GNU Classpath.
 
@@ -92,18 +92,10 @@ public class PrivilegedActionException extends Exception
    * @return the cause
    * @since 1.4
    */
+  @Override
   public Throwable getCause()
   {
     return exception;
   }
 
-  /**
-   * Convert this to a String.
-   *
-   * @return the string representation
-   */
-  public String toString()
-  {
-    return super.toString();
-  }
 }
diff --git a/java/security/ProtectionDomain.java b/java/security/ProtectionDomain.java
index 7be5875dc..cbf66f356 100644
--- a/java/security/ProtectionDomain.java
+++ b/java/security/ProtectionDomain.java
@@ -1,5 +1,5 @@
 /* ProtectionDomain.java -- A security domain
-   Copyright (C) 1998, 2003, 2004  Free Software Foundation, Inc.
+   Copyright (C) 1998, 2003, 2004, 2015  Free Software Foundation, Inc.
 
 This file is part of GNU Classpath.
 
@@ -144,7 +144,7 @@ public class ProtectionDomain
 
     this.classloader = classloader;
     this.principals =
-        (principals != null ? (Principal[]) principals.clone() : new Principal[0]);
+        (principals != null ? principals.clone() : new Principal[0]);
     this.staticBinding = staticBinding;
   }
 
@@ -178,7 +178,7 @@ public class ProtectionDomain
    */
   public final Principal[] getPrincipals()
   {
-    return (Principal[]) principals.clone();
+    return principals.clone();
   }
 
   /**
@@ -217,6 +217,7 @@ public class ProtectionDomain
    *
    * @return A string representation of this object.
    */
+  @Override
   public String toString()
   {
     String linesep = SystemProperties.getProperty("line.separator");
diff --git a/java/security/Provider.java b/java/security/Provider.java
index b1d6d9ce2..c6e0deace 100644
--- a/java/security/Provider.java
+++ b/java/security/Provider.java
@@ -1,5 +1,6 @@
 /* Provider.java -- Security provider information
-   Copyright (C) 1998, 1999, 2000, 2002, 2006 Free Software Foundation, Inc.
+   Copyright (C) 1998, 1999, 2000, 2002, 2006, 2014, 2015
+   Free Software Foundation, Inc.
 
 This file is part of GNU Classpath.
 
@@ -37,7 +38,6 @@ exception statement from your version. */
 
 package java.security;
 
-import java.io.Serializable;
 import java.util.Properties;
 
 /**
@@ -53,7 +53,6 @@ import java.util.Properties;
  */
 public abstract class Provider
     extends Properties
-    implements Serializable
 {
   private static final long serialVersionUID = -4298000515446427739L;
 
@@ -138,6 +137,8 @@ public abstract class Provider
    * @see java.lang.Object#equals(Object)
    * @see java.util.Hashtable#get(Object)
    */
+  @Override
+  @SuppressWarnings("sync-override") // Calls super-class
   public Object put(Object key, Object value)
   {
     SecurityManager sm = System.getSecurityManager();
@@ -147,6 +148,8 @@ public abstract class Provider
   }
 
   // overrides same in java.util.Hashtable
+  @Override
+  @SuppressWarnings("sync-override") // Calls super-class
   public Object get(Object key)
   {
     return super.get(toCanonicalKey(key));
@@ -167,6 +170,8 @@ public abstract class Provider
    * @return The previous value for this key, or <code>null</code> if no
    * previous value.
    */
+  @Override
+  @SuppressWarnings("sync-override") // Calls super-class
   public Object remove(Object key)
   {
     SecurityManager sm = System.getSecurityManager();
@@ -188,6 +193,8 @@ public abstract class Provider
    * {@link SecurityManager#checkPermission(Permission)} for a
    * <code>SecurityPermission("clearProviderProperties." + name)</code>.
    */
+  @Override
+  @SuppressWarnings("sync-override") // Calls super-class
   public void clear()
   {
     SecurityManager sm = System.getSecurityManager();
@@ -203,13 +210,15 @@ public abstract class Provider
    *
    * @return A <code>String</code> representation of this object.
    */
+  @Override
+  @SuppressWarnings("sync-override") // Doesn't access collection
   public String toString()
   {
     return (getClass().getName() + ": name=" + getName() + " version=" +
             version);
   }
 
-  private Object toCanonicalKey(Object key)
+  private static Object toCanonicalKey(Object key)
   {
     if (key.getClass().isAssignableFrom(String.class)) // is it ours?
       return ((String) key).toUpperCase(); // use default locale
diff --git a/java/security/SecureClassLoader.java b/java/security/SecureClassLoader.java
index 1480b7116..c52f99472 100644
--- a/java/security/SecureClassLoader.java
+++ b/java/security/SecureClassLoader.java
@@ -1,5 +1,5 @@
 /* SecureClassLoader.java --- A Secure Class Loader
-   Copyright (C) 1999, 2004, 2006  Free Software Foundation, Inc.
+   Copyright (C) 1999, 2004, 2006, 2015  Free Software Foundation, Inc.
 
 This file is part of GNU Classpath.
 
@@ -140,9 +140,9 @@ public class SecureClassLoader extends ClassLoader
    * argument to build a proper ProtectionDomain for the class
    * being defined.
    */
+  @SuppressWarnings("static-method")
   protected PermissionCollection getPermissions(CodeSource cs)
   {
-    Policy policy = Policy.getCurrentPolicy();
-    return policy.getPermissions(cs);
+    return Policy.getCurrentPolicy().getPermissions(cs);
   }
 }
diff --git a/java/security/SecureRandom.java b/java/security/SecureRandom.java
index 649966fee..d17a886d2 100644
--- a/java/security/SecureRandom.java
+++ b/java/security/SecureRandom.java
@@ -1,5 +1,5 @@
 /* SecureRandom.java --- Secure Random class implementation
-   Copyright (C) 1999, 2001, 2002, 2003, 2005, 2006, 2014
+   Copyright (C) 1999, 2001, 2002, 2003, 2005, 2006, 2014, 2015
    Free Software Foundation, Inc.
 
 This file is part of GNU Classpath.
@@ -310,7 +310,7 @@ public class SecureRandom extends Random
 
      @param seed seed bytes to seed with
    */
-  public void setSeed(byte[] seed)
+  public synchronized void setSeed(byte[] seed)
   {
     secureRandomSpi.engineSetSeed(seed);
     isSeeded = true;
@@ -322,7 +322,8 @@ public class SecureRandom extends Random
 
      @param seed 8 seed bytes to seed with
    */
-  public void setSeed(long seed)
+  @Override
+  public synchronized void setSeed(long seed)
   {
     // This particular setSeed will be called by Random.Random(), via
     // our own constructor, before secureRandomSpi is initialized.  In
@@ -351,7 +352,8 @@ public class SecureRandom extends Random
 
      @param bytes array to store generated bytes in
    */
-  public void nextBytes(byte[] bytes)
+  @Override
+  public synchronized void nextBytes(byte[] bytes)
   {
     if (!isSeeded)
       setSeed(getSeed(32));
@@ -369,6 +371,8 @@ public class SecureRandom extends Random
 
      @return the random bits
    */
+  @Override
+  @SuppressWarnings("sync-override") // nextBytes(byte[]) is synchronized
   protected final int next(int numBits)
   {
     if (numBits == 0)
@@ -404,7 +408,7 @@ public class SecureRandom extends Random
 
      @return an array containing the seed bytes
    */
-  public byte[] generateSeed(int numBytes)
+  public synchronized byte[] generateSeed(int numBytes)
   {
     return secureRandomSpi.engineGenerateSeed(numBytes);
   }
diff --git a/java/security/Security.java b/java/security/Security.java
index 6b20a7cb6..66f3ab255 100644
--- a/java/security/Security.java
+++ b/java/security/Security.java
@@ -183,6 +183,7 @@ public final class Security
    *             {@link AlgorithmParameters} and {@link KeyFactory} engine
    *             classes instead.
    */
+  @Deprecated
   public static String getAlgorithmProperty(String algName, String propName)
   {
     if (algName == null || propName == null)
@@ -322,12 +323,10 @@ public final class Security
   {
     if (name == null)
       return null;
-    else
-      {
-        name = name.trim();
-        if (name.length() == 0)
-          return null;
-      }
+    name = name.trim();
+    if (name.length() == 0)
+      return null;
+
     Provider p;
     int max = providers.size ();
     for (int i = 0; i < max; i++)
@@ -414,10 +413,10 @@ public final class Security
       return result;
 
     serviceName = serviceName.toUpperCase()+".";
-    Provider[] providers = getProviders();
+    Provider[] provs = getProviders();
     int ndx;
-    for (int i = 0; i < providers.length; i++)
-      for (String s : providers[i].stringPropertyNames())
+    for (int i = 0; i < provs.length; i++)
+      for (String s : provs[i].stringPropertyNames())
         {
           String service = s.trim();
           if (service.toUpperCase().startsWith(serviceName))
@@ -634,7 +633,7 @@ public final class Security
   private static boolean provides(Provider p, String svc, String algo,
                                   String attr, String val)
   {
-    String serviceDotAlgorithm = null;
+    String serviceDotAlgorithm = "";
     String realVal;
     boolean found = false;
     // if <svc>.<algo> <attr> is in the set then so is <svc>.<algo>
diff --git a/java/security/SecurityPermission.java b/java/security/SecurityPermission.java
index 6aba18f34..cdfd0be66 100644
--- a/java/security/SecurityPermission.java
+++ b/java/security/SecurityPermission.java
@@ -1,5 +1,5 @@
 /* SecurityPermission.java -- Class for named security permissions
-   Copyright (C) 1998, 2002 Free Software Foundation, Inc.
+   Copyright (C) 1998, 2002, 2014 Free Software Foundation, Inc.
 
 This file is part of GNU Classpath.
 
@@ -171,6 +171,7 @@ public final class SecurityPermission extends BasicPermission
    * @param name the name to assign to this permission
    * @param actions ignored
    */
+  @SuppressWarnings("unused")
   public SecurityPermission(String name, String actions)
   {
     super(name);
diff --git a/java/security/Signature.java b/java/security/Signature.java
index d7186395f..29ce53512 100644
--- a/java/security/Signature.java
+++ b/java/security/Signature.java
@@ -1,5 +1,5 @@
 /* Signature.java --- Signature Class
-   Copyright (C) 1999, 2002, 2003, 2004  Free Software Foundation, Inc.
+   Copyright (C) 1999, 2002, 2003, 2004, 2014  Free Software Foundation, Inc.
 
 This file is part of GNU Classpath.
 
@@ -332,8 +332,7 @@ public abstract class Signature extends SignatureSpi
   {
     if (state == SIGN)
       return engineSign();
-    else
-      throw new SignatureException();
+    throw new SignatureException();
   }
 
   /**
@@ -365,8 +364,7 @@ public abstract class Signature extends SignatureSpi
   {
     if (state == SIGN)
       return engineSign(outbuf, offset, len);
-    else
-      throw new SignatureException();
+    throw new SignatureException();
   }
 
   /**
@@ -383,8 +381,7 @@ public abstract class Signature extends SignatureSpi
   {
     if (state == VERIFY)
       return engineVerify(signature);
-    else
-      throw new SignatureException();
+    throw new SignatureException();
   }
 
   /**
@@ -510,6 +507,7 @@ public abstract class Signature extends SignatureSpi
    *
    * @return a rstring representation of this instance.
    */
+  @Override
   public String toString()
   {
     return (algorithm + " Signature");
@@ -527,6 +525,7 @@ public abstract class Signature extends SignatureSpi
    *           can not be changed, a security exception occured, etc.
    * @deprecated use the other setParameter
    */
+  @Deprecated
   public final void setParameter(String param, Object value)
     throws InvalidParameterException
   {
@@ -573,6 +572,7 @@ public abstract class Signature extends SignatureSpi
    *           if the parameter is invalid.
    * @deprecated use the other getParameter
    */
+  @Deprecated
   public final Object getParameter(String param)
     throws InvalidParameterException
   {
@@ -586,6 +586,7 @@ public abstract class Signature extends SignatureSpi
    * @throws CloneNotSupportedException
    *           if the implementation does not support cloning.
    */
+  @Override
   public Object clone() throws CloneNotSupportedException
   {
     return super.clone();
diff --git a/java/security/SignatureSpi.java b/java/security/SignatureSpi.java
index 11ce551a0..491a183ed 100644
--- a/java/security/SignatureSpi.java
+++ b/java/security/SignatureSpi.java
@@ -250,6 +250,7 @@ public abstract class SignatureSpi
    *           cannot be changed, a security exception occured, etc.
    * @deprecated use the other setParameter.
    */
+  @Deprecated
   protected abstract void engineSetParameter(String param, Object value)
     throws InvalidParameterException;
 
@@ -266,6 +267,7 @@ public abstract class SignatureSpi
    *           if the parameter is invalid, the parameter is already set and
    *           cannot be changed, a security exception occured, etc.
    */
+  @SuppressWarnings({"unused","static-method"})
   protected void engineSetParameter(AlgorithmParameterSpec params)
     throws InvalidAlgorithmParameterException
   {
@@ -284,6 +286,7 @@ public abstract class SignatureSpi
    * @throws UnsupportedOperationException
    *           always.
    */
+  @SuppressWarnings("static-method")
   protected AlgorithmParameters engineGetParameters()
   {
     throw new UnsupportedOperationException();
@@ -299,6 +302,7 @@ public abstract class SignatureSpi
    *           if the parameter is invalid.
    * @deprecated use the other getParameter
    */
+  @Deprecated
   protected abstract Object engineGetParameter(String param)
     throws InvalidParameterException;
 
diff --git a/java/security/SignedObject.java b/java/security/SignedObject.java
index 79f551cce..2f09cb05b 100644
--- a/java/security/SignedObject.java
+++ b/java/security/SignedObject.java
@@ -1,5 +1,5 @@
 /* SignedObject.java --- Signed Object Class
-   Copyright (C) 1999, 2003, Free Software Foundation, Inc.
+   Copyright (C) 1999, 2003, 2014 Free Software Foundation, Inc.
 
 This file is part of GNU Classpath.
 
@@ -155,7 +155,7 @@ public final class SignedObject implements Serializable
    */
   public byte[] getSignature()
   {
-    return (byte[]) signature.clone();
+    return signature.clone();
 
   }
 
@@ -197,7 +197,7 @@ public final class SignedObject implements Serializable
     throws IOException, ClassNotFoundException
   {
     s.defaultReadObject();
-    content = (byte[]) content.clone();
-    signature = (byte[]) signature.clone();
+    content = content.clone();
+    signature = signature.clone();
   }
 }
diff --git a/java/security/Signer.java b/java/security/Signer.java
index 18259c863..faf73f771 100644
--- a/java/security/Signer.java
+++ b/java/security/Signer.java
@@ -1,5 +1,5 @@
 /* Signer.java --- Signer Class
-   Copyright (C) 1999, 2003, Free Software Foundation, Inc.
+   Copyright (C) 1999, 2003, 2014 Free Software Foundation, Inc.
 
 This file is part of GNU Classpath.
 
@@ -45,6 +45,7 @@ package java.security;
  * @deprecated Replaced by <code>java.security.KeyStore</code>, the
  * <code>java.security.cert</code> package, and <code>java.security.Principal</code>.
  */
+@Deprecated
 public abstract class Signer extends Identity
 {
   private static final long serialVersionUID = -1763464102261361480L;
@@ -141,6 +142,7 @@ public abstract class Signer extends Identity
   }
 
   /** @returns a string representing this <code>Signer</code>. */
+  @Override
   public String toString()
   {
     return (getName() + ": " + privateKey);
diff --git a/java/security/UnresolvedPermission.java b/java/security/UnresolvedPermission.java
index d7af92211..73ffc0b58 100644
--- a/java/security/UnresolvedPermission.java
+++ b/java/security/UnresolvedPermission.java
@@ -246,7 +246,7 @@ public final class UnresolvedPermission extends Permission
   {
     if (certs == null)
       return null;
-    return (Certificate[]) certs.clone();
+    return certs.clone();
   }
 } // class UnresolvedPermission
 
@@ -322,6 +322,7 @@ class UnresolvedPermissionCollection extends PermissionCollection
       Enumeration<Vector<Permission>> mainEnum = permissions.elements();
       Enumeration<Permission> subEnum;
 
+      @Override
       public boolean hasMoreElements()
       {
         if (subEnum == null)
@@ -344,6 +345,7 @@ class UnresolvedPermissionCollection extends PermissionCollection
         return true;
       }
 
+      @Override
       public Permission nextElement()
       {
         if (! hasMoreElements())
diff --git a/java/security/acl/Acl.java b/java/security/acl/Acl.java
index 10a59fdf5..dd1b60193 100644
--- a/java/security/acl/Acl.java
+++ b/java/security/acl/Acl.java
@@ -1,5 +1,5 @@
 /* Acl.java -- An access control list
-   Copyright (C) 1998 Free Software Foundation, Inc.
+   Copyright (C) 1998, 2014 Free Software Foundation, Inc.
 
 This file is part of GNU Classpath.
 
@@ -149,5 +149,6 @@ public interface Acl extends Owner
    *
    * @return A <code>String</code> representation of this ACL
    */
+  @Override
   String toString();
 }
diff --git a/java/security/acl/AclEntry.java b/java/security/acl/AclEntry.java
index 47154b285..a0982da92 100644
--- a/java/security/acl/AclEntry.java
+++ b/java/security/acl/AclEntry.java
@@ -1,5 +1,5 @@
 /* AclEntry.java -- An entry in an ACL list.
-   Copyright (C) 1998 Free Software Foundation, Inc.
+   Copyright (C) 1998, 2014 Free Software Foundation, Inc.
 
 This file is part of GNU Classpath.
 
@@ -72,7 +72,8 @@ public interface AclEntry extends Cloneable
    *
    * @param user The <code>Principal</code> for this ACL entry
    *
-   * @return <code>true</code> if the <code>Principal</code> was successfully set or <code>false</code> if this entry already has a <code>Principal</code>.
+   * @return <code>true</code> if the <code>Principal</code> was successfully
+   *         set or <code>false</code> if this entry already has a <code>Principal</code>.
    */
   boolean setPrincipal(Principal user);
 
@@ -96,7 +97,8 @@ public interface AclEntry extends Cloneable
    *
    * @param permission The <code>Permission</code> to add
    *
-   * @return <code>true</code> if the permission was added or <code>false</code> if it was already set for this entry
+   * @return <code>true</code> if the permission was added or
+   *         <code>false</code> if it was already set for this entry
    */
   boolean addPermission(Permission permission);
 
@@ -105,7 +107,9 @@ public interface AclEntry extends Cloneable
    *
    * @param perm The <code>Permission</code> to delete from this ACL entry.
    *
-   * @return <code>true</code> if the permission was successfully deleted or <code>false</code> if the permission was not part of this ACL to begin with
+   * @return <code>true</code> if the permission was successfully deleted
+   *         or <code>false</code> if the permission was not part of this
+   *         ACL to begin with
    */
   boolean removePermission(Permission perm);
 
@@ -115,7 +119,8 @@ public interface AclEntry extends Cloneable
    *
    * @param permission The <code>Permission</code> to test
    *
-   * @return <code>true</code> if this permission is associated with this entry or <code>false</code> otherwise
+   * @return <code>true</code> if this permission is associated
+   *         with this entry or <code>false</code> otherwise
    */
   boolean checkPermission(Permission permission);
 
@@ -132,6 +137,7 @@ public interface AclEntry extends Cloneable
    *
    * @return A <code>String</code> representation of this object
    */
+  @Override
   String toString();
 
   /**
diff --git a/java/security/acl/Permission.java b/java/security/acl/Permission.java
index e5ba29138..663be09bd 100644
--- a/java/security/acl/Permission.java
+++ b/java/security/acl/Permission.java
@@ -1,5 +1,5 @@
 /* Permission.java -- Information about an ACL permission
-   Copyright (C) 1998 Free Software Foundation, Inc.
+   Copyright (C) 1998, 2014 Free Software Foundation, Inc.
 
 This file is part of GNU Classpath.
 
@@ -56,6 +56,7 @@ public interface Permission
    *
    * @return <code>true</code> if the specified permission is the same as this one, <code>false</code> otherwise
    */
+  @Override
   boolean equals (Object perm);
 
   /**
@@ -63,5 +64,6 @@ public interface Permission
    *
    * @return A <code>String</code> representing this permission.
    */
+  @Override
   String toString();
 }
diff --git a/java/security/cert/CRL.java b/java/security/cert/CRL.java
index 1eaa70fa9..618aa4566 100644
--- a/java/security/cert/CRL.java
+++ b/java/security/cert/CRL.java
@@ -1,5 +1,5 @@
 /* CRL.java --- Certificate Revocation List
-   Copyright (C) 1999 Free Software Foundation, Inc.
+   Copyright (C) 1999, 2014 Free Software Foundation, Inc.
 
 This file is part of GNU Classpath.
 
@@ -81,6 +81,7 @@ public abstract class CRL
 
      @return a string representing the CRL.
   */
+  @Override
   public abstract String toString();
 
   /**
diff --git a/java/security/cert/CertPath.java b/java/security/cert/CertPath.java
index 5c9a12ab9..221c267d6 100644
--- a/java/security/cert/CertPath.java
+++ b/java/security/cert/CertPath.java
@@ -1,5 +1,5 @@
 /* CertPath.java -- a sequence of certificates
-   Copyright (C) 2002, 2005, 2014  Free Software Foundation, Inc.
+   Copyright (C) 2002, 2005, 2014, 2015  Free Software Foundation, Inc.
 
 This file is part of GNU Classpath.
 
@@ -173,6 +173,7 @@ public abstract class CertPath implements Serializable
    * @param o the object to compare to
    * @return true if the two are equal
    */
+  @Override
   public boolean equals(Object o)
   {
     if (! (o instanceof CertPath))
@@ -188,11 +189,13 @@ public abstract class CertPath implements Serializable
    *
    * @return the hashcode
    */
+  @Override
   public int hashCode()
   {
     return 31 * type.hashCode() + getCertificates().hashCode();
   }
 
+  @Override
   public String toString()
   {
     List<? extends Certificate> l = getCertificates();
diff --git a/java/security/cert/CertPathBuilderException.java b/java/security/cert/CertPathBuilderException.java
index 985151010..5906dae93 100644
--- a/java/security/cert/CertPathBuilderException.java
+++ b/java/security/cert/CertPathBuilderException.java
@@ -1,6 +1,6 @@
 /* CertPathBuilderException.java -- wraps an exception during certificate
    path building
-   Copyright (C) 2002, 2005  Free Software Foundation, Inc.
+   Copyright (C) 2002, 2005, 2015  Free Software Foundation, Inc.
 
 This file is part of GNU Classpath.
 
@@ -39,8 +39,6 @@ exception statement from your version. */
 
 package java.security.cert;
 
-import java.io.PrintStream;
-import java.io.PrintWriter;
 import java.security.GeneralSecurityException;
 
 /**
@@ -84,7 +82,7 @@ public class CertPathBuilderException extends GeneralSecurityException
    */
   public CertPathBuilderException(Throwable cause)
   {
-    this(cause == null ? null : cause.toString(), cause);
+    super(cause);
   }
 
   /**
@@ -95,65 +93,7 @@ public class CertPathBuilderException extends GeneralSecurityException
    */
   public CertPathBuilderException(String msg, Throwable cause)
   {
-    super(msg);
-    initCause(cause);
-  }
-
-  /**
-   * Get the detail message.
-   *
-   * @return the detail message
-   */
-  public String getMessage()
-  {
-    return super.getMessage();
-  }
-
-  /**
-   * Get the cause, null if unknown.
-   *
-   * @return the cause
-   */
-  public Throwable getCause()
-  {
-    return super.getCause();
+    super(msg, cause);
   }
 
-  /**
-   * Convert this to a string, including its cause.
-   *
-   * @return the string conversion
-   */
-  public String toString()
-  {
-    return super.toString();
-  }
-
-  /**
-   * Print the stack trace to <code>System.err</code>.
-   */
-  public void printStackTrace()
-  {
-    super.printStackTrace();
-  }
-
-  /**
-   * Print the stack trace to a stream.
-   *
-   * @param stream the stream
-   */
-  public void printStackTrace(PrintStream stream)
-  {
-    super.printStackTrace(stream);
-  }
-
-  /**
-   * Print the stack trace to a stream.
-   *
-   * @param stream the stream
-   */
-  public void printStackTrace(PrintWriter stream)
-  {
-    super.printStackTrace(stream);
-  }
 }
diff --git a/java/security/cert/CertPathValidatorException.java b/java/security/cert/CertPathValidatorException.java
index f3195be29..23f19b081 100644
--- a/java/security/cert/CertPathValidatorException.java
+++ b/java/security/cert/CertPathValidatorException.java
@@ -1,6 +1,6 @@
 /* CertPathValidatorException.java -- wraps an exception during validation
    of a CertPath
-   Copyright (C) 2002, 2005  Free Software Foundation, Inc.
+   Copyright (C) 2002, 2005, 2014  Free Software Foundation, Inc.
 
 This file is part of GNU Classpath.
 
@@ -39,8 +39,6 @@ exception statement from your version. */
 
 package java.security.cert;
 
-import java.io.PrintStream;
-import java.io.PrintWriter;
 import java.security.GeneralSecurityException;
 
 /**
@@ -135,8 +133,7 @@ public class CertPathValidatorException extends GeneralSecurityException
   public CertPathValidatorException(String msg, Throwable cause,
                                     CertPath certPath, int index)
   {
-    super(msg);
-    initCause(cause);
+    super(msg, cause);
     if (index < -1 || (certPath != null
                        && index >= certPath.getCertificates().size()))
       throw new IndexOutOfBoundsException();
@@ -147,16 +144,6 @@ public class CertPathValidatorException extends GeneralSecurityException
   }
 
   /**
-   * Get the detail message.
-   *
-   * @return the detail message
-   */
-  public String getMessage()
-  {
-    return super.getMessage();
-  }
-
-  /**
    * Get the certificate path that had the failure, or null.
    *
    * @return the culprit path
@@ -176,51 +163,4 @@ public class CertPathValidatorException extends GeneralSecurityException
     return index;
   }
 
-  /**
-   * Get the cause, null if unknown.
-   *
-   * @return the cause
-   */
-  public Throwable getCause()
-  {
-    return super.getCause();
-  }
-
-  /**
-   * Convert this to a string, including its cause.
-   *
-   * @return the string conversion
-   */
-  public String toString()
-  {
-    return super.toString();
-  }
-
-  /**
-   * Print the stack trace to <code>System.err</code>.
-   */
-  public void printStackTrace()
-  {
-    super.printStackTrace();
-  }
-
-  /**
-   * Print the stack trace to a stream.
-   *
-   * @param stream the stream
-   */
-  public void printStackTrace(PrintStream stream)
-  {
-    super.printStackTrace(stream);
-  }
-
-  /**
-   * Print the stack trace to a stream.
-   *
-   * @param stream the stream
-   */
-  public void printStackTrace(PrintWriter stream)
-  {
-    super.printStackTrace(stream);
-  }
 }
diff --git a/java/security/cert/CertStoreException.java b/java/security/cert/CertStoreException.java
index a4d8b7a46..c243bb42c 100644
--- a/java/security/cert/CertStoreException.java
+++ b/java/security/cert/CertStoreException.java
@@ -1,5 +1,5 @@
 /* CertStoreException.java -- wraps an exception during certificate storage
-   Copyright (C) 2002, 2005  Free Software Foundation, Inc.
+   Copyright (C) 2002, 2005, 2014, 2015  Free Software Foundation, Inc.
 
 This file is part of GNU Classpath.
 
@@ -38,8 +38,6 @@ exception statement from your version. */
 
 package java.security.cert;
 
-import java.io.PrintStream;
-import java.io.PrintWriter;
 import java.security.GeneralSecurityException;
 
 /**
@@ -84,7 +82,7 @@ public class CertStoreException extends GeneralSecurityException
    */
   public CertStoreException(Throwable cause)
   {
-    this(cause == null ? null : cause.toString(), cause);
+    super(cause);
   }
 
   /**
@@ -95,65 +93,7 @@ public class CertStoreException extends GeneralSecurityException
    */
   public CertStoreException(String msg, Throwable cause)
   {
-    super(msg);
-    initCause(cause);
-  }
-
-  /**
-   * Get the detail message.
-   *
-   * @return the detail message
-   */
-  public String getMessage()
-  {
-    return super.getMessage();
-  }
-
-  /**
-   * Get the cause, null if unknown.
-   *
-   * @return the cause
-   */
-  public Throwable getCause()
-  {
-    return super.getCause();
+    super(msg, cause);
   }
 
-  /**
-   * Convert this to a string, including its cause.
-   *
-   * @return the string conversion
-   */
-  public String toString()
-  {
-    return super.toString();
-  }
-
-  /**
-   * Print the stack trace to <code>System.err</code>.
-   */
-  public void printStackTrace()
-  {
-    super.printStackTrace();
-  }
-
-  /**
-   * Print the stack trace to a stream.
-   *
-   * @param stream the stream
-   */
-  public void printStackTrace(PrintStream stream)
-  {
-    super.printStackTrace(stream);
-  }
-
-  /**
-   * Print the stack trace to a stream.
-   *
-   * @param stream the stream
-   */
-  public void printStackTrace(PrintWriter stream)
-  {
-    super.printStackTrace(stream);
-  }
 }
diff --git a/java/security/cert/CertStoreSpi.java b/java/security/cert/CertStoreSpi.java
index a47978a22..85de3ae5b 100644
--- a/java/security/cert/CertStoreSpi.java
+++ b/java/security/cert/CertStoreSpi.java
@@ -1,5 +1,5 @@
 /* CertStoreSpi -- certificate store service provider interface.
-   Copyright (C) 2003 Free Software Foundation, Inc.
+   Copyright (C) 2003, 2014 Free Software Foundation, Inc.
 
 This file is part of GNU Classpath.
 
@@ -69,6 +69,7 @@ public abstract class CertStoreSpi
    * @throws InvalidAlgorithmParameterException If the specified
    *         parameters are inappropriate for this class.
    */
+  @SuppressWarnings("unused")
   public CertStoreSpi(CertStoreParameters params)
     throws InvalidAlgorithmParameterException
   {
diff --git a/java/security/cert/Certificate.java b/java/security/cert/Certificate.java
index be1713cbf..b9abe8e65 100644
--- a/java/security/cert/Certificate.java
+++ b/java/security/cert/Certificate.java
@@ -1,5 +1,5 @@
 /* Certificate.java --- Certificate class
-   Copyright (C) 1999, 2003, 2004 Free Software Foundation, Inc.
+   Copyright (C) 1999, 2003, 2004, 2014 Free Software Foundation, Inc.
 
 This file is part of GNU Classpath.
 
@@ -107,6 +107,7 @@ public abstract class Certificate implements Serializable
 
      @return true if equal, false otherwise
   */
+  @Override
   public boolean equals(Object other)
   {
     if( other instanceof Certificate ) {
@@ -136,6 +137,7 @@ public abstract class Certificate implements Serializable
 
      @return A hash code of this class
   */
+  @Override
   public int hashCode()
   {
     return super.hashCode();
@@ -198,6 +200,7 @@ public abstract class Certificate implements Serializable
 
      @return a string representing the Certificate.
   */
+  @Override
   public abstract String toString();
 
 
diff --git a/java/security/cert/CertificateFactorySpi.java b/java/security/cert/CertificateFactorySpi.java
index 2c9ca5d38..2b5bb529c 100644
--- a/java/security/cert/CertificateFactorySpi.java
+++ b/java/security/cert/CertificateFactorySpi.java
@@ -1,5 +1,5 @@
 /* CertificateFactorySpi.java --- Certificate Factory Class
-   Copyright (C) 1999,2003 Free Software Foundation, Inc.
+   Copyright (C) 1999, 2003, 2014 Free Software Foundation, Inc.
 
 This file is part of GNU Classpath.
 
@@ -172,6 +172,7 @@ public abstract class CertificateFactorySpi
    * @throws CertificateException If an error occurs decoding the
    * CertPath.
    */
+  @SuppressWarnings({"unused","static-method"})
   public CertPath engineGenerateCertPath(InputStream inStream)
     throws CertificateException
   {
@@ -188,6 +189,7 @@ public abstract class CertificateFactorySpi
    * @throws CertificateException If an error occurs decoding the
    *   CertPath.
    */
+  @SuppressWarnings({"unused","static-method"})
   public CertPath engineGenerateCertPath(InputStream inStream, String encoding)
     throws CertificateException
   {
@@ -204,6 +206,7 @@ public abstract class CertificateFactorySpi
    * @throws CertificateException If an error occurs generating the
    *   CertPath.
    */
+  @SuppressWarnings({"unused","static-method"})
   public CertPath engineGenerateCertPath(List<? extends Certificate> certificates)
     throws CertificateException
   {
@@ -217,6 +220,7 @@ public abstract class CertificateFactorySpi
    *
    * @return The Iterator of supported encodings.
    */
+  @SuppressWarnings("static-method")
   public Iterator<String> engineGetCertPathEncodings()
   {
     throw new UnsupportedOperationException("not implemented");
diff --git a/java/security/cert/CollectionCertStoreParameters.java b/java/security/cert/CollectionCertStoreParameters.java
index 6edaf7677..ace8eccbc 100644
--- a/java/security/cert/CollectionCertStoreParameters.java
+++ b/java/security/cert/CollectionCertStoreParameters.java
@@ -115,6 +115,7 @@ public class CollectionCertStoreParameters implements CertStoreParameters
    *
    * @return The string representation of these parameters.
    */
+  @Override
   public String toString()
   {
     return "CollectionCertStoreParameters: [ collection: "
diff --git a/java/security/cert/LDAPCertStoreParameters.java b/java/security/cert/LDAPCertStoreParameters.java
index f2dff764a..615b80853 100644
--- a/java/security/cert/LDAPCertStoreParameters.java
+++ b/java/security/cert/LDAPCertStoreParameters.java
@@ -1,5 +1,5 @@
 /* LDAPCertStoreParameters.java -- LDAP CertStore parameters.
-   Copyright (C) 2003 Free Software Foundation, Inc.
+   Copyright (C) 2003, 2015 Free Software Foundation, Inc.
 
 This file is part of GNU Classpath.
 
@@ -102,6 +102,7 @@ public class LDAPCertStoreParameters implements CertStoreParameters
   // Instance methods.
   // ------------------------------------------------------------------------
 
+  @Override
   public Object clone()
   {
     return new LDAPCertStoreParameters(serverName, port);
@@ -132,6 +133,7 @@ public class LDAPCertStoreParameters implements CertStoreParameters
    *
    * @return The string representation of these parameters.
    */
+  @Override
   public String toString()
   {
     return "LDAPCertStoreParameters: [ serverName: " + serverName
diff --git a/java/security/cert/PKIXBuilderParameters.java b/java/security/cert/PKIXBuilderParameters.java
index 3a29b5218..47f8484df 100644
--- a/java/security/cert/PKIXBuilderParameters.java
+++ b/java/security/cert/PKIXBuilderParameters.java
@@ -1,5 +1,5 @@
 /* PKIXBuilderParameters.java -- parameters for PKIX cert path builders
-   Copyright (C) 2003 Free Software Foundation, Inc.
+   Copyright (C) 2003, 2014 Free Software Foundation, Inc.
 
 This file is part of GNU Classpath.
 
@@ -140,6 +140,7 @@ public class PKIXBuilderParameters extends PKIXParameters
     this.maxPathLength = maxPathLength;
   }
 
+  @Override
   public String toString()
   {
     CPStringBuilder buf = new CPStringBuilder(super.toString());
diff --git a/java/security/cert/PKIXCertPathBuilderResult.java b/java/security/cert/PKIXCertPathBuilderResult.java
index 52984b543..779983339 100644
--- a/java/security/cert/PKIXCertPathBuilderResult.java
+++ b/java/security/cert/PKIXCertPathBuilderResult.java
@@ -1,5 +1,5 @@
 /* PKIXCertPathBuilderResult.java -- PKIX cert path bulider result
-   Copyright (C) 2003 Free Software Foundation, Inc.
+   Copyright (C) 2003, 2014 Free Software Foundation, Inc.
 
 This file is part of GNU Classpath.
 
@@ -90,11 +90,13 @@ public class PKIXCertPathBuilderResult extends PKIXCertPathValidatorResult
    *
    * @return The certificate path that was built.
    */
+  @Override
   public CertPath getCertPath()
   {
     return certPath;
   }
 
+  @Override
   public String toString()
   {
     CPStringBuilder buf = new CPStringBuilder(super.toString());
diff --git a/java/security/cert/PKIXCertPathChecker.java b/java/security/cert/PKIXCertPathChecker.java
index 0bedf401a..b33117f84 100644
--- a/java/security/cert/PKIXCertPathChecker.java
+++ b/java/security/cert/PKIXCertPathChecker.java
@@ -1,5 +1,5 @@
 /* PKIXCertPathChecker.java -- checks X.509 certificate paths.
-   Copyright (C) 2003 Free Software Foundation, Inc.
+   Copyright (C) 2003, 2015 Free Software Foundation, Inc.
 
 This file is part of GNU Classpath.
 
@@ -76,6 +76,7 @@ public abstract class PKIXCertPathChecker implements Cloneable
   // Cloneable interface.
   // ------------------------------------------------------------------------
 
+  @Override
   public Object clone()
   {
     try
diff --git a/java/security/cert/PKIXCertPathValidatorResult.java b/java/security/cert/PKIXCertPathValidatorResult.java
index 17b5c86f8..2b1f05edb 100644
--- a/java/security/cert/PKIXCertPathValidatorResult.java
+++ b/java/security/cert/PKIXCertPathValidatorResult.java
@@ -1,5 +1,5 @@
 /* PKIXCertPathValidatorResult.java -- PKIX cert path builder result
-   Copyright (C) 2003 Free Software Foundation, Inc.
+   Copyright (C) 2003, 2015 Free Software Foundation, Inc.
 
 This file is part of GNU Classpath.
 
@@ -123,6 +123,7 @@ public class PKIXCertPathValidatorResult implements CertPathValidatorResult
    *
    * @return The copy.
    */
+  @Override
   public Object clone()
   {
     return new PKIXCertPathValidatorResult(trustAnchor, policyTree,
@@ -134,6 +135,7 @@ public class PKIXCertPathValidatorResult implements CertPathValidatorResult
    *
    * @return A printable string representation of this result.
    */
+  @Override
   public String toString()
   {
     return "[ Trust Anchor=" + trustAnchor + "; Policy Tree="
diff --git a/java/security/cert/PKIXParameters.java b/java/security/cert/PKIXParameters.java
index 1778d6127..33ba297b6 100644
--- a/java/security/cert/PKIXParameters.java
+++ b/java/security/cert/PKIXParameters.java
@@ -521,6 +521,7 @@ public class PKIXParameters implements CertPathParameters
    *
    * @return The copy.
    */
+  @Override
   public Object clone()
   {
     return new PKIXParameters(this);
@@ -531,6 +532,7 @@ public class PKIXParameters implements CertPathParameters
    *
    * @return A printable representation of these parameters.
    */
+  @Override
   public String toString() {
     return "[ Trust Anchors: " + trustAnchors + "; Initial Policy OIDs="
       + (initPolicies != null ? initPolicies.toString() : "any")
diff --git a/java/security/cert/PolicyQualifierInfo.java b/java/security/cert/PolicyQualifierInfo.java
index b53faa935..07530d3b3 100644
--- a/java/security/cert/PolicyQualifierInfo.java
+++ b/java/security/cert/PolicyQualifierInfo.java
@@ -1,5 +1,5 @@
 /* PolicyQualifierInfo.java -- policy qualifier info object.
-   Copyright (C) 2003, 2004  Free Software Foundation, Inc.
+   Copyright (C) 2003, 2004, 2014  Free Software Foundation, Inc.
 
 This file is part of GNU Classpath.
 
@@ -102,7 +102,7 @@ PolicyQualifierId ::= OBJECT IDENTIFIER
   {
     if (encoded == null)
       throw new IOException("null bytes");
-    this.encoded = (byte[]) encoded.clone();
+    this.encoded = encoded.clone();
     DERReader in = new DERReader(new ByteArrayInputStream(this.encoded));
     DERValue qualInfo = in.read();
     if (!qualInfo.isConstructed())
@@ -139,7 +139,7 @@ PolicyQualifierId ::= OBJECT IDENTIFIER
    */
   public final byte[] getEncoded()
   {
-    return (byte[]) encoded.clone();
+    return encoded.clone();
   }
 
   /**
@@ -161,6 +161,7 @@ PolicyQualifierId ::= OBJECT IDENTIFIER
    *
    * @return The string representation.
    */
+  @Override
   public String toString()
   {
     return "PolicyQualifierInfo { policyQualifierId ::= " + oid
diff --git a/java/security/cert/TrustAnchor.java b/java/security/cert/TrustAnchor.java
index 2110ed518..f0537d2ef 100644
--- a/java/security/cert/TrustAnchor.java
+++ b/java/security/cert/TrustAnchor.java
@@ -1,5 +1,5 @@
 /* TrustAnchor.java -- an ultimately-trusted certificate.
-   Copyright (C) 2003, 2004  Free Software Foundation, Inc.
+   Copyright (C) 2003, 2004, 2014, 2015  Free Software Foundation, Inc.
 
 This file is part of GNU Classpath.
 
@@ -40,6 +40,7 @@ package java.security.cert;
 
 import gnu.java.security.x509.X500DistinguishedName;
 
+import java.io.IOException;
 import java.security.PublicKey;
 
 /**
@@ -87,7 +88,7 @@ public class TrustAnchor
     caName = null;
     caKey = null;
     if (nameConstraints != null)
-      this.nameConstraints = (byte[]) nameConstraints.clone();
+      this.nameConstraints = nameConstraints.clone();
     else
       this.nameConstraints = null;
   }
@@ -102,6 +103,10 @@ public class TrustAnchor
    * @params caName The CA's distinguished name.
    * @params caKey The CA's public key.
    * @params nameConstraints The encoded nameConstraints.
+   * @throws NullPointerException if the specified CA name or key is
+   *         {@code null}.
+   * @throws IllegalArgumentException if the CA name is of zero length or
+   *         incorrectly formatted, or the name constraints can't be decoded.
    */
   public TrustAnchor(String caName, PublicKey caKey, byte[] nameConstraints)
   {
@@ -110,10 +115,17 @@ public class TrustAnchor
     if (caName.length() == 0)
       throw new IllegalArgumentException();
     trustedCert = null;
-    this.caName = new X500DistinguishedName(caName);
+    try
+      {
+	this.caName = new X500DistinguishedName(caName);
+      }
+    catch (IOException ex)
+      {
+	throw new IllegalArgumentException("Couldn't parse name", ex);
+      }
     this.caKey = caKey;
     if (nameConstraints != null)
-      this.nameConstraints = (byte[]) nameConstraints.clone();
+      this.nameConstraints = nameConstraints.clone();
     else
       this.nameConstraints = null;
   }
@@ -167,7 +179,7 @@ public class TrustAnchor
   {
     if (nameConstraints == null)
       return null;
-    return (byte[]) nameConstraints.clone();
+    return nameConstraints.clone();
   }
 
   /**
@@ -175,6 +187,7 @@ public class TrustAnchor
    *
    * @return The printable representation.
    */
+  @Override
   public String toString()
   {
     if (trustedCert == null)
diff --git a/java/security/cert/X509CRL.java b/java/security/cert/X509CRL.java
index 895ba33e7..3e4a4e96b 100644
--- a/java/security/cert/X509CRL.java
+++ b/java/security/cert/X509CRL.java
@@ -1,5 +1,5 @@
 /* X509CRL.java --- X.509 Certificate Revocation List
-   Copyright (C) 1999, 2004  Free Software Foundation, Inc.
+   Copyright (C) 1999, 2004, 2014, 2015  Free Software Foundation, Inc.
 
 This file is part of GNU Classpath.
 
@@ -119,6 +119,7 @@ public abstract class X509CRL extends CRL implements X509Extension
 
      @return true if equal, false otherwise
   */
+  @Override
   public boolean equals(Object other)
   {
     if( other instanceof X509CRL ) {
@@ -148,6 +149,7 @@ public abstract class X509CRL extends CRL implements X509Extension
 
      @return A hash code of this class
   */
+  @Override
   public int hashCode()
   {
     return super.hashCode();
@@ -390,6 +392,7 @@ public abstract class X509CRL extends CRL implements X509Extension
    * @return The issuer's X.500 distinguished name.
    * @since JDK 1.4
    */
+  @SuppressWarnings("static-method")
   public X500Principal getIssuerX500Principal()
   {
     throw new UnsupportedOperationException();
diff --git a/java/security/cert/X509CRLEntry.java b/java/security/cert/X509CRLEntry.java
index ac5ef4714..d8f00187f 100644
--- a/java/security/cert/X509CRLEntry.java
+++ b/java/security/cert/X509CRLEntry.java
@@ -1,5 +1,5 @@
 /* X509CRLEntry.java --- X.509 Certificate Revocation List Entry
-   Copyright (C) 1999 Free Software Foundation, Inc.
+   Copyright (C) 1999, 2015 Free Software Foundation, Inc.
 
 This file is part of GNU Classpath.
 
@@ -89,6 +89,7 @@ public abstract class X509CRLEntry implements X509Extension
 
      @return true if equal, false otherwise
   */
+  @Override
   public boolean equals(Object other)
   {
     if( other instanceof X509CRLEntry ) {
@@ -118,6 +119,7 @@ public abstract class X509CRLEntry implements X509Extension
 
      @return A hash code of this class
   */
+  @Override
   public int hashCode()
   {
     return super.hashCode();
@@ -164,6 +166,7 @@ public abstract class X509CRLEntry implements X509Extension
 
      @return a string representing this X509CRLEntry.
   */
+  @Override
   public abstract String toString();
 
 }
diff --git a/java/security/cert/X509CRLSelector.java b/java/security/cert/X509CRLSelector.java
index 1ac5c640b..81817da1d 100644
--- a/java/security/cert/X509CRLSelector.java
+++ b/java/security/cert/X509CRLSelector.java
@@ -1,5 +1,5 @@
 /* X509CRLSelector.java -- selects X.509 CRLs by criteria.
-   Copyright (C) 2004, 2014 Free Software Foundation, Inc.
+   Copyright (C) 2004, 2014, 2015 Free Software Foundation, Inc.
 
 This file is part of GNU Classpath.
 
@@ -72,7 +72,7 @@ import javax.security.auth.x500.X500Principal;
  * @author Casey Marshall (csm@gnu.org)
  * @since 1.4
  */
-public class X509CRLSelector implements CRLSelector, Cloneable
+public class X509CRLSelector implements CRLSelector
 {
 
   // Fields.
@@ -235,8 +235,7 @@ public class X509CRLSelector implements CRLSelector, Cloneable
 	  iNames.add(principal.getName());
 	return Collections.unmodifiableList(iNames);
       }
-    else
-      return null;
+    return null;
   }
 
   /**
@@ -339,6 +338,7 @@ public class X509CRLSelector implements CRLSelector, Cloneable
    *
    * @return The string.
    */
+  @Override
   public String toString()
   {
     CPStringBuilder str = new CPStringBuilder(X509CRLSelector.class.getName());
@@ -367,6 +367,7 @@ public class X509CRLSelector implements CRLSelector, Cloneable
    * @param _crl The CRL being checked.
    * @return True if the CRL matches, false otherwise.
    */
+  @Override
   public boolean match(CRL _crl)
   {
     if (!(_crl instanceof X509CRL))
@@ -433,6 +434,7 @@ public class X509CRLSelector implements CRLSelector, Cloneable
    *
    * @return The copy.
    */
+  @Override
   public Object clone()
   {
     try
diff --git a/java/security/cert/X509CertSelector.java b/java/security/cert/X509CertSelector.java
index ef8123bf7..ccdb3344d 100644
--- a/java/security/cert/X509CertSelector.java
+++ b/java/security/cert/X509CertSelector.java
@@ -1,5 +1,5 @@
 /* X509CertSelector.java -- selects X.509 certificates by criteria.
-   Copyright (C) 2004, 2005, 2006, 2014 Free Software Foundation, Inc.
+   Copyright (C) 2004, 2005, 2006, 2014, 2015 Free Software Foundation, Inc.
 
 This file is part of GNU Classpath.
 
@@ -47,7 +47,6 @@ import gnu.java.security.x509.ext.Extension;
 import gnu.java.security.x509.ext.GeneralName;
 import gnu.java.security.x509.ext.GeneralSubtree;
 import gnu.java.security.x509.ext.NameConstraints;
-import gnu.java.security.x509.ext.GeneralName.Kind;
 
 import java.io.IOException;
 import java.math.BigInteger;
@@ -87,7 +86,7 @@ import javax.security.auth.x500.X500Principal;
  * @author Casey Marshall (csm@gnu.org)
  * @since 1.4
  */
-public class X509CertSelector implements CertSelector, Cloneable
+public class X509CertSelector implements CertSelector
 {
 
   // Constants and fields.
@@ -107,7 +106,7 @@ public class X509CertSelector implements CertSelector, Cloneable
   {
     byte[] nameBytes = null;
     GeneralName.Kind kind = GeneralName.Kind.forTag(id);
-    switch (Kind.forTag(id))
+    switch (kind)
     {
       case dNSName:
       case rfc822Name:
@@ -133,6 +132,7 @@ public class X509CertSelector implements CertSelector, Cloneable
       case ediPartyName:
       case x400Address:
       case otherName:
+      default:
         throw new IOException("cannot decode string representation of "
                               + kind);
     }
@@ -259,6 +259,7 @@ public class X509CertSelector implements CertSelector, Cloneable
     altNames.add(generalName);
   }
 
+  @Override
   public Object clone()
   {
     try
@@ -281,9 +282,8 @@ public class X509CertSelector implements CertSelector, Cloneable
   public byte[] getAuthorityKeyIdentifier()
   {
     if (authKeyId != null)
-      return (byte[]) authKeyId.clone();
-    else
-      return null;
+      return authKeyId.clone();
+    return null;
   }
 
   /**
@@ -317,8 +317,7 @@ public class X509CertSelector implements CertSelector, Cloneable
   {
     if (certValid != null)
       return (Date) certValid.clone();
-    else
-      return null;
+    return null;
   }
 
   /**
@@ -332,8 +331,7 @@ public class X509CertSelector implements CertSelector, Cloneable
   {
     if (keyPurposeSet != null)
       return Collections.unmodifiableSet(keyPurposeSet);
-    else
-      return null;
+    return null;
   }
 
   /**
@@ -346,8 +344,7 @@ public class X509CertSelector implements CertSelector, Cloneable
   {
     if (issuer != null)
       return issuer.getEncoded();
-    else
-      return null;
+    return null;
   }
 
   /**
@@ -360,8 +357,7 @@ public class X509CertSelector implements CertSelector, Cloneable
   {
     if (issuer != null)
       return issuer.getName();
-    else
-      return null;
+    return null;
   }
 
   /**
@@ -373,9 +369,8 @@ public class X509CertSelector implements CertSelector, Cloneable
   public boolean[] getKeyUsage()
   {
     if (keyUsage != null)
-      return (boolean[]) keyUsage.clone();
-    else
-      return null;
+      return keyUsage.clone();
+    return null;
   }
 
   /**
@@ -400,9 +395,8 @@ public class X509CertSelector implements CertSelector, Cloneable
   public byte[] getNameConstraints()
   {
     if (nameConstraints != null)
-      return (byte[]) nameConstraints.clone();
-    else
-      return null;
+      return nameConstraints.clone();
+    return null;
   }
 
   public Collection<List<?>> getPathToNames()
@@ -413,7 +407,7 @@ public class X509CertSelector implements CertSelector, Cloneable
         for (GeneralName name : pathToNames)
           {
             List<Object> n = new ArrayList<Object>(2);
-            n.add(name.kind().tag());
+            n.add(Integer.valueOf(name.kind().tag()));
             n.add(name.name());
             names.add(n);
           }
@@ -456,6 +450,7 @@ public class X509CertSelector implements CertSelector, Cloneable
    *
    * @return Null.
    */
+  @SuppressWarnings("static-method")
   public Date getPrivateKeyValid()
   {
     return null;
@@ -489,7 +484,7 @@ public class X509CertSelector implements CertSelector, Cloneable
         for (GeneralName name : altNames)
           {
             List<Object> n = new ArrayList<Object>(2);
-            n.add(name.kind().tag());
+            n.add(Integer.valueOf(name.kind().tag()));
             n.add(name.name());
             names.add(n);
           }
@@ -508,8 +503,7 @@ public class X509CertSelector implements CertSelector, Cloneable
   {
     if (subject != null)
       return subject.getEncoded();
-    else
-      return null;
+    return null;
   }
 
   /**
@@ -522,8 +516,7 @@ public class X509CertSelector implements CertSelector, Cloneable
   {
     if (subject != null)
       return subject.getName();
-    else
-      return null;
+    return null;
   }
 
   /**
@@ -536,9 +529,8 @@ public class X509CertSelector implements CertSelector, Cloneable
   public byte[] getSubjectKeyIdentifier()
   {
     if (subjectKeyId != null)
-      return (byte[]) subjectKeyId.clone();
-    else
-      return null;
+      return subjectKeyId.clone();
+    return null;
   }
 
   /**
@@ -571,17 +563,18 @@ public class X509CertSelector implements CertSelector, Cloneable
    * @param certificate The certificate to check.
    * @return true if the certificate matches all criteria.
    */
+  @Override
   public boolean match(Certificate certificate)
   {
     if (!(certificate instanceof X509Certificate))
       return false;
-    X509Certificate cert = (X509Certificate) certificate;
-    if (this.cert != null)
+    X509Certificate other = (X509Certificate) certificate;
+    if (cert != null)
       {
         try
           {
-            byte[] e1 = this.cert.getEncoded();
-            byte[] e2 = cert.getEncoded();
+            byte[] e1 = cert.getEncoded();
+            byte[] e2 = other.getEncoded();
             if (!Arrays.equals(e1, e2))
               return false;
           }
@@ -592,14 +585,14 @@ public class X509CertSelector implements CertSelector, Cloneable
       }
     if (serialNo != null)
       {
-        if (!serialNo.equals(cert.getSerialNumber()))
+        if (!serialNo.equals(other.getSerialNumber()))
           return false;
       }
     if (certValid != null)
       {
         try
           {
-            cert.checkValidity(certValid);
+            other.checkValidity(certValid);
           }
         catch (CertificateException ce)
           {
@@ -608,40 +601,40 @@ public class X509CertSelector implements CertSelector, Cloneable
       }
     if (issuer != null)
       {
-        if (!issuer.equals(cert.getIssuerX500Principal()))
+        if (!issuer.equals(other.getIssuerX500Principal()))
           return false;
       }
     if (subject != null)
       {
-        if (!subject.equals(cert.getSubjectX500Principal()))
+        if (!subject.equals(other.getSubjectX500Principal()))
           return false;
       }
     if (sigId != null)
       {
-        if (!sigId.toString().equals(cert.getSigAlgOID()))
+        if (!sigId.toString().equals(other.getSigAlgOID()))
           return false;
       }
     if (subjectKeyId != null)
       {
-        byte[] b = cert.getExtensionValue(SUBJECT_KEY_ID);
+        byte[] b = other.getExtensionValue(SUBJECT_KEY_ID);
         if (!Arrays.equals(b, subjectKeyId))
           return false;
       }
     if (authKeyId != null)
       {
-        byte[] b = cert.getExtensionValue(AUTH_KEY_ID);
+        byte[] b = other.getExtensionValue(AUTH_KEY_ID);
         if (!Arrays.equals(b, authKeyId))
           return false;
       }
     if (keyUsage != null)
       {
-        boolean[] b = cert.getKeyUsage();
+        boolean[] b = other.getKeyUsage();
         if (!Arrays.equals(b, keyUsage))
           return false;
       }
     if (basicConstraints >= 0)
       {
-        if (cert.getBasicConstraints() != basicConstraints)
+        if (other.getBasicConstraints() != basicConstraints)
           return false;
       }
     if (keyPurposeSet != null)
@@ -649,7 +642,7 @@ public class X509CertSelector implements CertSelector, Cloneable
         List<String> kp = null;
         try
           {
-            kp = cert.getExtendedKeyUsage();
+            kp = other.getExtendedKeyUsage();
           }
         catch (CertificateParsingException cpe)
           {
@@ -668,7 +661,7 @@ public class X509CertSelector implements CertSelector, Cloneable
         Collection<List<?>> an = null;
         try
           {
-            an = cert.getSubjectAlternativeNames();
+            an = other.getSubjectAlternativeNames();
           }
         catch (CertificateParsingException cpe)
           {
@@ -709,7 +702,7 @@ public class X509CertSelector implements CertSelector, Cloneable
       }
     if (nameConstraints != null)
       {
-        byte[] nc = cert.getExtensionValue(NAME_CONSTRAINTS_ID);
+        byte[] nc = other.getExtensionValue(NAME_CONSTRAINTS_ID);
         if (!Arrays.equals(nameConstraints, nc))
           return false;
       }
@@ -717,15 +710,15 @@ public class X509CertSelector implements CertSelector, Cloneable
     if (policy != null)
       {
         CertificatePolicies policies = null;
-        if (cert instanceof GnuPKIExtension)
+        if (other instanceof GnuPKIExtension)
           {
             policies = (CertificatePolicies)
-              ((GnuPKIExtension) cert).getExtension(CertificatePolicies.ID).getValue();
+              ((GnuPKIExtension) other).getExtension(CertificatePolicies.ID).getValue();
           }
         else
           {
             byte[] policiesDer =
-              cert.getExtensionValue(CertificatePolicies.ID.toString());
+              other.getExtensionValue(CertificatePolicies.ID.toString());
             try
               {
                 policies = new CertificatePolicies(policiesDer);
@@ -745,16 +738,16 @@ public class X509CertSelector implements CertSelector, Cloneable
     if (pathToNames != null)
       {
         NameConstraints nc = null;
-        if (cert instanceof GnuPKIExtension)
+        if (other instanceof GnuPKIExtension)
           {
             Extension e =
-              ((GnuPKIExtension) cert).getExtension(NameConstraints.ID);
+              ((GnuPKIExtension) other).getExtension(NameConstraints.ID);
             if (e != null)
               nc = (NameConstraints) e.getValue();
           }
         else
           {
-            byte[] b = cert.getExtensionValue(NameConstraints.ID.toString());
+            byte[] b = other.getExtensionValue(NameConstraints.ID.toString());
             if (b != null)
               {
                 try
@@ -957,6 +950,7 @@ public class X509CertSelector implements CertSelector, Cloneable
    * @throws IOException If the argument is not a valid DER-encoded
    *         name constraints.
    */
+  @SuppressWarnings("unused")
   public void setNameConstraints(byte[] nameConstraints)
     throws IOException
   {
@@ -965,7 +959,7 @@ public class X509CertSelector implements CertSelector, Cloneable
 
     // But we just compare raw byte arrays.
     this.nameConstraints = nameConstraints != null
-      ? (byte[]) nameConstraints.clone() : null;
+      ? nameConstraints.clone() : null;
   }
 
   /**
@@ -1056,6 +1050,7 @@ public class X509CertSelector implements CertSelector, Cloneable
    *
    * @param UNUSED Is silently ignored.
    */
+  @SuppressWarnings("unused")
   public void setPrivateKeyValid(Date UNUSED)
   {
   }
@@ -1216,8 +1211,7 @@ public class X509CertSelector implements CertSelector, Cloneable
     try
       {
         KeyFactory enc = KeyFactory.getInstance("X.509");
-        subjectKeySpec = (X509EncodedKeySpec)
-          enc.getKeySpec(key, X509EncodedKeySpec.class);
+        subjectKeySpec = enc.getKeySpec(key, X509EncodedKeySpec.class);
       }
     catch (Exception x)
       {
@@ -1256,6 +1250,7 @@ public class X509CertSelector implements CertSelector, Cloneable
       this.sigId = null;
   }
 
+  @Override
   public String toString()
   {
     CPStringBuilder str = new CPStringBuilder(X509CertSelector.class.getName());
diff --git a/java/security/cert/X509Certificate.java b/java/security/cert/X509Certificate.java
index ab9e1be37..62a1e01eb 100644
--- a/java/security/cert/X509Certificate.java
+++ b/java/security/cert/X509Certificate.java
@@ -1,5 +1,5 @@
 /* X509Certificate.java --- X.509 Certificate class
-   Copyright (C) 1999,2003, 2006 Free Software Foundation, Inc.
+   Copyright (C) 1999, 2003, 2006, 2015 Free Software Foundation, Inc.
 
 This file is part of GNU Classpath.
 
@@ -488,6 +488,7 @@ public abstract class X509Certificate
    * @throws CertificateParsingException If this extension cannot be
    * parsed from its encoded form.
    */
+  @SuppressWarnings({"unused","static-method"})
   public java.util.List<String> getExtendedKeyUsage()
     throws CertificateParsingException
   {
@@ -532,6 +533,7 @@ public abstract class X509Certificate
    * be parsed.
    * @since JDK 1.4
    */
+  @SuppressWarnings({"unused","static-method"})
   public java.util.Collection<List<?>> getSubjectAlternativeNames()
     throws CertificateParsingException
   {
@@ -559,6 +561,7 @@ public abstract class X509Certificate
    * be parsed.
    * @since JDK 1.4
    */
+  @SuppressWarnings({"unused","static-method"})
   public java.util.Collection<List<?>> getIssuerAlternativeNames()
     throws CertificateParsingException
   {
@@ -571,6 +574,7 @@ public abstract class X509Certificate
    * @return The subject's X.500 distinguished name.
    * @since JDK 1.4
    */
+  @SuppressWarnings("static-method")
   public javax.security.auth.x500.X500Principal getSubjectX500Principal()
   {
     throw new UnsupportedOperationException();
@@ -582,6 +586,7 @@ public abstract class X509Certificate
    * @return The issuer's X.500 distinguished name.
    * @since JDK 1.4
    */
+  @SuppressWarnings("static-method")
   public javax.security.auth.x500.X500Principal getIssuerX500Principal()
   {
     throw new UnsupportedOperationException();
diff --git a/java/security/spec/DSAParameterSpec.java b/java/security/spec/DSAParameterSpec.java
index f7f673110..a374910c1 100644
--- a/java/security/spec/DSAParameterSpec.java
+++ b/java/security/spec/DSAParameterSpec.java
@@ -1,5 +1,5 @@
 /* DSAParameterSpec.java --- DSA Parameter Specificaton class
-   Copyright (C) 1999, 2004 Free Software Foundation, Inc.
+   Copyright (C) 1999, 2004, 2015 Free Software Foundation, Inc.
 
 This file is part of GNU Classpath.
 
@@ -74,6 +74,7 @@ public class DSAParameterSpec implements AlgorithmParameterSpec, DSAParams
    *
    * @return Returns the requested BigInteger
    */
+  @Override
   public BigInteger getP()
   {
     return this.p;
@@ -84,6 +85,7 @@ public class DSAParameterSpec implements AlgorithmParameterSpec, DSAParams
    *
    * @return Returns the requested BigInteger
    */
+  @Override
   public BigInteger getQ()
   {
     return this.q;
@@ -94,6 +96,7 @@ public class DSAParameterSpec implements AlgorithmParameterSpec, DSAParams
    *
    * @return Returns the requested BigInteger
    */
+  @Override
   public BigInteger getG()
   {
     return this.g;
diff --git a/java/security/spec/PKCS8EncodedKeySpec.java b/java/security/spec/PKCS8EncodedKeySpec.java
index 53b68de47..c064621f6 100644
--- a/java/security/spec/PKCS8EncodedKeySpec.java
+++ b/java/security/spec/PKCS8EncodedKeySpec.java
@@ -1,5 +1,5 @@
 /* PKCS8EncodedKeySpec.java --- PKCS8 Encoded Key Specificaton class
-   Copyright (C) 1999, 2001 Free Software Foundation, Inc.
+   Copyright (C) 1999, 2001, 2015 Free Software Foundation, Inc.
 
 This file is part of GNU Classpath.
 
@@ -63,6 +63,7 @@ public class PKCS8EncodedKeySpec extends EncodedKeySpec
 
         @returns the encoded key
 */
+  @Override
   public byte[] getEncoded()
   {
     return super.getEncoded();
@@ -73,6 +74,7 @@ public class PKCS8EncodedKeySpec extends EncodedKeySpec
 
         @return a string representing the name
 */
+  @Override
   public final String getFormat()
   {
     return "PKCS#8";
diff --git a/java/security/spec/RSAMultiPrimePrivateCrtKeySpec.java b/java/security/spec/RSAMultiPrimePrivateCrtKeySpec.java
index 09b8438df..199c4036b 100644
--- a/java/security/spec/RSAMultiPrimePrivateCrtKeySpec.java
+++ b/java/security/spec/RSAMultiPrimePrivateCrtKeySpec.java
@@ -1,5 +1,5 @@
-/* PSSParameterSpec.java --
-   Copyright (C) 2003, Free Software Foundation, Inc.
+/* RSAMultiPrimePrivateCrtKeySpec.java --
+   Copyright (C) 2003, 2015 Free Software Foundation, Inc.
 
 This file is part of GNU Classpath.
 
@@ -129,10 +129,11 @@ public class RSAMultiPrimePrivateCrtKeySpec extends RSAPrivateKeySpec
     if (crtCoefficient == null)
       throw new NullPointerException("crtCoefficient");
     if (otherPrimeInfo != null)
-      if (otherPrimeInfo.length == 0)
-        throw new IllegalArgumentException();
-      else
-        this.otherPrimeInfo = (RSAOtherPrimeInfo[]) otherPrimeInfo.clone();
+      {
+	if (otherPrimeInfo.length == 0)
+	  throw new IllegalArgumentException();
+	this.otherPrimeInfo = otherPrimeInfo.clone();
+      }
 
     this.publicExponent = publicExponent;
     this.primeP = primeP;
diff --git a/java/security/spec/X509EncodedKeySpec.java b/java/security/spec/X509EncodedKeySpec.java
index 8b50aaae1..3bc33d089 100644
--- a/java/security/spec/X509EncodedKeySpec.java
+++ b/java/security/spec/X509EncodedKeySpec.java
@@ -1,5 +1,5 @@
 /* X509EncodedKeySpec.java --- X.509 Encoded Key Specificaton class
-   Copyright (C) 1999, 2001 Free Software Foundation, Inc.
+   Copyright (C) 1999, 2001, 2015 Free Software Foundation, Inc.
 
 This file is part of GNU Classpath.
 
@@ -64,6 +64,7 @@ public class X509EncodedKeySpec extends EncodedKeySpec
 
      @returns the encoded key
   */
+  @Override
   public byte[] getEncoded()
   {
     return super.getEncoded();
@@ -74,6 +75,7 @@ public class X509EncodedKeySpec extends EncodedKeySpec
 
      @return a string representing the name
   */
+  @Override
   public final String getFormat()
   {
     return "X.509";
diff --git a/javax/security/auth/Policy.java b/javax/security/auth/Policy.java
index 4da9a84df..90185be0e 100644
--- a/javax/security/auth/Policy.java
+++ b/javax/security/auth/Policy.java
@@ -1,5 +1,5 @@
 /* Policy.java -- deprecated precursor to java.security.Policy.
-   Copyright (C) 2004 Free Software Foundation, Inc.
+   Copyright (C) 2004, 2015 Free Software Foundation, Inc.
 
 This file is part of GNU Classpath.
 
@@ -45,6 +45,7 @@ import java.security.PermissionCollection;
  * @deprecated The classes java.security.Policy and
  * java.security.ProtectionDomain provide the functionality of this class.
  */
+@Deprecated
 public abstract class Policy
 {
 
diff --git a/javax/security/auth/PrivateCredentialPermission.java b/javax/security/auth/PrivateCredentialPermission.java
index 7c5f02090..1bb3c3987 100644
--- a/javax/security/auth/PrivateCredentialPermission.java
+++ b/javax/security/auth/PrivateCredentialPermission.java
@@ -1,5 +1,5 @@
 /* PrivateCredentialPermission.java -- permissions governing private credentials.
-   Copyright (C) 2004, 2014 Free Software Foundation, Inc.
+   Copyright (C) 2004, 2014, 2015 Free Software Foundation, Inc.
 
 This file is part of GNU Classpath.
 
@@ -64,7 +64,6 @@ import java.util.StringTokenizer;
  * wildcard character.</p>
  */
 public final class PrivateCredentialPermission extends Permission
-  implements Serializable
 {
   /**
    * For compatability with Sun's JDK 1.4.2 rev. 5
@@ -125,6 +124,7 @@ public final class PrivateCredentialPermission extends Permission
   // Instance methods.
   // -------------------------------------------------------------------------
 
+  @Override
   public boolean equals (Object o)
   {
     if (! (o instanceof PrivateCredentialPermission))
@@ -141,20 +141,20 @@ public final class PrivateCredentialPermission extends Permission
         return false;
       }
 
-    final String[][] principals = getPrincipals();
+    final String[][] thisPrincipals = getPrincipals();
     final String[][] thatPrincipals = that.getPrincipals();
     if (thatPrincipals == null)
       {
         return false;
       }
-    if (thatPrincipals.length != principals.length)
+    if (thatPrincipals.length != thisPrincipals.length)
       {
         return false;
       }
-    for (int i = 0; i < principals.length; i++)
+    for (int i = 0; i < thisPrincipals.length; i++)
       {
-        if (!principals[i][0].equals (thatPrincipals[i][0]) ||
-            !principals[i][1].equals (thatPrincipals[i][1]))
+        if (!thisPrincipals[i][0].equals (thatPrincipals[i][0]) ||
+            !thisPrincipals[i][1].equals (thatPrincipals[i][1]))
           {
             return false;
           }
@@ -168,6 +168,7 @@ public final class PrivateCredentialPermission extends Permission
    *
    * @return The list of actions.
    */
+  @Override
   public String getActions()
   {
     return "read";
@@ -205,6 +206,7 @@ public final class PrivateCredentialPermission extends Permission
     return ret;
   }
 
+  @Override
   public int hashCode()
   {
     return credentialClass.hashCode() + principals.hashCode();
@@ -228,6 +230,7 @@ public final class PrivateCredentialPermission extends Permission
    * @param p The permission to check.
    * @return True if this permission implies <i>p</i>.
    */
+  @Override
   public boolean implies (Permission p)
   {
     if (! (p instanceof PrivateCredentialPermission))
@@ -240,19 +243,19 @@ public final class PrivateCredentialPermission extends Permission
       {
         return false;
       }
-    String[][] principals = getPrincipals();
+    String[][] thisPrincipals = getPrincipals();
     String[][] thatPrincipals = that.getPrincipals();
     if (thatPrincipals == null)
       {
         return false;
       }
-    for (int i = 0; i < principals.length; i++)
+    for (int i = 0; i < thisPrincipals.length; i++)
       {
         for (int j = 0; j < thatPrincipals.length; j++)
           {
-            if (principals[i][0].equals (thatPrincipals[j][0]) &&
-                (principals[i][1].equals ("*") ||
-                 principals[i][1].equals (thatPrincipals[j][1])))
+            if (thisPrincipals[i][0].equals (thatPrincipals[j][0]) &&
+                (thisPrincipals[i][1].equals ("*") ||
+                 thisPrincipals[i][1].equals (thatPrincipals[j][1])))
               {
                 return true;
               }
@@ -266,6 +269,7 @@ public final class PrivateCredentialPermission extends Permission
    *
    * @return null.
    */
+  @Override
   public PermissionCollection newPermissionCollection()
   {
     return null;
@@ -300,6 +304,7 @@ public final class PrivateCredentialPermission extends Permission
     // Instance methods.
     // -----------------------------------------------------------------------
 
+    @Override
     public boolean equals (Object o)
     {
       if (!(o instanceof CredOwner))
@@ -310,6 +315,7 @@ public final class PrivateCredentialPermission extends Permission
         principalName.equals (((CredOwner) o).getPrincipalName());
     }
 
+    @Override
     public int hashCode()
     {
       return principalClass.hashCode() + principalName.hashCode();
diff --git a/javax/security/auth/SubjectDomainCombiner.java b/javax/security/auth/SubjectDomainCombiner.java
index a50e54b12..8c441af38 100644
--- a/javax/security/auth/SubjectDomainCombiner.java
+++ b/javax/security/auth/SubjectDomainCombiner.java
@@ -1,5 +1,5 @@
 /* SubjectDomainCombiner.java -- domain combiner for Subjects.
-   Copyright (C) 2004, 2005, 2014  Free Software Foundation, Inc.
+   Copyright (C) 2004, 2005, 2014, 2015  Free Software Foundation, Inc.
 
 This file is part of GNU Classpath.
 
@@ -63,6 +63,7 @@ public class SubjectDomainCombiner implements DomainCombiner
   // Instance methods.
   // -------------------------------------------------------------------------
 
+  @Override
   public ProtectionDomain[] combine (final ProtectionDomain[] current,
                                      final ProtectionDomain[] assigned)
   {
diff --git a/javax/security/auth/callback/ConfirmationCallback.java b/javax/security/auth/callback/ConfirmationCallback.java
index fccc87236..8df94c41e 100644
--- a/javax/security/auth/callback/ConfirmationCallback.java
+++ b/javax/security/auth/callback/ConfirmationCallback.java
@@ -1,5 +1,5 @@
 /* ConfirmationCallback.java -- callback for confirmations.
-   Copyright (C) 2003, 2014 Free Software Foundation, Inc.
+   Copyright (C) 2003, 2014, 2015 Free Software Foundation, Inc.
 
 This file is part of GNU Classpath.
 
@@ -477,14 +477,14 @@ public class ConfirmationCallback implements Callback, Serializable
   private void setOptions(String[] options, int selectedOption)
     throws IllegalArgumentException
   {
-    if ((selectedOption < 0) || (selectedOption > options.length - 1))
-      {
-        throw new IllegalArgumentException("invalid selection");
-      }
     if ((options == null) || (options.length == 0))
       {
         throw new IllegalArgumentException("options is null or empty");
       }
+    if ((selectedOption < 0) || (selectedOption > options.length - 1))
+      {
+        throw new IllegalArgumentException("invalid selection");
+      }
     for (int i = 0; i < options.length; i++)
       {
         if ((options[i] == null) || (options[i].length() == 0))
diff --git a/javax/security/auth/kerberos/KerberosKey.java b/javax/security/auth/kerberos/KerberosKey.java
index e5735fbd5..863b01aba 100644
--- a/javax/security/auth/kerberos/KerberosKey.java
+++ b/javax/security/auth/kerberos/KerberosKey.java
@@ -1,5 +1,5 @@
 /* KerberosKey.java -- kerberos key
-   Copyright (C) 2006 Free Software Foundation, Inc.
+   Copyright (C) 2006, 2015 Free Software Foundation, Inc.
 
 This file is part of GNU Classpath.
 
@@ -40,8 +40,6 @@ package javax.security.auth.kerberos;
 
 import gnu.classpath.NotImplementedException;
 
-import java.io.Serializable;
-
 import javax.crypto.SecretKey;
 import javax.security.auth.DestroyFailedException;
 import javax.security.auth.Destroyable;
@@ -54,7 +52,7 @@ import javax.security.auth.Destroyable;
  * @since 1.4
  */
 public class KerberosKey
-    implements Serializable, SecretKey, Destroyable
+    implements SecretKey, Destroyable
 {
   private static final long serialVersionUID = -4625402278148246993L;
 
@@ -95,6 +93,7 @@ public class KerberosKey
   /**
    * Return the name of the algorithm used to create this key.
    */
+  @Override
   public final String getAlgorithm()
   {
     checkDestroyed();
@@ -104,6 +103,7 @@ public class KerberosKey
   /**
    * Return the format of this key.  This implementation always returns "RAW".
    */
+  @Override
   public final String getFormat()
   {
     checkDestroyed();
@@ -141,15 +141,17 @@ public class KerberosKey
   /**
    * Return the encoded form of this key.
    */
+  @Override
   public final byte[] getEncoded()
   {
     checkDestroyed();
-    return (byte[]) key.key.clone();
+    return key.key.clone();
   }
 
   /**
    * Destroy this key.
    */
+  @Override
   public void destroy() throws DestroyFailedException
   {
     if (key == null)
@@ -161,6 +163,7 @@ public class KerberosKey
    * Return true if this key has been destroyed.  After this has been
    * called, other methods on this object will throw IllegalStateException.
    */
+  @Override
   public boolean isDestroyed()
   {
     return key == null;
@@ -172,6 +175,7 @@ public class KerberosKey
       throw new IllegalStateException("key is destroyed");
   }
 
+  @Override
   public String toString()
   {
     // FIXME: random choice here.
diff --git a/javax/security/auth/kerberos/KerberosPrincipal.java b/javax/security/auth/kerberos/KerberosPrincipal.java
index 46da0fa1c..71002a987 100644
--- a/javax/security/auth/kerberos/KerberosPrincipal.java
+++ b/javax/security/auth/kerberos/KerberosPrincipal.java
@@ -1,5 +1,5 @@
 /* KerberosPrincipal.java -- a kerberos principal
-   Copyright (C) 2006, 2014 Free Software Foundation, Inc.
+   Copyright (C) 2006, 2014, 2015 Free Software Foundation, Inc.
 
 This file is part of GNU Classpath.
 
@@ -165,6 +165,7 @@ public final class KerberosPrincipal
   /**
    * Return the name of this principal.
    */
+  @Override
   public String getName()
   {
     return name;
@@ -186,11 +187,13 @@ public final class KerberosPrincipal
     return type;
   }
 
+  @Override
   public int hashCode()
   {
     return name.hashCode();
   }
 
+  @Override
   public boolean equals(Object other)
   {
     if (! (other instanceof KerberosPrincipal))
@@ -199,6 +202,7 @@ public final class KerberosPrincipal
     return name.equals(kp.name) && type == kp.type;
   }
 
+  @Override
   public String toString()
   {
     // This is what came to mind.
diff --git a/javax/security/auth/kerberos/KerberosTicket.java b/javax/security/auth/kerberos/KerberosTicket.java
index 66227fd20..e53ea9b34 100644
--- a/javax/security/auth/kerberos/KerberosTicket.java
+++ b/javax/security/auth/kerberos/KerberosTicket.java
@@ -1,5 +1,5 @@
 /* KerberosTicket.java -- a kerberos ticket
-   Copyright (C) 2006, 2014 Free Software Foundation, Inc.
+   Copyright (C) 2006, 2014, 2015 Free Software Foundation, Inc.
 
 This file is part of GNU Classpath.
 
@@ -73,7 +73,7 @@ public class KerberosTicket
   private static final int INITIAL = 9;
   private static final int NUM_FLAGS = 12;
 
-  @SuppressWarnings("unusedPrivate") private byte[] asn1Encoding;
+  private byte[] asn1Encoding;
   private KeyImpl sessionKey;
   private boolean[] flags;
   private Date authTime;
@@ -116,13 +116,12 @@ public class KerberosTicket
                         Date endTime, Date renewTill,
                         InetAddress[] clientAddresses)
   {
-    this.asn1Encoding = (byte[]) asn1Encoding.clone();
+    this.asn1Encoding = asn1Encoding.clone();
     this.sessionKey = new KeyImpl(key, type);
     this.flags = new boolean[NUM_FLAGS];
     if (flags != null)
       System.arraycopy(flags, 0, this.flags, 0,
                        Math.min(flags.length, NUM_FLAGS));
-    this.flags = (boolean[]) flags.clone();
     this.authTime = (Date) authTime.clone();
     this.startTime = (Date) ((startTime == null)
                               ? authTime : startTime).clone();
@@ -139,6 +138,7 @@ public class KerberosTicket
    * Destroy this ticket.  This discards secret information.  After this
    * method is called, other methods will throw IllegalStateException.
    */
+  @Override
   public void destroy() throws DestroyFailedException
   {
     if (sessionKey == null)
@@ -150,6 +150,7 @@ public class KerberosTicket
   /**
    * Return true if this ticket has been destroyed.
    */
+  @Override
   public boolean isDestroyed()
   {
     return sessionKey == null;
@@ -159,6 +160,7 @@ public class KerberosTicket
    * Return true if the ticket is currently valid.  This is true if
    * the system time is between the ticket's start and end times.
    */
+  @Override
   public boolean isCurrent()
   {
     long now = System.currentTimeMillis();
@@ -170,6 +172,7 @@ public class KerberosTicket
    * attempt to renew the ticket.
    * @throws RefreshFailedException if the renewal fails for any reason
    */
+  @Override
   public void refresh() throws RefreshFailedException, NotImplementedException
   {
     if (! isRenewable())
@@ -261,7 +264,7 @@ public class KerberosTicket
    */
   public final boolean[] getFlags()
   {
-    return (boolean[]) flags.clone();
+    return flags.clone();
   }
 
   /**
@@ -314,7 +317,7 @@ public class KerberosTicket
   public final byte[] getEncoded()
   {
     checkDestroyed();
-    return (byte[]) sessionKey.key.clone();
+    return sessionKey.key.clone();
   }
 
   /**
@@ -332,6 +335,7 @@ public class KerberosTicket
       throw new IllegalStateException("key is destroyed");
   }
 
+  @Override
   public String toString()
   {
     return getClass().getName() +
diff --git a/javax/security/auth/kerberos/KeyImpl.java b/javax/security/auth/kerberos/KeyImpl.java
index d8027c07e..8f7e89296 100644
--- a/javax/security/auth/kerberos/KeyImpl.java
+++ b/javax/security/auth/kerberos/KeyImpl.java
@@ -1,5 +1,5 @@
 /* KeyImpl.java -- kerberos key implementation
-   Copyright (C) 2006 Free Software Foundation, Inc.
+   Copyright (C) 2006, 2015 Free Software Foundation, Inc.
 
 This file is part of GNU Classpath.
 
@@ -38,15 +38,13 @@ exception statement from your version. */
 
 package javax.security.auth.kerberos;
 
-import java.io.Serializable;
-
 import javax.crypto.SecretKey;
 
 /**
  * Note that the name of this class is fixed by the serialization
  * spec, even though the class itself is not public.
  */
-final class KeyImpl implements Serializable, SecretKey
+final class KeyImpl implements SecretKey
 {
   // Enable this when serialization works.
   private static final long serialVersionUID = -7889313790214321193L;
@@ -65,7 +63,7 @@ final class KeyImpl implements Serializable, SecretKey
     else
       this.algorithm = "FIXME";
     this.type = type;
-    this.key = (byte[]) key.clone();
+    this.key = key.clone();
   }
 
   public KeyImpl(char[] passwd, String algo)
@@ -75,22 +73,26 @@ final class KeyImpl implements Serializable, SecretKey
     this.key = null; // double FIXME
   }
 
+  @Override
   public String getAlgorithm()
   {
     return algorithm;
   }
 
+  @Override
   public byte[] getEncoded()
   {
     return key;
   }
 
+  @Override
   public String getFormat()
   {
     // FIXME.
     return null;
   }
 
+  @Override
   public String toString()
   {
     return getClass().getName() +
diff --git a/javax/security/auth/login/AppConfigurationEntry.java b/javax/security/auth/login/AppConfigurationEntry.java
index fd4d09210..ecb7afa3a 100644
--- a/javax/security/auth/login/AppConfigurationEntry.java
+++ b/javax/security/auth/login/AppConfigurationEntry.java
@@ -1,5 +1,5 @@
 /* AppConfigurationEntry.java
-   Copyright (C) 2004, 2006, 2014 Free Software Foundation, Inc.
+   Copyright (C) 2004, 2006, 2014, 2015 Free Software Foundation, Inc.
 
 This file is part of GNU Classpath.
 
@@ -95,6 +95,7 @@ public class AppConfigurationEntry
 
   // Object methods ----------------------------------------------------------
 
+  @Override
   public String toString()
   {
 
@@ -127,6 +128,7 @@ public class AppConfigurationEntry
     // Instance methods.
     // -----------------------------------------------------------------------
 
+    @Override
     public String toString()
     {
       if (this == LoginModuleControlFlag.REQUIRED)
diff --git a/javax/security/auth/login/Configuration.java b/javax/security/auth/login/Configuration.java
index bbaef065d..93782950f 100644
--- a/javax/security/auth/login/Configuration.java
+++ b/javax/security/auth/login/Configuration.java
@@ -1,5 +1,5 @@
 /* Configuration.java
-   Copyright (C) 2004, 2006, 2014 Free Software Foundation, Inc.
+   Copyright (C) 2004, 2006, 2014, 2015 Free Software Foundation, Inc.
 
 This file is part of GNU Classpath.
 
@@ -38,11 +38,11 @@ exception statement from your version. */
 
 package javax.security.auth.login;
 
+import gnu.java.security.action.GetSecurityPropertyAction;
+
 import gnu.javax.security.auth.login.GnuConfiguration;
 
 import java.security.AccessController;
-import java.security.PrivilegedAction;
-import java.security.Security;
 
 import javax.security.auth.AuthPermission;
 
@@ -97,13 +97,7 @@ public abstract class Configuration
     if (config == null)
       {
         String conf = AccessController.doPrivileged
-          (new PrivilegedAction<String>()
-            {
-              public String run()
-              {
-                return Security.getProperty ("login.configuration.provider");
-              }
-            });
+          (new GetSecurityPropertyAction ("login.configuration.provider"));
         try
           {
             if (conf != null)
diff --git a/javax/security/auth/login/LoginContext.java b/javax/security/auth/login/LoginContext.java
index 39d8702c9..f05c660b5 100644
--- a/javax/security/auth/login/LoginContext.java
+++ b/javax/security/auth/login/LoginContext.java
@@ -96,13 +96,13 @@ public class LoginContext
     this.cbHandler = cbHandler;
     if (config == null)
       config = Configuration.getConfig();
-    AppConfigurationEntry[] entries = config.getAppConfigurationEntry (name);
-    if (entries == null)
-      entries = config.getAppConfigurationEntry (OTHER);
-    if (entries == null)
+    AppConfigurationEntry[] appEntries = config.getAppConfigurationEntry (name);
+    if (appEntries == null)
+      appEntries = config.getAppConfigurationEntry (OTHER);
+    if (appEntries == null)
       throw new LoginException ("no configured modules for application "
                                 + name);
-    this.entries = entries;
+    this.entries = appEntries;
     modules = new LoginModule[entries.length];
     sharedState = new HashMap<String,Object>();
     for (int i = 0; i < entries.length; i++)
@@ -223,7 +223,7 @@ public class LoginContext
   }
 
   private LoginModule lookupModule (AppConfigurationEntry entry,
-                                    Subject subject, Map<String,?> sharedState)
+                                    Subject subj, Map<String,?> state)
     throws LoginException
   {
     LoginModule module = null;
@@ -251,7 +251,7 @@ public class LoginContext
         cause = ie;
       }
 
-    if (cause != null)
+    if (module == null)
       {
         LoginException le = new LoginException ("could not load module "
                                                 + entry.getLoginModuleName());
@@ -259,7 +259,7 @@ public class LoginContext
         throw le;
       }
 
-    module.initialize (subject, cbHandler, sharedState, entry.getOptions());
+    module.initialize (subj, cbHandler, state, entry.getOptions());
     return module;
   }
 }
diff --git a/javax/security/auth/login/NullConfiguration.java b/javax/security/auth/login/NullConfiguration.java
index a3f0c9943..579c1386b 100644
--- a/javax/security/auth/login/NullConfiguration.java
+++ b/javax/security/auth/login/NullConfiguration.java
@@ -1,5 +1,5 @@
 /* NullConfiguration.java -- no-op default login configuration.
-   Copyright (C) 2004 Free Software Foundation, Inc.
+   Copyright (C) 2004, 2014 Free Software Foundation, Inc.
 
 This file is part of GNU Classpath.
 
@@ -51,11 +51,13 @@ final class NullConfiguration extends Configuration
   // Instance methods.
   // -------------------------------------------------------------------------
 
+  @Override
   public AppConfigurationEntry[] getAppConfigurationEntry (String applicationName)
   {
     return null;
   }
 
+  @Override
   public void refresh()
   {
   }
diff --git a/javax/security/auth/x500/X500Principal.java b/javax/security/auth/x500/X500Principal.java
index 79c3336e1..91b028ebc 100644
--- a/javax/security/auth/x500/X500Principal.java
+++ b/javax/security/auth/x500/X500Principal.java
@@ -141,6 +141,7 @@ public final class X500Principal implements Principal, Serializable
   // Instance methods.
   // ------------------------------------------------------------------------
 
+  @Override
   public int hashCode()
   {
     int result = size();
@@ -156,6 +157,7 @@ public final class X500Principal implements Principal, Serializable
     return result;
   }
 
+  @Override
   public boolean equals(Object o)
   {
     if (!(o instanceof X500Principal))
@@ -183,9 +185,10 @@ public final class X500Principal implements Principal, Serializable
   {
     if (encoded == null)
       encodeDer();
-    return (byte[]) encoded.clone();
+    return encoded.clone();
   }
 
+  @Override
   public String getName()
   {
     return getName (RFC2253);
@@ -241,6 +244,7 @@ public final class X500Principal implements Principal, Serializable
     return str.toString();
   }
 
+  @Override
   public String toString()
   {
     return getName (RFC2253);
@@ -318,7 +322,7 @@ public final class X500Principal implements Principal, Serializable
       }
   }
 
-  private String readAttributeType(Reader in) throws IOException
+  private static String readAttributeType(Reader in) throws IOException
   {
     CPStringBuilder buf = new CPStringBuilder();
     int ch;
@@ -441,9 +445,9 @@ public final class X500Principal implements Principal, Serializable
       }
   }
 
-  private void parseDer (InputStream encoded) throws IOException
+  private void parseDer (InputStream encodedStream) throws IOException
   {
-    DERReader der = new DERReader (encoded);
+    DERReader der = new DERReader (encodedStream);
     DERValue name = der.read();
     if (!name.isConstructed())
       throw new IOException ("malformed Name");
diff --git a/javax/security/auth/x500/X500PrivateCredential.java b/javax/security/auth/x500/X500PrivateCredential.java
index 8cba93c6f..f042335c1 100644
--- a/javax/security/auth/x500/X500PrivateCredential.java
+++ b/javax/security/auth/x500/X500PrivateCredential.java
@@ -1,5 +1,5 @@
 /* X500PrivateCredential.java -- certificate and private key pair.
-   Copyright (C) 2003, 2004  Free Software Foundation, Inc.
+   Copyright (C) 2003, 2004, 2014  Free Software Foundation, Inc.
 
 This file is part of GNU Classpath.
 
@@ -129,6 +129,7 @@ public final class X500PrivateCredential implements Destroyable
    * Destroy the sensitive data of this credential, setting the certificate,
    * private key, and keystore alias to null.
    */
+  @Override
   public void destroy()
   {
     certificate = null;
@@ -142,6 +143,7 @@ public final class X500PrivateCredential implements Destroyable
    *
    * @return True if this object has been destroyed.
    */
+  @Override
   public boolean isDestroyed()
   {
     return certificate == null && key == null;
diff --git a/javax/security/cert/Certificate.java b/javax/security/cert/Certificate.java
index 50c7340fb..53d690e11 100644
--- a/javax/security/cert/Certificate.java
+++ b/javax/security/cert/Certificate.java
@@ -1,5 +1,5 @@
 /* Certificate.java -- base class of public-key certificates.
-   Copyright (C) 2004 Free Software Foundation, Inc.
+   Copyright (C) 2004, 2014 Free Software Foundation, Inc.
 
 This file is part of GNU Classpath.
 
@@ -74,6 +74,7 @@ public abstract class Certificate
    * @param other The object to test.
    * @return True if the certificates are equal.
    */
+  @Override
   public boolean equals(Object other)
   {
     if (other == null || !(other instanceof Certificate))
@@ -99,6 +100,7 @@ public abstract class Certificate
    *
    * @return The hash code.
    */
+  @Override
   public int hashCode()
   {
     try
@@ -165,6 +167,7 @@ public abstract class Certificate
    *
    * @return The string.
    */
+  @Override
   public abstract String toString();
 
   /**
diff --git a/javax/security/cert/X509CertBridge.java b/javax/security/cert/X509CertBridge.java
index 36fc4202a..39fd44db8 100644
--- a/javax/security/cert/X509CertBridge.java
+++ b/javax/security/cert/X509CertBridge.java
@@ -1,5 +1,5 @@
 /* X509CertBridge.java -- bridge between JDK and JSSE cert APIs.
-   Copyright (C) 2004 Free Software Foundation, Inc.
+   Copyright (C) 2004, 2014 Free Software Foundation, Inc.
 
 This file is part of GNU Classpath.
 
@@ -70,6 +70,7 @@ final class X509CertBridge extends X509Certificate
   // Instance methods.
   // -------------------------------------------------------------------------
 
+  @Override
   public byte[] getEncoded() throws CertificateEncodingException
   {
     try
@@ -82,6 +83,7 @@ final class X509CertBridge extends X509Certificate
       }
   }
 
+  @Override
   public void verify(PublicKey key)
     throws CertificateException, NoSuchAlgorithmException, InvalidKeyException,
            NoSuchProviderException, SignatureException
@@ -96,6 +98,7 @@ final class X509CertBridge extends X509Certificate
       }
   }
 
+  @Override
   public void verify(PublicKey key, String sigProvider)
     throws CertificateException, NoSuchAlgorithmException, InvalidKeyException,
            NoSuchProviderException, SignatureException
@@ -110,16 +113,19 @@ final class X509CertBridge extends X509Certificate
       }
   }
 
+  @Override
   public String toString()
   {
     return cert.toString();
   }
 
+  @Override
   public PublicKey getPublicKey()
   {
     return cert.getPublicKey();
   }
 
+  @Override
   public void checkValidity()
     throws CertificateExpiredException, CertificateNotYetValidException
   {
@@ -137,6 +143,7 @@ final class X509CertBridge extends X509Certificate
       }
   }
 
+  @Override
   public void checkValidity(Date date)
     throws CertificateExpiredException, CertificateNotYetValidException
   {
@@ -154,46 +161,55 @@ final class X509CertBridge extends X509Certificate
       }
   }
 
+  @Override
   public int getVersion()
   {
     return cert.getVersion();
   }
 
+  @Override
   public BigInteger getSerialNumber()
   {
     return cert.getSerialNumber();
   }
 
+  @Override
   public Principal getIssuerDN()
   {
     return cert.getIssuerDN();
   }
 
+  @Override
   public Principal getSubjectDN()
   {
     return cert.getSubjectDN();
   }
 
+  @Override
   public Date getNotBefore()
   {
     return cert.getNotBefore();
   }
 
+  @Override
   public Date getNotAfter()
   {
     return cert.getNotAfter();
   }
 
+  @Override
   public String getSigAlgName()
   {
     return cert.getSigAlgName();
   }
 
+  @Override
   public String getSigAlgOID()
   {
     return cert.getSigAlgOID();
   }
 
+  @Override
   public byte[] getSigAlgParams()
   {
     return cert.getSigAlgParams();
diff --git a/javax/security/sasl/Sasl.java b/javax/security/sasl/Sasl.java
index e77bdb86b..89e7588d2 100644
--- a/javax/security/sasl/Sasl.java
+++ b/javax/security/sasl/Sasl.java
@@ -1,5 +1,5 @@
 /* Sasl.java --
-   Copyright (C) 2003, 2004, 2005, 2014 Free Software Foundation, Inc.
+   Copyright (C) 2003, 2004, 2005, 2014, 2015 Free Software Foundation, Inc.
 
 This file is part of GNU Classpath.
 
@@ -416,13 +416,11 @@ public class Sasl
                   }
                 if (clazz == null)
                   continue;
-                else
-                  clazz = clazz.trim();
+		clazz = clazz.trim();
               }
 
             try
               {
-                result = null;
                 factory = (SaslClientFactory) Class.forName(clazz).newInstance();
                 result = factory.createSaslClient(mechanisms, authorizationID,
                                                   protocol, serverName, props, cbh);
@@ -610,12 +608,10 @@ public class Sasl
           }
         if (clazz == null)
           continue;
-        else
-          clazz = clazz.trim();
+	clazz = clazz.trim();
 
         try
           {
-            result = null;
             factory = (SaslServerFactory) Class.forName(clazz).newInstance();
             result =
               factory.createSaslServer(mechanism, protocol, serverName, props, cbh);
diff --git a/javax/security/sasl/SaslException.java b/javax/security/sasl/SaslException.java
index f4407e761..073dc0991 100644
--- a/javax/security/sasl/SaslException.java
+++ b/javax/security/sasl/SaslException.java
@@ -1,5 +1,5 @@
 /* SaslException.java
-   Copyright (C) 2003, 2005, Free Software Foundation, Inc.
+   Copyright (C) 2003, 2005, 2015, Free Software Foundation, Inc.
 
 This file is part of GNU Classpath.
 
@@ -41,16 +41,13 @@ package javax.security.sasl;
 import gnu.java.lang.CPStringBuilder;
 
 import java.io.IOException;
-import java.io.PrintStream;
-import java.io.PrintWriter;
-import java.io.Serializable;
 
 /**
  * This class represents an error that has occurred when using SASL.
  *
  * @since 1.5
  */
-public class SaslException extends IOException implements Serializable
+public class SaslException extends IOException
 {
 
   // Constants and variables
@@ -106,7 +103,7 @@ public class SaslException extends IOException implements Serializable
    */
   public SaslException(String detail, Throwable ex)
   {
-    super(detail);
+    super(detail, ex);
     _exception = ex;
   }
 
@@ -123,49 +120,23 @@ public class SaslException extends IOException implements Serializable
    *
    * @return the possibly <code>null</code> exception that caused this exception.
    */
+  @Override
   public Throwable getCause()
   {
     return _exception;
   }
 
   /**
-   * Prints this exception's stack trace to <code>System.err</code>. If this
-   * exception has a root exception; the stack trace of the root exception is
-   * also printed to <code>System.err</code>.
-   */
-  public void printStackTrace()
-  {
-    super.printStackTrace();
-    if (_exception != null)
-      _exception.printStackTrace();
-  }
-
-  /**
-   * Prints this exception's stack trace to a print stream. If this exception
-   * has a root exception; the stack trace of the root exception is also
-   * printed to the print stream.
-   *
-   * @param ps the non-null print stream to which to print.
-   */
-  public void printStackTrace(PrintStream ps)
-  {
-    super.printStackTrace(ps);
-    if (_exception != null)
-      _exception.printStackTrace(ps);
-  }
-
-  /**
-   * Prints this exception's stack trace to a print writer. If this exception
-   * has a root exception; the stack trace of the root exception is also
-   * printed to the print writer.
-   *
-   * @param pw the non-null print writer to use for output.
+   * @inheritDoc
    */
-  public void printStackTrace(PrintWriter pw)
+  @Override
+  public Throwable initCause(Throwable cause)
   {
-    super.printStackTrace(pw);
-    if (_exception != null)
-      _exception.printStackTrace(pw);
+    super.initCause(cause);
+    // Sync our copy if the superclass one changed
+    if (super.getCause() == cause)
+      _exception = cause;
+    return this;
   }
 
   /**
@@ -178,6 +149,7 @@ public class SaslException extends IOException implements Serializable
    * @return the non-null string representation of this exception.
    * @see Throwable#getMessage()
    */
+  @Override
   public String toString()
   {
     CPStringBuilder sb = new CPStringBuilder(this.getClass().getName())