changeset 10275:0c72a0ace0db

Merge
author lana
date Thu, 10 Jul 2014 12:40:48 -0700
parents 2b88f21ec693 0083adcfd5ed
children 7f8294841146
files src/share/lib/security/BlacklistedCertsConverter.java src/share/lib/security/blacklisted.certs src/share/lib/security/blacklisted.certs.pem
diffstat 101 files changed, 2752 insertions(+), 1363 deletions(-) [+]
line wrap: on
line diff
--- a/make/CopyFiles.gmk	Thu Jul 10 12:13:26 2014 -0700
+++ b/make/CopyFiles.gmk	Thu Jul 10 12:40:48 2014 -0700
@@ -407,16 +407,11 @@
 
 ##########################################################################################
 
-BLACKLISTED_CERTS_SRC := $(JDK_TOPDIR)/src/share/lib/security/blacklisted.certs
-BLACKLISTED_CERTS_DST := $(JDK_OUTPUTDIR)/lib/security/blacklisted.certs
-
 ifndef OPENJDK
 
   BLACKLIST_SRC := $(JDK_TOPDIR)/src/closed/share/lib/security/blacklist
   BLACKLIST_DST := $(JDK_OUTPUTDIR)/lib/security/blacklist
 
-  BLACKLISTED_CERTS_SRC += $(wildcard $(JDK_TOPDIR)/src/closed/share/lib/security/blacklisted.certs)
-
   TRUSTEDLIBS_SRC := $(JDK_TOPDIR)/src/closed/share/lib/security/trusted.libraries
   TRUSTEDLIBS_DST := $(JDK_OUTPUTDIR)/lib/security/trusted.libraries
 
@@ -432,20 +427,6 @@
 
 endif
 
-$(BLACKLISTED_CERTS_DST): $(BLACKLISTED_CERTS_SRC)
-	$(MKDIR) -p $(@D)
-	$(CAT) $^ | $(SED) '/^$$/d' | $(SORT) | $(UNIQ) > $@.tmp
-	$(GREP) -i Algorithm $@.tmp > $@
-	if [ `$(SED) -n -e "$$=" $@` != 1 ]; then \
-	   $(ECHO) "Different algorithms defined in $^"; \
-	   $(RM) $@ $@.tmp; \
-	   false; \
-	fi
-	$(GREP) -iv Algorithm $@.tmp >> $@
-	$(RM) $@.tmp
-
-COPY_FILES += $(BLACKLISTED_CERTS_DST)
-
 ##########################################################################################
 
 ifndef OPENJDK
--- a/make/GenerateData.gmk	Thu Jul 10 12:13:26 2014 -0700
+++ b/make/GenerateData.gmk	Thu Jul 10 12:40:48 2014 -0700
@@ -50,6 +50,9 @@
 include gendata/GendataHtml32dtd.gmk
 GENDATA += $(GENDATA_HTML32DTD)
 
+include gendata/GendataBlacklistedCerts.gmk
+GENDATA += $(GENDATA_BLACKLISTED_CERTS)
+
 ##########################################################################################
 
 GENDATA_UNINAME := $(JDK_OUTPUTDIR)/classes/java/lang/uniName.dat
--- a/make/Tools.gmk	Thu Jul 10 12:13:26 2014 -0700
+++ b/make/Tools.gmk	Thu Jul 10 12:40:48 2014 -0700
@@ -87,6 +87,9 @@
 TOOL_TZDB = $(JAVA_SMALL) -cp $(JDK_OUTPUTDIR)/btclasses \
     build.tools.tzdb.TzdbZoneRulesCompiler
 
+TOOL_BLACKLISTED_CERTS = $(JAVA_SMALL) -cp $(JDK_OUTPUTDIR)/btclasses \
+    build.tools.blacklistedcertsconverter.BlacklistedCertsConverter
+
 
 # TODO: There are references to the jdwpgen.jar in jdk/make/netbeans/jdwpgen/build.xml
 # and nbproject/project.properties in the same dir. Needs to be looked at.
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/make/data/blacklistedcertsconverter/blacklisted.certs.pem	Thu Jul 10 12:40:48 2014 -0700
@@ -0,0 +1,727 @@
+#! java BlacklistedCertsConverter SHA-256
+
+# The line above must be the first line of the blacklisted.certs.pem
+# file inside src/share/lib/security/. It will be ignored if added in
+# src/closed/share/lib/security/blacklisted.certs.pem.
+
+// Subject: CN=Digisign Server ID (Enrich),
+//          OU=457608-K,
+//          O=Digicert Sdn. Bhd.,
+//          C=MY
+// Issuer:  CN=GTE CyberTrust Global Root,
+//          OU=GTE CyberTrust Solutions, Inc.,
+//          O=GTE Corporation,
+//          C=US
+// Serial:  120001705 (07:27:14:a9)
+-----BEGIN CERTIFICATE-----
+MIIDyzCCAzSgAwIBAgIEBycUqTANBgkqhkiG9w0BAQUFADB1MQswCQYDVQQGEwJV
+UzEYMBYGA1UEChMPR1RFIENvcnBvcmF0aW9uMScwJQYDVQQLEx5HVEUgQ3liZXJU
+cnVzdCBTb2x1dGlvbnMsIEluYy4xIzAhBgNVBAMTGkdURSBDeWJlclRydXN0IEds
+b2JhbCBSb290MB4XDTA3MDcxNzE1MTc0OFoXDTEyMDcxNzE1MTY1NFowYzELMAkG
+A1UEBhMCTVkxGzAZBgNVBAoTEkRpZ2ljZXJ0IFNkbi4gQmhkLjERMA8GA1UECxMI
+NDU3NjA4LUsxJDAiBgNVBAMTG0RpZ2lzaWduIFNlcnZlciBJRCAoRW5yaWNoKTCB
+nzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEArahkS02Hx4RZufuQRqCmicDx/tXa
+VII3DZkrRSYK6Fawf8qo9I5HhAGCKeOzarWR8/uVhbxyqGToCkCcxfRxrnt7agfq
+kBRPjYmvlKuyBtQCanuYH1m5Os1U+iDfsioK6bjdaZDAKdNO0JftZszFGUkGf/pe
+LHx7hRsyQt97lSUCAwEAAaOCAXgwggF0MBIGA1UdEwEB/wQIMAYBAf8CAQAwXAYD
+VR0gBFUwUzBIBgkrBgEEAbE+AQAwOzA5BggrBgEFBQcCARYtaHR0cDovL2N5YmVy
+dHJ1c3Qub21uaXJvb3QuY29tL3JlcG9zaXRvcnkuY2ZtMAcGBWCDSgEBMA4GA1Ud
+DwEB/wQEAwIB5jCBiQYDVR0jBIGBMH+heaR3MHUxCzAJBgNVBAYTAlVTMRgwFgYD
+VQQKEw9HVEUgQ29ycG9yYXRpb24xJzAlBgNVBAsTHkdURSBDeWJlclRydXN0IFNv
+bHV0aW9ucywgSW5jLjEjMCEGA1UEAxMaR1RFIEN5YmVyVHJ1c3QgR2xvYmFsIFJv
+b3SCAgGlMEUGA1UdHwQ+MDwwOqA4oDaGNGh0dHA6Ly93d3cucHVibGljLXRydXN0
+LmNvbS9jZ2ktYmluL0NSTC8yMDE4L2NkcC5jcmwwHQYDVR0OBBYEFMYWk04WF+wW
+royUdvOGbcV0boR3MA0GCSqGSIb3DQEBBQUAA4GBAHYAe6Z4K2Ydjl42xqSOBfIj
+knyTZ9P0wAp9iy3Z6tVvGvPhSilaIoRNUC9LDPL/hcJ7VdREgr5trGeOvLQfkpxR
+gBoU9m6rYYgLrRx/90tQUdZlG6ZHcRVesHHzNRTyN71jyNXwk1o0X9g96F33xR7A
+5c8fhiSpPAdmzcHSNmNZ
+-----END CERTIFICATE-----
+
+// Subject: CN=Digisign Server ID - (Enrich),
+//          OU=457608-K,
+//          O=Digicert Sdn. Bhd.,
+//          C=MY
+// Issuer:  CN=Entrust.net Certification Authority (2048)
+//          OU=(c) 1999 Entrust.net Limited,
+//          OU=www.entrust.net/CPS_2048 incorp. by ref. (limits liab.),
+//          O=Entrust.net
+// Serial:  1184644297 (4c:0e:63:6a)
+-----BEGIN CERTIFICATE-----
+MIIEzjCCA7agAwIBAgIETA5jajANBgkqhkiG9w0BAQUFADCBtDEUMBIGA1UEChML
+RW50cnVzdC5uZXQxQDA+BgNVBAsUN3d3dy5lbnRydXN0Lm5ldC9DUFNfMjA0OCBp
+bmNvcnAuIGJ5IHJlZi4gKGxpbWl0cyBsaWFiLikxJTAjBgNVBAsTHChjKSAxOTk5
+IEVudHJ1c3QubmV0IExpbWl0ZWQxMzAxBgNVBAMTKkVudHJ1c3QubmV0IENlcnRp
+ZmljYXRpb24gQXV0aG9yaXR5ICgyMDQ4KTAeFw0xMDA3MTYxNzIzMzdaFw0xNTA3
+MTYxNzUzMzdaMGUxCzAJBgNVBAYTAk1ZMRswGQYDVQQKExJEaWdpY2VydCBTZG4u
+IEJoZC4xETAPBgNVBAsTCDQ1NzYwOC1LMSYwJAYDVQQDEx1EaWdpc2lnbiBTZXJ2
+ZXIgSUQgLSAoRW5yaWNoKTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEB
+AMWJ5PQNBkCSWccaszXRDkwqM/n4r8qef+65p21g9FTob9Wb8xtjMQRoctE0Foy0
+FyyX3nPF2JAVoBor9cuzSIZE8B2ITM5BQhrv9Qze/kDaOSD3BlU6ap1GwdJvpbLI
+Vz4po5zg6YV3ZuiYpyR+vsBZIOVEb7ZX2L7OwmV3WMZhQdF0BMh/SULFcqlyFu6M
+3RJdtErU0a9Qt9iqdXZorT5dqjBtYairEFs+E78z4K9EnTgiW+9ML6ZxJhUmyiiM
+2fqOjqmiFDXimySItPR/hZ2DTwehthSQNsQ0HI0mYW0Tb3i+6I8nx0uElqOGaAwj
+vgvsjJQAqQSKE5D334VsDLECAwEAAaOCATQwggEwMA4GA1UdDwEB/wQEAwIBBjAS
+BgNVHRMBAf8ECDAGAQH/AgEAMCcGA1UdJQQgMB4GCCsGAQUFBwMBBggrBgEFBQcD
+AgYIKwYBBQUHAwQwMwYIKwYBBQUHAQEEJzAlMCMGCCsGAQUFBzABhhdodHRwOi8v
+b2NzcC5lbnRydXN0Lm5ldDBEBgNVHSAEPTA7MDkGBWCDSgEBMDAwLgYIKwYBBQUH
+AgEWImh0dHA6Ly93d3cuZGlnaWNlcnQuY29tLm15L2Nwcy5odG0wMgYDVR0fBCsw
+KTAnoCWgI4YhaHR0cDovL2NybC5lbnRydXN0Lm5ldC8yMDQ4Y2EuY3JsMBEGA1Ud
+DgQKBAhMTswlKAMpgTAfBgNVHSMEGDAWgBRV5IHREYC+2Im5CKMx+aEkCRa5cDAN
+BgkqhkiG9w0BAQUFAAOCAQEAl0zvSjpJrHL8MCBrtClbp8WVBJD5MtXChWreA6E3
++YkAsFqsVX7bQzX/yQH4Ub7MJsrIaqTEVD4mHucMo82XZ5TdpkLrXM2POXlrM3kh
+Bnn6gkQVmczBtznTRmJ8snDrb84gqj4Zt+l0gpy0pUtNYQA35IfS8hQ6ZHy4qXth
+4JMi59WfPkfmNnagU9gAAzoPtTP+lsrT0oI6Lt3XSOHkp2nMHOmZSufKcEXXCwcO
+mnUb0C+Sb/akB8O9HEumhLZ9qJqp0qcp8QtXaR6XVybsK0Os1EWDBQDp4/BGQAf6
+6rFRc5Mcpd1TETfIKqcVJx20qsx/qjEw/LhFn0gJ7RDixQ==
+-----END CERTIFICATE-----
+
+// Subject: CN=Java Media APIs,
+//          OU=Java Signed Extensions,
+//          OU=Corporate Object Signing,
+//          O=Sun Microsystems Inc
+// Issuer:  CN=Object Signing CA,
+//          OU=Class 2 OnSite Subscriber CA,
+//          OU=VeriSign Trust Network,
+//          O=Sun Microsystems Inc
+// Serial:  6a:8b:99:91:37:59:4f:89:53:e2:97:18:9f:19:1e:4e
+-----BEGIN CERTIFICATE-----
+MIIFdzCCBF+gAwIBAgIQaouZkTdZT4lT4pcYnxkeTjANBgkqhkiG9w0BAQUFADCB
+gzEdMBsGA1UEChMUU3VuIE1pY3Jvc3lzdGVtcyBJbmMxHzAdBgNVBAsTFlZlcmlT
+aWduIFRydXN0IE5ldHdvcmsxJTAjBgNVBAsTHENsYXNzIDIgT25TaXRlIFN1YnNj
+cmliZXIgQ0ExGjAYBgNVBAMTEU9iamVjdCBTaWduaW5nIENBMB4XDTA5MDUxMjAw
+MDAwMFoXDTEyMDUxMTIzNTk1OVowfTEdMBsGA1UEChQUU3VuIE1pY3Jvc3lzdGVt
+cyBJbmMxITAfBgNVBAsUGENvcnBvcmF0ZSBPYmplY3QgU2lnbmluZzEfMB0GA1UE
+CxQWSmF2YSBTaWduZWQgRXh0ZW5zaW9uczEYMBYGA1UEAxQPSmF2YSBNZWRpYSBB
+UElzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl5blzoKTVE8y4Hpz
+q6E15RZz1bF5HnYEyYqgHkZXnAKedmYCoMzm1XK8s+gQWShLEvGEAvs5yqarx9gE
+nnC21N28aEZgIJMa2/arKxCUkS4pxdGPYGexL9UzSRkUpoBShCZKEGdmX7gfJE2K
+/sd9MFvGV5/yZtWXrADzvm0Kd/9mg1KRv1gfrZIq0TJbupoXPYYqb73AkI9eT2ZD
+q9MdwD4E5+oojsDFXt8GU/D00fUhtXpYwuplU7D667WHYdJhIah0ST6JywyqcLXG
+XSuFTXOgITT2idSHluZVmx3dqJ72u9kPkO4JdJTMDfaK8zgNLaRkiU8Qcj+qhLYH
+ytaqcwIDAQABo4IB6jCCAeYwCQYDVR0TBAIwADAOBgNVHQ8BAf8EBAMCB4AwfwYD
+VR0fBHgwdjB0oHKgcIZuaHR0cDovL29uc2l0ZWNybC52ZXJpc2lnbi5jb20vU3Vu
+TWljcm9zeXN0ZW1zSW5jQ29ycG9yYXRlT2JqZWN0U2lnbmluZ0phdmFTaWduZWRF
+eHRlbnNpb25zQ2xhc3NCL0xhdGVzdENSTC5jcmwwHwYDVR0jBBgwFoAUs0crgn5T
+tHPKuLsZt76BTQeVx+0wHQYDVR0OBBYEFKS32mVx0gNWTeS4ProHEaeSpvvIMDsG
+CCsGAQUFBwEBBC8wLTArBggrBgEFBQcwAYYfaHR0cDovL29uc2l0ZS1vY3NwLnZl
+cmlzaWduLmNvbTCBtQYDVR0gBIGtMIGqMDkGC2CGSAGG+EUBBxcCMCowKAYIKwYB
+BQUHAgEWHGh0dHBzOi8vd3d3LnZlcmlzaWduLmNvbS9ycGEwbQYLYIZIAYb3AIN9
+nD8wXjAnBggrBgEFBQcCARYbaHR0cHM6Ly93d3cuc3VuLmNvbS9wa2kvY3BzMDMG
+CCsGAQUFBwICMCcaJVZhbGlkYXRlZCBGb3IgU3VuIEJ1c2luZXNzIE9wZXJhdGlv
+bnMwEwYDVR0lBAwwCgYIKwYBBQUHAwMwDQYJKoZIhvcNAQEFBQADggEBAAe6BO4W
+3TSNWfezyelJs6kE3HfulT6Bdyz4UUoh9ykXcV8nRwT+kh25I5MdyG2GfkJoADPR
+VhC5DYo13UFpIsTNVjq+hGYe2hML93bN7ad9SxCCyjHUo3yMz2qgBbHZI3VA9ZHA
+aWM4Tx0saMwbcnVvlbuGh+PXvStfypJqYT6lzcdFfjNVX4FI/QQNGhBswMY51tC8
+GTBCL2qhJon0gSCU4zaawDOf7+XxJWirLamYL1Aal1/h2z2sFrvA/1ftxtU3kZ6I
+7De8DyoHeZg7pYGdrj7g+lPhCga/WvEhN152I+aP08YbFcJHYmK05ngl/Ye4c6Bd
+cdrdfbw6QzEUIYY=
+-----END CERTIFICATE-----
+
+// Subject: CN=JavaFX 1.0 Runtime,
+//          OU=Java Signed Extensions,
+//          OU=Corporate Object Signing,
+//          O=Sun Microsystems Inc
+// Issuer:  CN=Object Signing CA,
+//          OU=Class 2 OnSite Subscriber CA,
+//          OU=VeriSign Trust Network,
+//          O=Sun Microsystems Inc
+// Serial:  55:c0:e6:44:59:59:79:9e:d9:26:f1:b0:4a:1e:f0:27
+-----BEGIN CERTIFICATE-----
+MIIFezCCBGOgAwIBAgIQVcDmRFlZeZ7ZJvGwSh7wJzANBgkqhkiG9w0BAQUFADCB
+gzEdMBsGA1UEChMUU3VuIE1pY3Jvc3lzdGVtcyBJbmMxHzAdBgNVBAsTFlZlcmlT
+aWduIFRydXN0IE5ldHdvcmsxJTAjBgNVBAsTHENsYXNzIDIgT25TaXRlIFN1YnNj
+cmliZXIgQ0ExGjAYBgNVBAMTEU9iamVjdCBTaWduaW5nIENBMB4XDTA4MTAwOTAw
+MDAwMFoXDTExMTAwOTIzNTk1OVowgYAxHTAbBgNVBAoUFFN1biBNaWNyb3N5c3Rl
+bXMgSW5jMSEwHwYDVQQLFBhDb3Jwb3JhdGUgT2JqZWN0IFNpZ25pbmcxHzAdBgNV
+BAsUFkphdmEgU2lnbmVkIEV4dGVuc2lvbnMxGzAZBgNVBAMUEkphdmFGWCAxLjAg
+UnVudGltZTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAM+WDc6+bu+4
+tmAcS/lBtUc02WOt9QZpVsXg9cG2pu/8bUtmDELa8iiYBVFpIs8DU58HLrGQtCUY
+SIAGOVPsOJoN29UKCDWfY9j5JeVhfhMGqk9DwrWhzgsjy4cpZ1pIp+k/fJ8zT8Ul
+aYLpow1vg3UNddsmwz02tN7cOrMw9WYIG4CRYnY1OrtJSfe2pYzheC4zyvR+aiVl
+nang2OtqikSQsNFOFHsLOJFxngy9LrO8evDSu25VTKI6zlWU6/bMeqtztJPN0VOn
+NyUrJZvkxZ207Jg0T693BGSxNC1n+ihztXogql8950M/pEuUbDjylv5FFvlp6DSB
+dDT2MkutmyMCAwEAAaOCAeowggHmMAkGA1UdEwQCMAAwDgYDVR0PAQH/BAQDAgeA
+MH8GA1UdHwR4MHYwdKByoHCGbmh0dHA6Ly9vbnNpdGVjcmwudmVyaXNpZ24uY29t
+L1N1bk1pY3Jvc3lzdGVtc0luY0NvcnBvcmF0ZU9iamVjdFNpZ25pbmdKYXZhU2ln
+bmVkRXh0ZW5zaW9uc0NsYXNzQi9MYXRlc3RDUkwuY3JsMB8GA1UdIwQYMBaAFLNH
+K4J+U7Rzyri7Gbe+gU0HlcftMB0GA1UdDgQWBBTjgufVi3XJ3gx1ewsA6Rr7BR4Z
+zjA7BggrBgEFBQcBAQQvMC0wKwYIKwYBBQUHMAGGH2h0dHA6Ly9vbnNpdGUtb2Nz
+cC52ZXJpc2lnbi5jb20wgbUGA1UdIASBrTCBqjA5BgtghkgBhvhFAQcXAjAqMCgG
+CCsGAQUFBwIBFhxodHRwczovL3d3dy52ZXJpc2lnbi5jb20vcnBhMG0GC2CGSAGG
+9wCDfZw/MF4wJwYIKwYBBQUHAgEWG2h0dHBzOi8vd3d3LnN1bi5jb20vcGtpL2Nw
+czAzBggrBgEFBQcCAjAnGiVWYWxpZGF0ZWQgRm9yIFN1biBCdXNpbmVzcyBPcGVy
+YXRpb25zMBMGA1UdJQQMMAoGCCsGAQUFBwMDMA0GCSqGSIb3DQEBBQUAA4IBAQAB
+YVJTTVe7rzyTO4jc3zajErOT/COkdQTfNo0eIX1QbNynFieJvwY/jRzUZwjktIFR
+2p4JtbpHGAtKtjOAOTieQ8xdDOoC1djzpE7/AbMvuvlTavtUKT+F7tPdhfXgWXJV
+6Wbt8jryKyk3zZGiEhauIwZUkfjRkEtffEmZWLUd8c8rURJjfC/XHH2oyurscoxc
+CjX29c9ynxSiS/VvQp1an0HvErGh69N48wj7cj8mtZ1yHzd2XCzSSR1OfTPfk0Pt
+yg51p7yJaFiH21PTZegEL6zyVNOYBTKwwIi2OzpwYalD3uvK6e3OKDrfFCOxu17u
+4PveESbrdyrmvLe7IVez
+-----END CERTIFICATE-----
+
+// Subject: CN=JavaFX Runtime,
+//          OU=Java Signed Extensions,
+//          OU=Corporate Object Signing,
+//          O=Sun Microsystems Inc
+// Issuer:  CN=Object Signing CA,
+//          OU=Class 2 OnSite Subscriber CA,
+//          OU=VeriSign Trust Network,
+//          O=Sun Microsystems Inc
+// Serial:  47:f4:55:f1:da:4a:5e:f9:e3:f7:a8:03:62:17:c0:ff
+-----BEGIN CERTIFICATE-----
+MIIFdjCCBF6gAwIBAgIQR/RV8dpKXvnj96gDYhfA/zANBgkqhkiG9w0BAQUFADCB
+gzEdMBsGA1UEChMUU3VuIE1pY3Jvc3lzdGVtcyBJbmMxHzAdBgNVBAsTFlZlcmlT
+aWduIFRydXN0IE5ldHdvcmsxJTAjBgNVBAsTHENsYXNzIDIgT25TaXRlIFN1YnNj
+cmliZXIgQ0ExGjAYBgNVBAMTEU9iamVjdCBTaWduaW5nIENBMB4XDTA5MDEyOTAw
+MDAwMFoXDTEyMDEyOTIzNTk1OVowfDEdMBsGA1UEChQUU3VuIE1pY3Jvc3lzdGVt
+cyBJbmMxITAfBgNVBAsUGENvcnBvcmF0ZSBPYmplY3QgU2lnbmluZzEfMB0GA1UE
+CxQWSmF2YSBTaWduZWQgRXh0ZW5zaW9uczEXMBUGA1UEAxQOSmF2YUZYIFJ1bnRp
+bWUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCIzd0fAk8mI9ONc6RJ
+aGieioK2FLdXEwj8zL3vdGDVmBwyR1zwYkaOIFFgF9IW/8qc4iAYA5sGUY+0g8q3
+5DuYAxfTzBB5KdaYvbuq6GGnoHIWmTirXY+1friFp8lyXSvtuEaGB1VHaBoZchEg
+k+UgeVDA43dHwcT1Ov3DePczJRUes8T/QHzLX+BxUDG43vjyncCEO/AjqLZxXEz2
+xrNbKLcH3lGMJK7hdbfssUfF5BjC38Hn71HauYlA43b2no+2y0Sjulwzez2YPbDC
+0GLR3TnKtA8dqOrnl5t3DniDbfOBNtBE3VOydJO0XW57Ng1HRXD023nm9ECPY2xp
+0N/pAgMBAAGjggHqMIIB5jAJBgNVHRMEAjAAMA4GA1UdDwEB/wQEAwIHgDB/BgNV
+HR8EeDB2MHSgcqBwhm5odHRwOi8vb25zaXRlY3JsLnZlcmlzaWduLmNvbS9TdW5N
+aWNyb3N5c3RlbXNJbmNDb3Jwb3JhdGVPYmplY3RTaWduaW5nSmF2YVNpZ25lZEV4
+dGVuc2lvbnNDbGFzc0IvTGF0ZXN0Q1JMLmNybDAfBgNVHSMEGDAWgBSzRyuCflO0
+c8q4uxm3voFNB5XH7TAdBgNVHQ4EFgQUvOdd0cKPj+Yik/iOBwTdphh5A+gwOwYI
+KwYBBQUHAQEELzAtMCsGCCsGAQUFBzABhh9odHRwOi8vb25zaXRlLW9jc3AudmVy
+aXNpZ24uY29tMIG1BgNVHSAEga0wgaowOQYLYIZIAYb4RQEHFwIwKjAoBggrBgEF
+BQcCARYcaHR0cHM6Ly93d3cudmVyaXNpZ24uY29tL3JwYTBtBgtghkgBhvcAg32c
+PzBeMCcGCCsGAQUFBwIBFhtodHRwczovL3d3dy5zdW4uY29tL3BraS9jcHMwMwYI
+KwYBBQUHAgIwJxolVmFsaWRhdGVkIEZvciBTdW4gQnVzaW5lc3MgT3BlcmF0aW9u
+czATBgNVHSUEDDAKBggrBgEFBQcDAzANBgkqhkiG9w0BAQUFAAOCAQEAbGcf2NjL
+AI93HG6ny2BbepaZA1a8xa/R6uUc7xV+Qw6MgLwFD4Q4i6LWUztQDvg9l68MM2/i
+Y9LEi1KM4lcNbK5+D+t9x98wXBiuojXhVdp5ZmC03EyEBbriopdBsmXVLDSu/Y3+
+zowOO5xwpMK3dbgsSDs2Vt0UosD3FTcRaD3GNfOhXMp+o1grHNiXF9YgkmdQbPPZ
+DQ2KBhFPCRJXBGvyKOqno/DTg0sQ3crGH/C4/4t7mnQXWldZotmJUZ0ONc9oD+Q1
+JAaguUKqIwn9yZ093ie+JWHbYNid9IIIPXYgtRxmf9a376WBhqhu56uJftBJ7x9g
+eQ7Lot6CSWCiFw==
+-----END CERTIFICATE-----
+
+// Subject: CN=Solaris INTERNAL DEVELOPMENT USE ONLY,
+//          OU=Solaris Cryptographic Framework,
+//          OU=Corporate Object Signing,
+//          O=Sun Microsystems Inc
+// Issuer:  CN=Object Signing CA,
+//          OU=Class 2 OnSite Subscriber CA,
+//          OU=VeriSign Trust Network,
+//          O=Sun Microsystems Inc
+// Serial:  77:29:77:52:6a:19:7b:9a:a6:a2:c7:99:a0:e1:cd:8c
+-----BEGIN CERTIFICATE-----
+MIIFHjCCBAagAwIBAgIQdyl3UmoZe5qmoseZoOHNjDANBgkqhkiG9w0BAQUFADCB
+gzEdMBsGA1UEChMUU3VuIE1pY3Jvc3lzdGVtcyBJbmMxHzAdBgNVBAsTFlZlcmlT
+aWduIFRydXN0IE5ldHdvcmsxJTAjBgNVBAsTHENsYXNzIDIgT25TaXRlIFN1YnNj
+cmliZXIgQ0ExGjAYBgNVBAMTEU9iamVjdCBTaWduaW5nIENBMB4XDTA3MDEwNDAw
+MDAwMFoXDTEwMDEwMzIzNTk1OVowgZwxHTAbBgNVBAoUFFN1biBNaWNyb3N5c3Rl
+bXMgSW5jMSEwHwYDVQQLFBhDb3Jwb3JhdGUgT2JqZWN0IFNpZ25pbmcxKDAmBgNV
+BAsUH1NvbGFyaXMgQ3J5cHRvZ3JhcGhpYyBGcmFtZXdvcmsxLjAsBgNVBAMUJVNv
+bGFyaXMgSU5URVJOQUwgREVWRUxPUE1FTlQgVVNFIE9OTFkwgZ8wDQYJKoZIhvcN
+AQEBBQADgY0AMIGJAoGBALbNU4hf3mD5ArDI9pjgioAyvV3bjMPRQdCZniIeGJBp
+odFlSEH+Mh64W1DsY8coeZ7FvvGJkx9IpTMJW9k8w1oJK9UNqHyAQfaYjQyXi3xQ
+LJp62EvYdGfDlwOZejEcR/MbzZG+GOPMMvQj5+xyFDvLXNGfQNTnxw2qnBgCJXjj
+AgMBAAGjggH1MIIB8TAJBgNVHRMEAjAAMA4GA1UdDwEB/wQEAwIHgDCBiQYDVR0f
+BIGBMH8wfaB7oHmGd2h0dHA6Ly9vbnNpdGVjcmwudmVyaXNpZ24uY29tL1N1bk1p
+Y3Jvc3lzdGVtc0luY0NvcnBvcmF0ZU9iamVjdFNpZ25pbmdTb2xhcmlzQ3J5cHRv
+Z3JhcGhpY0ZyYW1ld29ya0NsYXNzQi9MYXRlc3RDUkwuY3JsMB8GA1UdIwQYMBaA
+FLNHK4J+U7Rzyri7Gbe+gU0HlcftMB0GA1UdDgQWBBRpfiGYkehTnsIzuN2H6AFb
+VCZG8jA7BggrBgEFBQcBAQQvMC0wKwYIKwYBBQUHMAGGH2h0dHA6Ly9vbnNpdGUt
+b2NzcC52ZXJpc2lnbi5jb20wgbUGA1UdIASBrTCBqjA5BgtghkgBhvhFAQcXAjAq
+MCgGCCsGAQUFBwIBFhxodHRwczovL3d3dy52ZXJpc2lnbi5jb20vcnBhMG0GC2CG
+SAGG9wCDfZw/MF4wJwYIKwYBBQUHAgEWG2h0dHBzOi8vd3d3LnN1bi5jb20vcGtp
+L2NwczAzBggrBgEFBQcCAjAnFiVWYWxpZGF0ZWQgRm9yIFN1biBCdXNpbmVzcyBP
+cGVyYXRpb25zMBMGA1UdJQQMMAoGCCsGAQUFBwMDMA0GCSqGSIb3DQEBBQUAA4IB
+AQCG5soy3LFHTFbA8/5SzDRhQoJkHUnOP0t3b6nvX6vZYRp649fje7TQOPRm1pFd
+CZ17J+tggdZwgzTqY4aYpJ00jZaK6pV37q/vgFC/ia6jDs8Q+ly9cEcadBZ5loYg
+cmxp9p57W2MNWx8VA8oFdNtKfF0jUNXbLNtvwGHmgR6YcwLrGN1b6/9Lt9bO3ODl
+FO+ZDwkfQz5ClUVrTx2dGBvKRYFqSG5S8JAfsgYhPvcacUQkA7ExyKvfRXLWVrce
+ZiPpcElbx+819H2sAPvVvparVeAruZGMAtejHZp9NFoowKen5drJp9VxePS4eM49
+3DepB6lKRrNRw66LNQol4ZBz
+-----END CERTIFICATE-----
+
+// Subject: EMAILADDRESS=info@diginotar.nl, CN=DigiNotar Cyber CA,
+//          O=DigiNotar, C=NL
+// Issuer:  CN=GTE CyberTrust Global Root,
+//          OU=GTE CyberTrust Solutions, Inc.,
+//          O=GTE Corporation,
+//          C=US
+// Serial:  120000525 (07:27:10:0D)
+-----BEGIN CERTIFICATE-----
+MIIFWjCCBMOgAwIBAgIEBycQDTANBgkqhkiG9w0BAQUFADB1MQswCQYDVQQGEwJV
+UzEYMBYGA1UEChMPR1RFIENvcnBvcmF0aW9uMScwJQYDVQQLEx5HVEUgQ3liZXJU
+cnVzdCBTb2x1dGlvbnMsIEluYy4xIzAhBgNVBAMTGkdURSBDeWJlclRydXN0IEds
+b2JhbCBSb290MB4XDTA2MTAwNDEwNTQxMVoXDTExMTAwNDEwNTMxMVowYDELMAkG
+A1UEBhMCTkwxEjAQBgNVBAoTCURpZ2lOb3RhcjEbMBkGA1UEAxMSRGlnaU5vdGFy
+IEN5YmVyIENBMSAwHgYJKoZIhvcNAQkBFhFpbmZvQGRpZ2lub3Rhci5ubDCCAiIw
+DQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIBANLOFQotqF6EZ639vu9Gx8i5z3P8
+9DS5+SxD52ATPXrjss87Z2yQrcC5P4RS8DVC3HTcKDu9UrSnrHJFF8bwieu0qiXy
+XUte0dmHutZ9fPXOMp8QM8WxSrtekTHC0OlBwpFkfglBO9uLCDdqqspS3rU5HsCI
+A6U/i5kTYUO1m4Kz7iBvz6FEouova0CfjytXraFTwoUiaZ2gP1HfC0GRDaXhqKpc
+SQhdvd5wQbEPyWNr0380dAIvNFp4dRxoeoFnivPaQPBgY/SSINcDpj2jHmfEhBtB
+pcmM5r3qSLYFFgizNxJa92E89zhvLpfgb1Y4VNMota0Ubi5LZLUnZbd1JQm2Bz2V
+VgIKgmCyc0XgMyZRdJq51FAc9k1bW1JSE1qmf6cO4ehBVGeYjIfVydNsy9NUkgYJ
+NEH3gW8/nsl8dVWw58Gzd+jDxAA1lUBwEEoF3iW7n1mlZLxHYL9g43aLE1Xd4XR6
+uc8kpmp/3mQiRFhogmoQ+T3lPhu5vfwi9GAEibtVbShV+t6OjRshFNc3izR7Tfay
+shDPM7F9HGKZSMsrbHaWVb8ZDR0fu2WqG46ZtcYokOWCLXhQIJr9eS8kf/CJKWn0
+fc1zvrPtTsHR7VJej/e4142HrbLZG1ES/1az4a80fVykeIgQnp0DxqWqoiRR90kU
+xbHuWUOV36toKDA/AgMBAAGjggGGMIIBgjASBgNVHRMBAf8ECDAGAQH/AgEBMFMG
+A1UdIARMMEowSAYJKwYBBAGxPgEAMDswOQYIKwYBBQUHAgEWLWh0dHA6Ly93d3cu
+cHVibGljLXRydXN0LmNvbS9DUFMvT21uaVJvb3QuaHRtbDAOBgNVHQ8BAf8EBAMC
+AQYwgaAGA1UdIwSBmDCBlYAUpgwdn2H/Bxe1vzhG20Mw1Y6wUgaheaR3MHUxCzAJ
+BgNVBAYTAlVTMRgwFgYDVQQKEw9HVEUgQ29ycG9yYXRpb24xJzAlBgNVBAsTHkdU
+RSBDeWJlclRydXN0IFNvbHV0aW9ucywgSW5jLjEjMCEGA1UEAxMaR1RFIEN5YmVy
+VHJ1c3QgR2xvYmFsIFJvb3SCAgGlMEUGA1UdHwQ+MDwwOqA4oDaGNGh0dHA6Ly93
+d3cucHVibGljLXRydXN0LmNvbS9jZ2ktYmluL0NSTC8yMDE4L2NkcC5jcmwwHQYD
+VR0OBBYEFKv5aN/PSjfXe0WMX3LeQETDZbvCMA0GCSqGSIb3DQEBBQUAA4GBAI9o
+a6VbB7pEZg4cqFwwezPkCiYE/O+eGjjWLqEf0JlHwnVkJP2eOyh2uSYoYZEMbSz4
+BJ98UAHV42mv7xXSRZskCSpmBU8lgcpdvqrBWSeuM46C9990sFWzjvjnN8huqlZE
+9r1TgSOWPbT6MopTZkQloiXGpjwljPDgKAYityZB
+-----END CERTIFICATE-----
+
+// Subject: CN=DigiNotar Cyber CA, O=DigiNotar, C=NL
+// Issuer:  CN=GTE CyberTrust Global Root,
+//          OU=GTE CyberTrust Solutions, Inc.,
+//          O=GTE Corporation,
+//          C=US
+// Serial:  120000505 (07:27:0F:F9)
+-----BEGIN CERTIFICATE-----
+MIIFODCCBKGgAwIBAgIEBycP+TANBgkqhkiG9w0BAQUFADB1MQswCQYDVQQGEwJV
+UzEYMBYGA1UEChMPR1RFIENvcnBvcmF0aW9uMScwJQYDVQQLEx5HVEUgQ3liZXJU
+cnVzdCBTb2x1dGlvbnMsIEluYy4xIzAhBgNVBAMTGkdURSBDeWJlclRydXN0IEds
+b2JhbCBSb290MB4XDTA2MDkyMDA5NDUzMloXDTEzMDkyMDA5NDQwNlowPjELMAkG
+A1UEBhMCTkwxEjAQBgNVBAoTCURpZ2lOb3RhcjEbMBkGA1UEAxMSRGlnaU5vdGFy
+IEN5YmVyIENBMIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEA0s4VCi2o
+XoRnrf2+70bHyLnPc/z0NLn5LEPnYBM9euOyzztnbJCtwLk/hFLwNULcdNwoO71S
+tKesckUXxvCJ67SqJfJdS17R2Ye61n189c4ynxAzxbFKu16RMcLQ6UHCkWR+CUE7
+24sIN2qqylLetTkewIgDpT+LmRNhQ7WbgrPuIG/PoUSi6i9rQJ+PK1etoVPChSJp
+naA/Ud8LQZENpeGoqlxJCF293nBBsQ/JY2vTfzR0Ai80Wnh1HGh6gWeK89pA8GBj
+9JIg1wOmPaMeZ8SEG0GlyYzmvepItgUWCLM3Elr3YTz3OG8ul+BvVjhU0yi1rRRu
+LktktSdlt3UlCbYHPZVWAgqCYLJzReAzJlF0mrnUUBz2TVtbUlITWqZ/pw7h6EFU
+Z5iMh9XJ02zL01SSBgk0QfeBbz+eyXx1VbDnwbN36MPEADWVQHAQSgXeJbufWaVk
+vEdgv2DjdosTVd3hdHq5zySman/eZCJEWGiCahD5PeU+G7m9/CL0YASJu1VtKFX6
+3o6NGyEU1zeLNHtN9rKyEM8zsX0cYplIyytsdpZVvxkNHR+7Zaobjpm1xiiQ5YIt
+eFAgmv15LyR/8IkpafR9zXO+s+1OwdHtUl6P97jXjYetstkbURL/VrPhrzR9XKR4
+iBCenQPGpaqiJFH3SRTFse5ZQ5Xfq2goMD8CAwEAAaOCAYYwggGCMBIGA1UdEwEB
+/wQIMAYBAf8CAQEwUwYDVR0gBEwwSjBIBgkrBgEEAbE+AQAwOzA5BggrBgEFBQcC
+ARYtaHR0cDovL3d3dy5wdWJsaWMtdHJ1c3QuY29tL0NQUy9PbW5pUm9vdC5odG1s
+MA4GA1UdDwEB/wQEAwIBBjCBoAYDVR0jBIGYMIGVgBSmDB2fYf8HF7W/OEbbQzDV
+jrBSBqF5pHcwdTELMAkGA1UEBhMCVVMxGDAWBgNVBAoTD0dURSBDb3Jwb3JhdGlv
+bjEnMCUGA1UECxMeR1RFIEN5YmVyVHJ1c3QgU29sdXRpb25zLCBJbmMuMSMwIQYD
+VQQDExpHVEUgQ3liZXJUcnVzdCBHbG9iYWwgUm9vdIICAaUwRQYDVR0fBD4wPDA6
+oDigNoY0aHR0cDovL3d3dy5wdWJsaWMtdHJ1c3QuY29tL2NnaS1iaW4vQ1JMLzIw
+MTgvY2RwLmNybDAdBgNVHQ4EFgQUq/lo389KN9d7RYxfct5ARMNlu8IwDQYJKoZI
+hvcNAQEFBQADgYEACcpiD427SuDUejUrBi3RKGG2rAH7g0m8rtQvLYauGYOl1h0T
+4he+/jJ06XoUOMqUXvcpAWlxG5Ea/aO7qh3Ke+IW/aGjDvMMX7LhIDGUK16Sdu36
+6bUjpr8KOwOpb1JgVM1f6bcvfKIn/UGDdbYN+3gm87FF6TKVKho1IZXFonU=
+-----END CERTIFICATE-----
+
+// Subject: CN=DigiNotar Cyber CA, O=DigiNotar, C=NL
+// Issuer:  CN=GTE CyberTrust Global Root,
+//          OU=GTE CyberTrust Solutions, Inc.,
+//          O=GTE Corporation,
+//          C=US
+// Serial:  120000515 (07:27:10:03)
+-----BEGIN CERTIFICATE-----
+MIIFODCCBKGgAwIBAgIEBycQAzANBgkqhkiG9w0BAQUFADB1MQswCQYDVQQGEwJV
+UzEYMBYGA1UEChMPR1RFIENvcnBvcmF0aW9uMScwJQYDVQQLEx5HVEUgQ3liZXJU
+cnVzdCBTb2x1dGlvbnMsIEluYy4xIzAhBgNVBAMTGkdURSBDeWJlclRydXN0IEds
+b2JhbCBSb290MB4XDTA2MDkyNzEwNTMzMloXDTExMDkyNzEwNTIzMFowPjELMAkG
+A1UEBhMCTkwxEjAQBgNVBAoTCURpZ2lOb3RhcjEbMBkGA1UEAxMSRGlnaU5vdGFy
+IEN5YmVyIENBMIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEA0s4VCi2o
+XoRnrf2+70bHyLnPc/z0NLn5LEPnYBM9euOyzztnbJCtwLk/hFLwNULcdNwoO71S
+tKesckUXxvCJ67SqJfJdS17R2Ye61n189c4ynxAzxbFKu16RMcLQ6UHCkWR+CUE7
+24sIN2qqylLetTkewIgDpT+LmRNhQ7WbgrPuIG/PoUSi6i9rQJ+PK1etoVPChSJp
+naA/Ud8LQZENpeGoqlxJCF293nBBsQ/JY2vTfzR0Ai80Wnh1HGh6gWeK89pA8GBj
+9JIg1wOmPaMeZ8SEG0GlyYzmvepItgUWCLM3Elr3YTz3OG8ul+BvVjhU0yi1rRRu
+LktktSdlt3UlCbYHPZVWAgqCYLJzReAzJlF0mrnUUBz2TVtbUlITWqZ/pw7h6EFU
+Z5iMh9XJ02zL01SSBgk0QfeBbz+eyXx1VbDnwbN36MPEADWVQHAQSgXeJbufWaVk
+vEdgv2DjdosTVd3hdHq5zySman/eZCJEWGiCahD5PeU+G7m9/CL0YASJu1VtKFX6
+3o6NGyEU1zeLNHtN9rKyEM8zsX0cYplIyytsdpZVvxkNHR+7Zaobjpm1xiiQ5YIt
+eFAgmv15LyR/8IkpafR9zXO+s+1OwdHtUl6P97jXjYetstkbURL/VrPhrzR9XKR4
+iBCenQPGpaqiJFH3SRTFse5ZQ5Xfq2goMD8CAwEAAaOCAYYwggGCMBIGA1UdEwEB
+/wQIMAYBAf8CAQEwUwYDVR0gBEwwSjBIBgkrBgEEAbE+AQAwOzA5BggrBgEFBQcC
+ARYtaHR0cDovL3d3dy5wdWJsaWMtdHJ1c3QuY29tL0NQUy9PbW5pUm9vdC5odG1s
+MA4GA1UdDwEB/wQEAwIBBjCBoAYDVR0jBIGYMIGVgBSmDB2fYf8HF7W/OEbbQzDV
+jrBSBqF5pHcwdTELMAkGA1UEBhMCVVMxGDAWBgNVBAoTD0dURSBDb3Jwb3JhdGlv
+bjEnMCUGA1UECxMeR1RFIEN5YmVyVHJ1c3QgU29sdXRpb25zLCBJbmMuMSMwIQYD
+VQQDExpHVEUgQ3liZXJUcnVzdCBHbG9iYWwgUm9vdIICAaUwRQYDVR0fBD4wPDA6
+oDigNoY0aHR0cDovL3d3dy5wdWJsaWMtdHJ1c3QuY29tL2NnaS1iaW4vQ1JMLzIw
+MTgvY2RwLmNybDAdBgNVHQ4EFgQUq/lo389KN9d7RYxfct5ARMNlu8IwDQYJKoZI
+hvcNAQEFBQADgYEAWcyGZhizJlRP1jjNupZey+yZG6oMDW4Z11boriMHbYPCndBE
+bVh07zmPbZsihOw9w/vm5KbVX5CgxUv4Rhzh/20Faixf3P3bpWg0qgzHVVusNVR/
+P50aKkpdK3hp+QLl56e+lWOddSAINIpmcuyDI1hyuzB+GJEASm9tNU/6rs8=
+-----END CERTIFICATE-----
+
+// Subject: EMAILADDRESS=info@diginotar.nl,
+//          CN=DigiNotar Root CA,
+//          O=DigiNotar, C=NL
+// Issuer:  CN=Entrust.net Secure Server Certification Authority
+//          OU=(c) 1999 Entrust.net Limited,
+//          OU=www.entrust.net/CPS incorp. by ref. (limits liab.),
+//          O=Entrust.net,
+//          C=US,
+// Serial:  1184644297 (46:9C:3C:C9)
+-----BEGIN CERTIFICATE-----
+MIIFSDCCBLGgAwIBAgIERpw8yTANBgkqhkiG9w0BAQUFADCBwzELMAkGA1UEBhMC
+VVMxFDASBgNVBAoTC0VudHJ1c3QubmV0MTswOQYDVQQLEzJ3d3cuZW50cnVzdC5u
+ZXQvQ1BTIGluY29ycC4gYnkgcmVmLiAobGltaXRzIGxpYWIuKTElMCMGA1UECxMc
+KGMpIDE5OTkgRW50cnVzdC5uZXQgTGltaXRlZDE6MDgGA1UEAxMxRW50cnVzdC5u
+ZXQgU2VjdXJlIFNlcnZlciBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eTAeFw0wNzA0
+MjYwNTAwMDBaFw0xMzA4MTQyMDEyMzZaMF8xCzAJBgNVBAYTAk5MMRIwEAYDVQQK
+EwlEaWdpTm90YXIxGjAYBgNVBAMTEURpZ2lOb3RhciBSb290IENBMSAwHgYJKoZI
+hvcNAQkBFhFpbmZvQGRpZ2lub3Rhci5ubDCCAiIwDQYJKoZIhvcNAQEBBQADggIP
+ADCCAgoCggIBAKywWMEAvdghCAsrmv5uVjAFnxt3kBBBXMMNhxF3joHxynzpjGrt
+OHQ1u9rf+bvACTe0lnOBfTMamDn3k2+Vfz25sXWHulFI6ItwPpUExdi2wxbZiLCx
+hx1w2oa0DxSLes8Q0XQ2ohJ7d4ZKeeZ73wIRaKVOhq40WJskE3hWIiUeAYtLUXH7
+gsxZlmmIWmhTxbkNAjfLS7xmSpB+KgsFB+0WX1WQddhGyRuD4gi+8SPMmR3WKg+D
+IBVYJ4Iu+uIiwkmxuQGBap1tnUB3aHZOISpthECFTnaZfILz87cCWdQmARuO361T
+BtGuGN3isjrL14g4jqxbKbkZ05j5GAPPSIKGZgsbaQ/J6ziIeiYaBUyS1yTUlvKs
+Ui2jR9VS9j/+zoQGcKaqPqLytlY0GFei5IFt58rwatPHkWsCg0F8Fe9rmmRe49A8
+5bHre12G+8vmd0nNo2Xc97mcuOQLX5PPzDAaMhzOHGOVpfnq4XSLnukrqTB7oBgf
+DhgL5Vup09FsHgdnj5FLqYq80maqkwGIspH6MVzVpsFSCAnNCmOi0yKm6KHZOQaX
+9W6NApCMFHs/gM0bnLrEWHIjr7ZWn8Z6QjMpBz+CyeYfBQ3NTCg2i9PIPhzGiO9e
+7olk6R3r2ol+MqZp0d3MiJ/R0MlmIdwGZ8WUepptYkx9zOBkgLKeR46jAgMBAAGj
+ggEmMIIBIjASBgNVHRMBAf8ECDAGAQH/AgEBMCcGA1UdJQQgMB4GCCsGAQUFBwMB
+BggrBgEFBQcDAgYIKwYBBQUHAwQwEQYDVR0gBAowCDAGBgRVHSAAMDMGCCsGAQUF
+BwEBBCcwJTAjBggrBgEFBQcwAYYXaHR0cDovL29jc3AuZW50cnVzdC5uZXQwMwYD
+VR0fBCwwKjAooCagJIYiaHR0cDovL2NybC5lbnRydXN0Lm5ldC9zZXJ2ZXIxLmNy
+bDAdBgNVHQ4EFgQUiGi/4I41xDs4a2L3KDuEgcgM100wCwYDVR0PBAQDAgEGMB8G
+A1UdIwQYMBaAFPAXYhNVPbP/CgBr+1CEl/PtYtAaMBkGCSqGSIb2fQdBAAQMMAob
+BFY3LjEDAgCBMA0GCSqGSIb3DQEBBQUAA4GBAI979rBep8tu3TeLunapgsZ0jtXp
+GDFjKWSk87dj1jCyYi+q/GyDyZ6ZQZNRP0sF+6twscq05lClWNy3TROMp7QeuoLO
+G7Utw3OJaswUtp4YglANMRTHEe3g9ltifUXRH5tSuy7u6yi4LD4WTm5ULP6r/g6l
+0CnjXYb0+b1Fmz6U
+-----END CERTIFICATE-----
+
+// Subject: EMAILADDRESS=info@diginotar.nl,
+//          CN=DigiNotar Root CA,
+//          O=DigiNotar, C=NL
+// Issuer:  CN=Entrust.net Secure Server Certification Authority
+//          OU=(c) 1999 Entrust.net Limited,
+//          OU=www.entrust.net/CPS incorp. by ref. (limits liab.),
+//          O=Entrust.net,
+//          C=US,
+// Serial:  1184640175 (46:9C:2C:AF)
+-----BEGIN CERTIFICATE-----
+MIIFSDCCBLGgAwIBAgIERpwsrzANBgkqhkiG9w0BAQUFADCBwzELMAkGA1UEBhMC
+VVMxFDASBgNVBAoTC0VudHJ1c3QubmV0MTswOQYDVQQLEzJ3d3cuZW50cnVzdC5u
+ZXQvQ1BTIGluY29ycC4gYnkgcmVmLiAobGltaXRzIGxpYWIuKTElMCMGA1UECxMc
+KGMpIDE5OTkgRW50cnVzdC5uZXQgTGltaXRlZDE6MDgGA1UEAxMxRW50cnVzdC5u
+ZXQgU2VjdXJlIFNlcnZlciBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eTAeFw0wNzA3
+MjYxNTU3MzlaFw0xMzA4MjYxNjI3MzlaMF8xCzAJBgNVBAYTAk5MMRIwEAYDVQQK
+EwlEaWdpTm90YXIxGjAYBgNVBAMTEURpZ2lOb3RhciBSb290IENBMSAwHgYJKoZI
+hvcNAQkBFhFpbmZvQGRpZ2lub3Rhci5ubDCCAiIwDQYJKoZIhvcNAQEBBQADggIP
+ADCCAgoCggIBAKywWMEAvdghCAsrmv5uVjAFnxt3kBBBXMMNhxF3joHxynzpjGrt
+OHQ1u9rf+bvACTe0lnOBfTMamDn3k2+Vfz25sXWHulFI6ItwPpUExdi2wxbZiLCx
+hx1w2oa0DxSLes8Q0XQ2ohJ7d4ZKeeZ73wIRaKVOhq40WJskE3hWIiUeAYtLUXH7
+gsxZlmmIWmhTxbkNAjfLS7xmSpB+KgsFB+0WX1WQddhGyRuD4gi+8SPMmR3WKg+D
+IBVYJ4Iu+uIiwkmxuQGBap1tnUB3aHZOISpthECFTnaZfILz87cCWdQmARuO361T
+BtGuGN3isjrL14g4jqxbKbkZ05j5GAPPSIKGZgsbaQ/J6ziIeiYaBUyS1yTUlvKs
+Ui2jR9VS9j/+zoQGcKaqPqLytlY0GFei5IFt58rwatPHkWsCg0F8Fe9rmmRe49A8
+5bHre12G+8vmd0nNo2Xc97mcuOQLX5PPzDAaMhzOHGOVpfnq4XSLnukrqTB7oBgf
+DhgL5Vup09FsHgdnj5FLqYq80maqkwGIspH6MVzVpsFSCAnNCmOi0yKm6KHZOQaX
+9W6NApCMFHs/gM0bnLrEWHIjr7ZWn8Z6QjMpBz+CyeYfBQ3NTCg2i9PIPhzGiO9e
+7olk6R3r2ol+MqZp0d3MiJ/R0MlmIdwGZ8WUepptYkx9zOBkgLKeR46jAgMBAAGj
+ggEmMIIBIjASBgNVHRMBAf8ECDAGAQH/AgEBMCcGA1UdJQQgMB4GCCsGAQUFBwMB
+BggrBgEFBQcDAgYIKwYBBQUHAwQwEQYDVR0gBAowCDAGBgRVHSAAMDMGCCsGAQUF
+BwEBBCcwJTAjBggrBgEFBQcwAYYXaHR0cDovL29jc3AuZW50cnVzdC5uZXQwMwYD
+VR0fBCwwKjAooCagJIYiaHR0cDovL2NybC5lbnRydXN0Lm5ldC9zZXJ2ZXIxLmNy
+bDAdBgNVHQ4EFgQUiGi/4I41xDs4a2L3KDuEgcgM100wCwYDVR0PBAQDAgEGMB8G
+A1UdIwQYMBaAFPAXYhNVPbP/CgBr+1CEl/PtYtAaMBkGCSqGSIb2fQdBAAQMMAob
+BFY3LjEDAgCBMA0GCSqGSIb3DQEBBQUAA4GBAEa6RcDNcEIGUlkDJUY/pWTds4zh
+xbVkp3wSmpwPFhx5fxTyF4HD2L60jl3aqjTB7gPpsL2Pk5QZlNsi3t4UkCV70UOd
+ueJRN3o/LOtk4+bjXY2lC0qTHbN80VMLqPjmaf9ghSA9hwhskdtMgRsgfd90q5QP
+ZFdYf+hthc3m6IcJ
+-----END CERTIFICATE-----
+
+// Subject: CN=DigiNotar PKIoverheid CA Organisatie - G2,
+//          O=DigiNotar B.V.,
+//          C=NL
+// Issuer:  CN=Staat der Nederlanden Organisatie CA - G2,
+//          O=Staat der Nederlanden,
+//          C=NL
+// Serial:  20001983 (01:31:34:bf)
+-----BEGIN CERTIFICATE-----
+MIIGnDCCBISgAwIBAgIEATE0vzANBgkqhkiG9w0BAQsFADBhMQswCQYDVQQGEwJO
+TDEeMBwGA1UECgwVU3RhYXQgZGVyIE5lZGVybGFuZGVuMTIwMAYDVQQDDClTdGFh
+dCBkZXIgTmVkZXJsYW5kZW4gT3JnYW5pc2F0aWUgQ0EgLSBHMjAeFw0xMDA1MTIw
+ODUxMzhaFw0yMDAzMjMwOTUwMDRaMFoxCzAJBgNVBAYTAk5MMRcwFQYDVQQKDA5E
+aWdpTm90YXIgQi5WLjEyMDAGA1UEAwwpRGlnaU5vdGFyIFBLSW92ZXJoZWlkIENB
+IE9yZ2FuaXNhdGllIC0gRzIwggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoIC
+AQCxExkPJ+Zs1FWGS9DsiYpFkXisR71HK+T8RetPtCZzWzfTw3/2497Xo/gtaMUI
+PkuU1uSHJTZrhLUYdPMoWHMvm2rPvAQe9t7dr/xLqvXbZmIlASWC3vKXWhBu3V2p
+IrEEqSNzOvhxrR3PhETrR9Gvbch8KKvH8jd6dF9fxQIUiqNa4xtsAeNdjtlo1vQJ
+GzLckbUs9SDrjANtJkm4k8SFXdjSm69WaswFM8ygQp40VUSca6DUEtArVM23iQ3l
+9uvo+4UBM096a/GdcjOWDveyhKWlJ8Qn8VFzKXe6Z27+TNy04qGhgS85SY1DOBPO
+0KVcwoc6AGdlQiPxNlkKHaNRyLyjlCox3+M88p0aPASw77EKMBNzttfzo0wBdRSF
+eMDXijlYhVD6LubFvs+LP6+PNtQlCS3SD6xyk/K/i9RQs/kVUJuZ9RTZ+4uRozIm
+JqD43ztggYaDeVsr6xM9KTrBbd29no6H1kquNJcF7hSm9tw4fkrpJFQHPZdoN0Zr
+DceoIa8TVOQJavFNRgrJXfubT73e+7dUy7g4nKc5+2otwHuNq6WnV+xKkoozxeEg
+XHPYkJIrgNUPhhhpfDlPhIa890xb89W0yqDC8DciynlSH1PmqvOQsDvd8ij9rOvF
+BiSgydQvD1j9tZ7sD8+yWdCiBHo4aq5y+73wJWKUCacFCwIDAQABo4IBYTCCAV0w
+SAYDVR0gBEEwPzA9BgRVHSAAMDUwMwYIKwYBBQUHAgEWJ2h0dHA6Ly93d3cuZGln
+aW5vdGFyLm5sL2Nwcy9wa2lvdmVyaGVpZDAPBgNVHRMBAf8EBTADAQH/MA4GA1Ud
+DwEB/wQEAwIBBjCBhQYDVR0jBH4wfIAUORCLSZJc22ESIM1JnRqO2pxnQLmhXqRc
+MFoxCzAJBgNVBAYTAk5MMR4wHAYDVQQKDBVTdGFhdCBkZXIgTmVkZXJsYW5kZW4x
+KzApBgNVBAMMIlN0YWF0IGRlciBOZWRlcmxhbmRlbiBSb290IENBIC0gRzKCBACY
+lvQwSQYDVR0fBEIwQDA+oDygOoY4aHR0cDovL2NybC5wa2lvdmVyaGVpZC5ubC9E
+b21PcmdhbmlzYXRpZUxhdGVzdENSTC1HMi5jcmwwHQYDVR0OBBYEFLxdlDvZq3sD
+JXNhwtst7vyrj2WhMA0GCSqGSIb3DQEBCwUAA4ICAQCP/C1Mt9kt1R+978v0t2gX
+dZ1O1ffdnPEqJu2forYcA9VTs+wIzzTi48P0tRYvyMO+19NzqwA2+RpKftZj6V5G
+uqW2jhW3oyrYQx3vXcgfgYWzi/f/PPTZ9EYIP5y8HaDZqEzNJVJOCrEg9x/pQ9lU
+RoETmsBedGwqmDLq/He7DaWiMZgifnx859qkrey3LhoZcfhIUNpDjyyE3cFAJ+O1
+8BVOltT4XOOGKUYr1zsH6zh/yIZXl9PvKjPEF1DVZGlrK2tFXl0vF8paTs/D1zk8
+9TufRrmb5w5Jl53W1eMbD+qPAU6aE5RZCgIHSEsaYKt/T+0L2FUNaG9VnGllFULs
+wNzdbKzDFs4LHVabpMTE0i7gD+JEJytQaaTcYuiKISlCbMwAOpZ2m+9AwKRed4Qy
+bCYqOWauXeO5ubIsaB8empADOfCqs6TMSYsYNOk3yXspx4R8b0QVL+xhWQTJRcui
+1lKifH8pktZKxYtCqNT+6tjHhyMY5J16fXNAUpigrm7jBT8FD+Clxm1N7YM3iJzH
+89xCmmq21yFJNnfy7xhPxXDZnunetyuL9Lx+KN8NQMmFXK6dxTH/0FwOtah+8Okv
+uq+IruW10Vilr5xxpykBkINpN4IFuvwJwQhujHg7wzMCgD9EhQgd31VWCK0shS1d
+sQPhrqp0xaTzTro3mHuCuQ==
+-----END CERTIFICATE-----
+
+// Subject: CN=DigiNotar PKIoverheid CA Overheid en Bedrijven,
+//          O=DigiNotar B.V.,
+//          C=NL
+// Issuer:  CN=Staat der Nederlanden Overheid CA
+//          O=Staat der Nederlanden,
+//          C=NL
+// Serial:  20015536 (01:31:69:b0)
+-----BEGIN CERTIFICATE-----
+MIIEiDCCA3CgAwIBAgIEATFpsDANBgkqhkiG9w0BAQUFADBZMQswCQYDVQQGEwJO
+TDEeMBwGA1UEChMVU3RhYXQgZGVyIE5lZGVybGFuZGVuMSowKAYDVQQDEyFTdGFh
+dCBkZXIgTmVkZXJsYW5kZW4gT3ZlcmhlaWQgQ0EwHhcNMDcwNzA1MDg0MjA3WhcN
+MTUwNzI3MDgzOTQ2WjBfMQswCQYDVQQGEwJOTDEXMBUGA1UEChMORGlnaU5vdGFy
+IEIuVi4xNzA1BgNVBAMTLkRpZ2lOb3RhciBQS0lvdmVyaGVpZCBDQSBPdmVyaGVp
+ZCBlbiBCZWRyaWp2ZW4wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDc
+vdKnTmoKuzuiheF/AK2+tDBomAfNoHrElM9x+Yo35FPrV3bMi+Zs/u6HVcg+uwQ5
+AKeAeKxbT370vbhUuHE7BzFJOZNUfCA7eSuPu2GQfbGs5h+QLp1FAalkLU3DL7nn
+UNVOKlyrdnY3Rtd57EKZ96LspIlw3Dgrh6aqJOadkiQbvvb91C8ZF3rmMgeUVAVT
+Q+lsvK9Hy7zL/b07RBKB8WtLu+20z6slTxjSzAL8o0+1QjPLWc0J3NNQ/aB2jKx+
+ZopC9q0ckvO2+xRG603XLzDgbe5bNr5EdLcgBVeFTegAGaL2DOauocBC36esgl3H
+aLcY5olLmmv6znn58yynAgMBAAGjggFQMIIBTDBIBgNVHSAEQTA/MD0GBFUdIAAw
+NTAzBggrBgEFBQcCARYnaHR0cDovL3d3dy5kaWdpbm90YXIubmwvY3BzL3BraW92
+ZXJoZWlkMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0PAQH/BAQDAgEGMIGABgNVHSME
+eTB3gBQLhtYPd6NosftkCcOIblwEHFfpPaFZpFcwVTELMAkGA1UEBhMCTkwxHjAc
+BgNVBAoTFVN0YWF0IGRlciBOZWRlcmxhbmRlbjEmMCQGA1UEAxMdU3RhYXQgZGVy
+IE5lZGVybGFuZGVuIFJvb3QgQ0GCBACYmnkwPQYDVR0fBDYwNDAyoDCgLoYsaHR0
+cDovL2NybC5wa2lvdmVyaGVpZC5ubC9Eb21PdkxhdGVzdENSTC5jcmwwHQYDVR0O
+BBYEFEwIyY128ZjHPt881y91DbF2eZfMMA0GCSqGSIb3DQEBBQUAA4IBAQAMlIca
+v03jheLu19hjeQ5Q38aEW9K72fUxCho1l3TfFPoqDz7toOMI9tVOW6+mriXiRWsi
+D7dUKH6S3o0UbNEc5W50BJy37zRERd/Jgx0ZH8Apad+J1T/CsFNt5U4X5HNhIxMm
+cUP9TFnLw98iqiEr2b+VERqKpOKrp11Lbyn1UtHk0hWxi/7wA8+nfemZhzizDXMU
+5HIs4c71rQZIZPrTKbmi2Lv01QulQERDjqC/zlqlUkxk0xcxYczopIro5Ij76eUv
+BjMzm5RmZrGrUDqhCYF0U1onuabSJc/Tw6f/ltAv6uAejVLpGBwgCkegllYOQJBR
+RKwa/fHuhR/3Qlpl
+-----END CERTIFICATE-----
+
+// Subject: CN=DigiNotar PKIoverheid CA Overheid
+//          O=DigiNotar B.V.,
+//          C=NL
+// Issuer:  CN=Staat der Nederlanden Overheid CA
+//          O=Staat der Nederlanden,
+//          C=NL
+// Serial:  20006006 (01:31:44:76)
+-----BEGIN CERTIFICATE-----
+MIIEezCCA2OgAwIBAgIEATFEdjANBgkqhkiG9w0BAQUFADBZMQswCQYDVQQGEwJO
+TDEeMBwGA1UEChMVU3RhYXQgZGVyIE5lZGVybGFuZGVuMSowKAYDVQQDEyFTdGFh
+dCBkZXIgTmVkZXJsYW5kZW4gT3ZlcmhlaWQgQ0EwHhcNMDQwNjI0MDgxOTMyWhcN
+MTAwNjIzMDgxNzM2WjBSMQswCQYDVQQGEwJOTDEXMBUGA1UEChMORGlnaU5vdGFy
+IEIuVi4xKjAoBgNVBAMTIURpZ2lOb3RhciBQS0lvdmVyaGVpZCBDQSBPdmVyaGVp
+ZDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBANSlrubta5tlOjVCi/gb
+yLCvRqfBjxG8H594VcKHu0WAYc99SPZF9cycj5mw2GyfQvy/WIrGrL4iyNq1gSqR
+0QA/mTXKZIaPqzpDhdm+VvrKkmjrbZfaQxgMSs3ChtBsjcP9Lc0X1zXZ4Q8nBe3k
+BTp+zehINfmbjoEgXLxsMR5RQ6GxzKjuC04PQpbJQgTIakglKaqYcDDZbEscWgPV
+Hgj/2aoHlj6leW/ThHZ+O41jUguEmBLZA3mu3HrCfrHntb5dPt0ihzSx7GtD/SaX
+5HBLxnP189YuqMk5iRA95CtiSdKauvon/xRKRLNgG6XAz0ctSoY7xLDdiBVU5kJd
+FScCAwEAAaOCAVAwggFMMEgGA1UdIARBMD8wPQYEVR0gADA1MDMGCCsGAQUFBwIB
+FidodHRwOi8vd3d3LmRpZ2lub3Rhci5ubC9jcHMvcGtpb3ZlcmhlaWQwDwYDVR0T
+AQH/BAUwAwEB/zAOBgNVHQ8BAf8EBAMCAQYwgYAGA1UdIwR5MHeAFAuG1g93o2ix
++2QJw4huXAQcV+k9oVmkVzBVMQswCQYDVQQGEwJOTDEeMBwGA1UEChMVU3RhYXQg
+ZGVyIE5lZGVybGFuZGVuMSYwJAYDVQQDEx1TdGFhdCBkZXIgTmVkZXJsYW5kZW4g
+Um9vdCBDQYIEAJiaeTA9BgNVHR8ENjA0MDKgMKAuhixodHRwOi8vY3JsLnBraW92
+ZXJoZWlkLm5sL0RvbU92TGF0ZXN0Q1JMLmNybDAdBgNVHQ4EFgQUvRaYQh2+kdE9
+wpcl4CjXWOC1f+IwDQYJKoZIhvcNAQEFBQADggEBAGhQsCWLiaN2EOhPAW+JQP6o
+XBOrLv5w6joahzBFVn1BiefzmlMKjibqKYxURRvMAsMkh82/MfL8V0w6ugxl81lu
+i42dcxl9cKSVXKMw4bbBzJ2VQI5HTIABwefeNuy/eX6idVwYdt3ajAH7fUA8Q9Cq
+vr6H8B+8mwoEqTVTEVlCSsC/EXsokYEUr06PPzRudKjDmijgj7zFaIioZNc8hk7g
+ufEgrs/tmcNGylrwRHgCXjCRBt2NHlZ08l7A1AGU8HcHlSbG9Un/2q9kVHUkps0D
+gtUaEK+x6jpAu/R8Ojezu/+ZEcwwjI/KOhG+84+ejFmtyEkrUdsAdEdLf/2dKsw=
+-----END CERTIFICATE-----
+
+// Subject: EMAILADDRESS=info@diginotar.nl,
+//          CN=DigiNotar Services 1024 CA
+//          O=DigiNotar, C=NL
+// Issuer:  CN=Entrust.net Secure Server Certification Authority,
+//          OU=(c) 1999 Entrust.net Limited,
+//          OU=www.entrust.net/CPS incorp. by ref. (limits liab.),
+//          O=Entrust.net,
+//          C=US
+// Serial:  1184640176 (46:9c:2c:b0)
+-----BEGIN CERTIFICATE-----
+MIIDzTCCAzagAwIBAgIERpwssDANBgkqhkiG9w0BAQUFADCBwzELMAkGA1UEBhMC
+VVMxFDASBgNVBAoTC0VudHJ1c3QubmV0MTswOQYDVQQLEzJ3d3cuZW50cnVzdC5u
+ZXQvQ1BTIGluY29ycC4gYnkgcmVmLiAobGltaXRzIGxpYWIuKTElMCMGA1UECxMc
+KGMpIDE5OTkgRW50cnVzdC5uZXQgTGltaXRlZDE6MDgGA1UEAxMxRW50cnVzdC5u
+ZXQgU2VjdXJlIFNlcnZlciBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eTAeFw0wNzA3
+MjYxNTU5MDBaFw0xMzA4MjYxNjI5MDBaMGgxCzAJBgNVBAYTAk5MMRIwEAYDVQQK
+EwlEaWdpTm90YXIxIzAhBgNVBAMTGkRpZ2lOb3RhciBTZXJ2aWNlcyAxMDI0IENB
+MSAwHgYJKoZIhvcNAQkBFhFpbmZvQGRpZ2lub3Rhci5ubDCBnzANBgkqhkiG9w0B
+AQEFAAOBjQAwgYkCgYEA2ptNXTz50eKLxsYIIMXZHkjsZlhneWIrQWP0iY1o2q+4
+lDaLGSSkoJPSmQ+yrS01Tc0vauH5mxkrvAQafi09UmTN8T5nD4ku6PJPrqYIoYX+
+oakJ5sarPkP8r3oDkdqmOaZh7phPGKjTs69mgumfvN1y+QYEvRLZGCTnq5NTi1kC
+AwEAAaOCASYwggEiMBIGA1UdEwEB/wQIMAYBAf8CAQAwJwYDVR0lBCAwHgYIKwYB
+BQUHAwEGCCsGAQUFBwMCBggrBgEFBQcDBDARBgNVHSAECjAIMAYGBFUdIAAwMwYI
+KwYBBQUHAQEEJzAlMCMGCCsGAQUFBzABhhdodHRwOi8vb2NzcC5lbnRydXN0Lm5l
+dDAzBgNVHR8ELDAqMCigJqAkhiJodHRwOi8vY3JsLmVudHJ1c3QubmV0L3NlcnZl
+cjEuY3JsMB0GA1UdDgQWBBT+3JRJDG/vXH/G8RKZTxZJrfuCZTALBgNVHQ8EBAMC
+AQYwHwYDVR0jBBgwFoAU8BdiE1U9s/8KAGv7UISX8+1i0BowGQYJKoZIhvZ9B0EA
+BAwwChsEVjcuMQMCAIEwDQYJKoZIhvcNAQEFBQADgYEAY3RqN6k/lpxmyFisCcnv
+9WWUf6MCxDgxvV0jh+zUVrLJsm7kBQb87PX6iHBZ1O7m3bV6oKNgLwIMq94SXa/w
+NUuqikeRGvWFLELHHe+VQ7NeuJWTpdrFKKqtci0xrZlrbP+MISevrZqRK8fdWMNu
+B8WfedLHjFW/TMcnXlEWKz4=
+-----END CERTIFICATE-----
+
+// Subject: CN=Buster Paper Comercial Ltda,
+//          O=Buster Paper Comercial Ltda,
+//          L=S?o Jos? Dos Campos,
+//          ST=S?o Paulo,
+//          C=BR
+// Issuer:  CN=DigiCert Assured ID Code Signing CA-1,
+//          OU=www.digicert.com,
+//          O=DigiCert Inc,
+//          C=US
+// Serial:  07:b4:4c:db:ff:fb:78:de:05:f4:26:16:72:a6:73:12
+-----BEGIN CERTIFICATE-----
+MIIGwzCCBaugAwIBAgIQB7RM2//7eN4F9CYWcqZzEjANBgkqhkiG9w0BAQUFADBv
+MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3
+d3cuZGlnaWNlcnQuY29tMS4wLAYDVQQDEyVEaWdpQ2VydCBBc3N1cmVkIElEIENv
+ZGUgU2lnbmluZyBDQS0xMB4XDTEzMDExNzAwMDAwMFoXDTE0MDEyMjEyMDAwMFow
+gY4xCzAJBgNVBAYTAkJSMRMwEQYDVQQIDApTw6NvIFBhdWxvMR4wHAYDVQQHDBVT
+w6NvIEpvc8OpIERvcyBDYW1wb3MxJDAiBgNVBAoTG0J1c3RlciBQYXBlciBDb21l
+cmNpYWwgTHRkYTEkMCIGA1UEAxMbQnVzdGVyIFBhcGVyIENvbWVyY2lhbCBMdGRh
+MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzO0l6jWIpEfO2oUpVHpL
+HETj5lzivNb0S9jKHgGJax917czh81PnGTxwxFXd6gLJuy/XFHvmiSi8g8jzlymn
+2Ji5zQ3CPaz7nomJokSUDlMVJ2qYWtctw4jrdjuI4qtn+koXXUFkWjkf8h8251I4
+tUs7S49HE2Go5owCYP3byajj7fsFAYR/Xb7TdVtndkZsUB/YgOjHovyACjouaNCi
+mDiRyQ6zLLjZGiyeD65Yiseuhp5b8/BL5h1p7w76QYMYMVQNAdtDKut2R8MBpuWf
+Ny7Eoi0x/gm1p9X5Rcl5aN7K0G4UtTAJKbkuUfXddsyFoM0Nx8uo8SgNQ8Y/X5Jx
+BwIDAQABo4IDOTCCAzUwHwYDVR0jBBgwFoAUe2jOKarAF75JeuHlP9an90WPNTIw
+HQYDVR0OBBYEFFLZ3n5nt/Eer7n1bvtOqMb1qKO5MA4GA1UdDwEB/wQEAwIHgDAT
+BgNVHSUEDDAKBggrBgEFBQcDAzBzBgNVHR8EbDBqMDOgMaAvhi1odHRwOi8vY3Js
+My5kaWdpY2VydC5jb20vYXNzdXJlZC1jcy0yMDExYS5jcmwwM6AxoC+GLWh0dHA6
+Ly9jcmw0LmRpZ2ljZXJ0LmNvbS9hc3N1cmVkLWNzLTIwMTFhLmNybDCCAcQGA1Ud
+IASCAbswggG3MIIBswYJYIZIAYb9bAMBMIIBpDA6BggrBgEFBQcCARYuaHR0cDov
+L3d3dy5kaWdpY2VydC5jb20vc3NsLWNwcy1yZXBvc2l0b3J5Lmh0bTCCAWQGCCsG
+AQUFBwICMIIBVh6CAVIAQQBuAHkAIAB1AHMAZQAgAG8AZgAgAHQAaABpAHMAIABD
+AGUAcgB0AGkAZgBpAGMAYQB0AGUAIABjAG8AbgBzAHQAaQB0AHUAdABlAHMAIABh
+AGMAYwBlAHAAdABhAG4AYwBlACAAbwBmACAAdABoAGUAIABEAGkAZwBpAEMAZQBy
+AHQAIABDAFAALwBDAFAAUwAgAGEAbgBkACAAdABoAGUAIABSAGUAbAB5AGkAbgBn
+ACAAUABhAHIAdAB5ACAAQQBnAHIAZQBlAG0AZQBuAHQAIAB3AGgAaQBjAGgAIABs
+AGkAbQBpAHQAIABsAGkAYQBiAGkAbABpAHQAeQAgAGEAbgBkACAAYQByAGUAIABp
+AG4AYwBvAHIAcABvAHIAYQB0AGUAZAAgAGgAZQByAGUAaQBuACAAYgB5ACAAcgBl
+AGYAZQByAGUAbgBjAGUALjCBggYIKwYBBQUHAQEEdjB0MCQGCCsGAQUFBzABhhho
+dHRwOi8vb2NzcC5kaWdpY2VydC5jb20wTAYIKwYBBQUHMAKGQGh0dHA6Ly9jYWNl
+cnRzLmRpZ2ljZXJ0LmNvbS9EaWdpQ2VydEFzc3VyZWRJRENvZGVTaWduaW5nQ0Et
+MS5jcnQwDAYDVR0TAQH/BAIwADANBgkqhkiG9w0BAQUFAAOCAQEAPTTQvpOIikXI
+hTLnNbajaFRR5GhQpTzUNgBfF9VYSlNw/wMjpGsrh5RxaJCip52jbehmTgjMRhft
+jRYyml44PAVsCcR9uEoDpCZYpI1fHI1R+F8jd1C9rqprbSwwOG4xlg4SmvTHYs6e
+gBItQ/1p9XY+Sf4Wv1qOuOFL1qvV/5VyR2zdlOQCmKCeMgxt6a/tHLBDiAA67D44
+/vfdoNJl0CU2It0PO60jdCPFNWIRcxL+OSDqAoePeUC7xQ+JsTEIxuUE8+d6w6fc
+BV2mYb1flh22t46GLjh4gyo7xw3aL6L0L0jzlTT6IcEw6NIbaPbIKj/npQnHobYj
+XMuKLxbh7g==
+-----END CERTIFICATE-----
+
+// Subject: CN=BUSTER ASSISTENCIA TECNICA ELETRONICA LTDA - ME,
+//          O=BUSTER ASSISTENCIA TECNICA ELETRONICA LTDA - ME,
+//          L=S?o Paulo,
+//          ST=S?o Paulo,
+//          C=BR
+// Issuer:  CN=DigiCert Assured ID Code Signing CA-1,
+//          OU=www.digicert.com,
+//          O=DigiCert Inc,
+//          C=US
+// Serial:  0a:38:9b:95:ee:73:6d:d1:3b:c0:ed:74:3f:d7:4d:2f
+-----BEGIN CERTIFICATE-----
+MIIG4DCCBcigAwIBAgIQCjible5zbdE7wO10P9dNLzANBgkqhkiG9w0BAQUFADBv
+MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3
+d3cuZGlnaWNlcnQuY29tMS4wLAYDVQQDEyVEaWdpQ2VydCBBc3N1cmVkIElEIENv
+ZGUgU2lnbmluZyBDQS0xMB4XDTEyMTEwOTAwMDAwMFoXDTEzMTExNDEyMDAwMFow
+gasxCzAJBgNVBAYTAkJSMRMwEQYDVQQIDApTw6NvIFBhdWxvMRMwEQYDVQQHDApT
+w6NvIFBhdWxvMTgwNgYDVQQKEy9CVVNURVIgQVNTSVNURU5DSUEgVEVDTklDQSBF
+TEVUUk9OSUNBIExUREEgLSBNRTE4MDYGA1UEAxMvQlVTVEVSIEFTU0lTVEVOQ0lB
+IFRFQ05JQ0EgRUxFVFJPTklDQSBMVERBIC0gTUUwggEiMA0GCSqGSIb3DQEBAQUA
+A4IBDwAwggEKAoIBAQDAqNeEs5/B2CTXGjTOkUIdu6jV6qulOZwdw4sefHWYj1UR
+4z6zPk9kjpUgbnb402RFq88QtfInwddZ/wXn9OxMtDd/3TnC7HrhNS7ga79ZFL2V
+JnmzKHum2Yvh0q82QEJ9tHBR2X9VdKpUIH08Zs3k6cWWM1H0YX0cxA/HohhesQJW
+kwJ3urOIJiH/HeByDk8a1NS8safcCxk5vxvW4WvCg43iT09LeHY5Aa8abKw8lqVb
+0tD5ZSIjdmdj3TT1U37iAHLLRM2DXbxfdbhouUX1c5U1ZHAMA67HwjKiseOiDaHj
+NUGbC37C+cgbc9VVM/cURD8WvS0Kj6fQv7F2QtJDAgMBAAGjggM5MIIDNTAfBgNV
+HSMEGDAWgBR7aM4pqsAXvkl64eU/1qf3RY81MjAdBgNVHQ4EFgQU88EXKAyDsh30
+o9+Gu9a4xUy+FSMwDgYDVR0PAQH/BAQDAgeAMBMGA1UdJQQMMAoGCCsGAQUFBwMD
+MHMGA1UdHwRsMGowM6AxoC+GLWh0dHA6Ly9jcmwzLmRpZ2ljZXJ0LmNvbS9hc3N1
+cmVkLWNzLTIwMTFhLmNybDAzoDGgL4YtaHR0cDovL2NybDQuZGlnaWNlcnQuY29t
+L2Fzc3VyZWQtY3MtMjAxMWEuY3JsMIIBxAYDVR0gBIIBuzCCAbcwggGzBglghkgB
+hv1sAwEwggGkMDoGCCsGAQUFBwIBFi5odHRwOi8vd3d3LmRpZ2ljZXJ0LmNvbS9z
+c2wtY3BzLXJlcG9zaXRvcnkuaHRtMIIBZAYIKwYBBQUHAgIwggFWHoIBUgBBAG4A
+eQAgAHUAcwBlACAAbwBmACAAdABoAGkAcwAgAEMAZQByAHQAaQBmAGkAYwBhAHQA
+ZQAgAGMAbwBuAHMAdABpAHQAdQB0AGUAcwAgAGEAYwBjAGUAcAB0AGEAbgBjAGUA
+IABvAGYAIAB0AGgAZQAgAEQAaQBnAGkAQwBlAHIAdAAgAEMAUAAvAEMAUABTACAA
+YQBuAGQAIAB0AGgAZQAgAFIAZQBsAHkAaQBuAGcAIABQAGEAcgB0AHkAIABBAGcA
+cgBlAGUAbQBlAG4AdAAgAHcAaABpAGMAaAAgAGwAaQBtAGkAdAAgAGwAaQBhAGIA
+aQBsAGkAdAB5ACAAYQBuAGQAIABhAHIAZQAgAGkAbgBjAG8AcgBwAG8AcgBhAHQA
+ZQBkACAAaABlAHIAZQBpAG4AIABiAHkAIAByAGUAZgBlAHIAZQBuAGMAZQAuMIGC
+BggrBgEFBQcBAQR2MHQwJAYIKwYBBQUHMAGGGGh0dHA6Ly9vY3NwLmRpZ2ljZXJ0
+LmNvbTBMBggrBgEFBQcwAoZAaHR0cDovL2NhY2VydHMuZGlnaWNlcnQuY29tL0Rp
+Z2lDZXJ0QXNzdXJlZElEQ29kZVNpZ25pbmdDQS0xLmNydDAMBgNVHRMBAf8EAjAA
+MA0GCSqGSIb3DQEBBQUAA4IBAQAei1QmiXepje8OIfo/WonD4MIXgpPr2dfRaquQ
+A8q63OpTRSveyqdQDCSPpDRF/nvO1Y30yksZvIH1tNBsW5LBdxAKN3lFdBlqBwtE
+Q3jHc0KVVYRJ0FBaGE/PJHmRajscdAhYIcMPhTga0u0tDK+wOHEq3993dfl6yHjA
+XHU2iW5pnk75ZoE39zALD5eKXT8ZXrET5c3XUFJKWA+XuGmdmyzqo0Au49PanBv9
+UlZnabYfqoMArqMS0tGSX4cGgi9/2E+pHG9BX4sFW+ZDumroOA2pxyMWEKjxePEL
+zCOfhbsRWdMLYepauaNZOIMZXmFwcrIl0TGMkTAtATz+XmZc
+-----END CERTIFICATE-----
+
+// Subject: CN=CLEARESULT CONSULTING INC., OU=Corporate IT,
+//          O=CLEARESULT CONSULTING INC., L=Austin, ST=TX, C=US
+// Issuer:  SERIALNUMBER=07969287,
+//          CN=Go Daddy Secure Certification Authority,
+//          OU=http://certificates.godaddy.com/repository,
+//          O="GoDaddy.com, Inc.",
+//          L=Scottsdale,
+//          ST=Arizona,
+//          C=US
+// Serial:  2b:73:43:2a:a8:4f:44
+-----BEGIN CERTIFICATE-----
+MIIFYjCCBEqgAwIBAgIHK3NDKqhPRDANBgkqhkiG9w0BAQUFADCByjELMAkGA1UE
+BhMCVVMxEDAOBgNVBAgTB0FyaXpvbmExEzARBgNVBAcTClNjb3R0c2RhbGUxGjAY
+BgNVBAoTEUdvRGFkZHkuY29tLCBJbmMuMTMwMQYDVQQLEypodHRwOi8vY2VydGlm
+aWNhdGVzLmdvZGFkZHkuY29tL3JlcG9zaXRvcnkxMDAuBgNVBAMTJ0dvIERhZGR5
+IFNlY3VyZSBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eTERMA8GA1UEBRMIMDc5Njky
+ODcwHhcNMTIwMjE1MjEwOTA2WhcNMTQwMjE1MjEwOTA2WjCBjDELMAkGA1UEBgwC
+VVMxCzAJBgNVBAgMAlRYMQ8wDQYDVQQHDAZBdXN0aW4xIzAhBgNVBAoMGkNMRUFS
+RVNVTFQgQ09OU1VMVElORyBJTkMuMRUwEwYDVQQLDAxDb3Jwb3JhdGUgSVQxIzAh
+BgNVBAMMGkNMRUFSRVNVTFQgQ09OU1VMVElORyBJTkMuMIIBIjANBgkqhkiG9w0B
+AQEFAAOCAQ8AMIIBCgKCAQEAtIOjCKeAicull+7ZIzt0/4ya3IeXUFlfypqKMLkU
+IbKjn0P5uMj6VE3rlbZr44RCegxvdnR6umBh1c0ZXoN3o+yc0JKcKcLiApmJJ277
+p7IbLwYDhBXRQNoIJm187IOMRPIxsKN4hL91txn9jGBmW+9zKlJlNhR5R7vjwU2E
+jrH/6oqsc9EM2yYpfjlNv6+3jSwAYZCkSWr+27PQOV+YHKmIxtJjX0upFz5FdIrV
+9CCX+L2Kji1THOkSgG4QTbYxmEcHqGViWz8hXLeNXjcbEsPuIiAu3hknxRHfUTE/
+U0Lh0Ug1e3LrJu+WnxM2SmUY4krsZ22c0yWUW9hzWITIjQIDAQABo4IBhzCCAYMw
+DwYDVR0TAQH/BAUwAwEBADATBgNVHSUEDDAKBggrBgEFBQcDAzAOBgNVHQ8BAf8E
+BAMCB4AwMwYDVR0fBCwwKjAooCagJIYiaHR0cDovL2NybC5nb2RhZGR5LmNvbS9n
+ZHM1LTE2LmNybDBTBgNVHSAETDBKMEgGC2CGSAGG/W0BBxcCMDkwNwYIKwYBBQUH
+AgEWK2h0dHA6Ly9jZXJ0aWZpY2F0ZXMuZ29kYWRkeS5jb20vcmVwb3NpdG9yeS8w
+gYAGCCsGAQUFBwEBBHQwcjAkBggrBgEFBQcwAYYYaHR0cDovL29jc3AuZ29kYWRk
+eS5jb20vMEoGCCsGAQUFBzAChj5odHRwOi8vY2VydGlmaWNhdGVzLmdvZGFkZHku
+Y29tL3JlcG9zaXRvcnkvZ2RfaW50ZXJtZWRpYXRlLmNydDAfBgNVHSMEGDAWgBT9
+rGEyk2xF1uLuhV+auud2mWjM5zAdBgNVHQ4EFgQUDtdeKqeN2QkcbEp1HovFieNB
+XiowDQYJKoZIhvcNAQEFBQADggEBAD74Agw5tvi2aBl4/f/s7/VE/BClzDsKMb9K
+v9qpeC45ZA/jelxV11HKbQnVF194gDb7D2H9OsAsRUy8HVKbXEcc/8dKvwOqb+BC
+2i/EmfjLgmCfezNFtLq8xcPxF3zIRc44vPrK0z4YZsaHdH+yTEJ51p5EMdTqaLaP
+4n5m8LX3RfqlQB9dYFe6dUoYZjKm9d/pIRww3VqfOzjl42Edi1w6dWmBVMx1NZuR
+DBabJH1vJ9Gd+KwxMCmBZ6pQPl28JDimhJhI2LNqU349uADQVV0HJosddN/ARyyI
+LSIQO7BnNVKVG9Iujf33bvPNeg0qNz5qw+rKKq97Pqeum+L5oKU=
+-----END CERTIFICATE-----
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/make/gendata/GendataBlacklistedCerts.gmk	Thu Jul 10 12:40:48 2014 -0700
@@ -0,0 +1,36 @@
+#
+# Copyright (c) 2014, Oracle and/or its affiliates. All rights reserved.
+# DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
+#
+# This code is free software; you can redistribute it and/or modify it
+# under the terms of the GNU General Public License version 2 only, as
+# published by the Free Software Foundation.  Oracle designates this
+# particular file as subject to the "Classpath" exception as provided
+# by Oracle in the LICENSE file that accompanied this code.
+#
+# This code is distributed in the hope that it will be useful, but WITHOUT
+# ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
+# FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
+# version 2 for more details (a copy is included in the LICENSE file that
+# accompanied this code).
+#
+# You should have received a copy of the GNU General Public License version
+# 2 along with this work; if not, write to the Free Software Foundation,
+# Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+#
+# Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
+# or visit www.oracle.com if you need additional information or have any
+# questions.
+#
+
+GENDATA_BLACKLISTED_CERTS_SRC := $(JDK_TOPDIR)/make/data/blacklistedcertsconverter/blacklisted.certs.pem
+GENDATA_BLACKLISTED_CERTS := $(JDK_OUTPUTDIR)/lib/security/blacklisted.certs
+
+ifndef OPENJDK
+	GENDATA_BLACKLISTED_CERTS_SRC += $(wildcard $(JDK_TOPDIR)/make/closed/data/blacklistedcertsconverter/blacklisted.certs.pem)
+endif
+ 
+$(GENDATA_BLACKLISTED_CERTS): $(BUILD_TOOLS) $(GENDATA_BLACKLISTED_CERTS_SRC)
+	$(ECHO) "Generating blacklisted certs"
+	$(MKDIR) -p $(@D)
+	($(CAT) $(GENDATA_BLACKLISTED_CERTS_SRC) | $(TOOL_BLACKLISTED_CERTS) > $@) || exit 1
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/make/src/classes/build/tools/blacklistedcertsconverter/BlacklistedCertsConverter.java	Thu Jul 10 12:40:48 2014 -0700
@@ -0,0 +1,111 @@
+/*
+ * Copyright (c) 2013, Oracle and/or its affiliates. All rights reserved.
+ * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
+ *
+ * This code is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License version 2 only, as
+ * published by the Free Software Foundation.
+ *
+ * This code is distributed in the hope that it will be useful, but WITHOUT
+ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
+ * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
+ * version 2 for more details (a copy is included in the LICENSE file that
+ * accompanied this code).
+ *
+ * You should have received a copy of the GNU General Public License version
+ * 2 along with this work; if not, write to the Free Software Foundation,
+ * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+ *
+ * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
+ * or visit www.oracle.com if you need additional information or have any
+ * questions.
+ */
+
+package build.tools.blacklistedcertsconverter;
+
+import java.security.MessageDigest;
+import java.security.cert.Certificate;
+import java.security.cert.CertificateFactory;
+import java.security.cert.X509Certificate;
+import java.util.Collection;
+import java.util.Set;
+import java.util.TreeSet;
+
+
+/**
+ * Converts blacklisted.certs.pem from System.in to blacklisted.certs in
+ * System.out. The input must start with a #! line including the fingerprint
+ * algorithm. The output is sorted and unique.
+ */
+public class BlacklistedCertsConverter {
+
+    public static void main(String[] args) throws Exception {
+
+        byte[] pattern = "#! java BlacklistedCertsConverter ".getBytes();
+        String mdAlg = "";
+
+        for (int i=0; ; i++) {
+            int n = System.in.read();
+            if (n < 0) {
+                throw new Exception("Unexpected EOF");
+            }
+            if (i < pattern.length) {
+                if (n != pattern[i]) {
+                    throw new Exception("The first line must start with \""
+                            + new String(pattern) + "\"");
+                }
+            } else if (i < pattern.length + 100) {
+                if (n < 32) {
+                    break;
+                } else {
+                    mdAlg = mdAlg + String.format("%c", n);
+                }
+            }
+        }
+
+        mdAlg = mdAlg.trim();
+        System.out.println("Algorithm=" + mdAlg);
+
+        CertificateFactory cf = CertificateFactory.getInstance("X.509");
+        Collection<? extends Certificate> certs
+                = cf.generateCertificates(System.in);
+
+        // Output sorted so that it's easy to locate an entry.
+        Set<String> fingerprints = new TreeSet<>();
+        for (Certificate cert: certs) {
+            fingerprints.add(
+                    getCertificateFingerPrint(mdAlg, (X509Certificate)cert));
+        }
+
+        for (String s: fingerprints) {
+            System.out.println(s);
+        }
+    }
+
+    /**
+     * Converts a byte to hex digit and writes to the supplied buffer
+     */
+    private static void byte2hex(byte b, StringBuffer buf) {
+        char[] hexChars = { '0', '1', '2', '3', '4', '5', '6', '7', '8',
+                '9', 'A', 'B', 'C', 'D', 'E', 'F' };
+        int high = ((b & 0xf0) >> 4);
+        int low = (b & 0x0f);
+        buf.append(hexChars[high]);
+        buf.append(hexChars[low]);
+    }
+
+    /**
+     * Gets the requested finger print of the certificate.
+     */
+    private static String getCertificateFingerPrint(
+            String mdAlg, X509Certificate cert) throws Exception {
+        byte[] encCertInfo = cert.getEncoded();
+        MessageDigest md = MessageDigest.getInstance(mdAlg);
+        byte[] digest = md.digest(encCertInfo);
+        StringBuffer buf = new StringBuffer();
+        for (int i = 0; i < digest.length; i++) {
+            byte2hex(digest[i], buf);
+        }
+        return buf.toString();
+    }
+}
--- a/src/share/classes/com/sun/crypto/provider/JceKeyStore.java	Thu Jul 10 12:13:26 2014 -0700
+++ b/src/share/classes/com/sun/crypto/provider/JceKeyStore.java	Thu Jul 10 12:40:48 2014 -0700
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 1998, 2011, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 1998, 2014, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -107,7 +107,7 @@
     {
         Key key = null;
 
-        Object entry = entries.get(alias.toLowerCase());
+        Object entry = entries.get(alias.toLowerCase(Locale.ENGLISH));
 
         if (!((entry instanceof PrivateKeyEntry) ||
               (entry instanceof SecretKeyEntry))) {
@@ -150,7 +150,7 @@
     {
         Certificate[] chain = null;
 
-        Object entry = entries.get(alias.toLowerCase());
+        Object entry = entries.get(alias.toLowerCase(Locale.ENGLISH));
 
         if ((entry instanceof PrivateKeyEntry)
             && (((PrivateKeyEntry)entry).chain != null)) {
@@ -178,7 +178,7 @@
     public Certificate engineGetCertificate(String alias) {
         Certificate cert = null;
 
-        Object entry = entries.get(alias.toLowerCase());
+        Object entry = entries.get(alias.toLowerCase(Locale.ENGLISH));
 
         if (entry != null) {
             if (entry instanceof TrustedCertEntry) {
@@ -203,7 +203,7 @@
     public Date engineGetCreationDate(String alias) {
         Date date = null;
 
-        Object entry = entries.get(alias.toLowerCase());
+        Object entry = entries.get(alias.toLowerCase(Locale.ENGLISH));
 
         if (entry != null) {
             // We have to create a new instance of java.util.Date because
@@ -266,7 +266,7 @@
                     }
 
                     // store the entry
-                    entries.put(alias.toLowerCase(), entry);
+                    entries.put(alias.toLowerCase(Locale.ENGLISH), entry);
 
                 } else {
                     SecretKeyEntry entry = new SecretKeyEntry();
@@ -274,7 +274,7 @@
 
                     // seal and store the key
                     entry.sealedKey = keyProtector.seal(key);
-                    entries.put(alias.toLowerCase(), entry);
+                    entries.put(alias.toLowerCase(Locale.ENGLISH), entry);
                 }
 
             } catch (Exception e) {
@@ -322,7 +322,7 @@
                 entry.chain = null;
             }
 
-            entries.put(alias.toLowerCase(), entry);
+            entries.put(alias.toLowerCase(Locale.ENGLISH), entry);
         }
     }
 
@@ -345,7 +345,7 @@
     {
         synchronized(entries) {
 
-            Object entry = entries.get(alias.toLowerCase());
+            Object entry = entries.get(alias.toLowerCase(Locale.ENGLISH));
             if (entry != null) {
                 if (entry instanceof PrivateKeyEntry) {
                     throw new KeyStoreException("Cannot overwrite own "
@@ -358,7 +358,7 @@
             TrustedCertEntry trustedCertEntry = new TrustedCertEntry();
             trustedCertEntry.cert = cert;
             trustedCertEntry.date = new Date();
-            entries.put(alias.toLowerCase(), trustedCertEntry);
+            entries.put(alias.toLowerCase(Locale.ENGLISH), trustedCertEntry);
         }
     }
 
@@ -373,7 +373,7 @@
         throws KeyStoreException
     {
         synchronized(entries) {
-            entries.remove(alias.toLowerCase());
+            entries.remove(alias.toLowerCase(Locale.ENGLISH));
         }
     }
 
@@ -394,7 +394,7 @@
      * @return true if the alias exists, false otherwise
      */
     public boolean engineContainsAlias(String alias) {
-        return entries.containsKey(alias.toLowerCase());
+        return entries.containsKey(alias.toLowerCase(Locale.ENGLISH));
     }
 
     /**
@@ -416,7 +416,7 @@
     public boolean engineIsKeyEntry(String alias) {
         boolean isKey = false;
 
-        Object entry = entries.get(alias.toLowerCase());
+        Object entry = entries.get(alias.toLowerCase(Locale.ENGLISH));
         if ((entry instanceof PrivateKeyEntry)
             || (entry instanceof SecretKeyEntry)) {
             isKey = true;
@@ -434,7 +434,7 @@
      */
     public boolean engineIsCertificateEntry(String alias) {
         boolean isCert = false;
-        Object entry = entries.get(alias.toLowerCase());
+        Object entry = entries.get(alias.toLowerCase(Locale.ENGLISH));
         if (entry instanceof TrustedCertEntry) {
             isCert = true;
         }
--- a/src/share/classes/com/sun/crypto/provider/PBEKey.java	Thu Jul 10 12:13:26 2014 -0700
+++ b/src/share/classes/com/sun/crypto/provider/PBEKey.java	Thu Jul 10 12:40:48 2014 -0700
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 1997, 2012, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 1997, 2014, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -27,6 +27,7 @@
 
 import java.security.KeyRep;
 import java.security.spec.InvalidKeySpecException;
+import java.util.Locale;
 import javax.crypto.SecretKey;
 import javax.crypto.spec.PBEKeySpec;
 
@@ -91,7 +92,7 @@
         for (int i = 1; i < this.key.length; i++) {
             retval += this.key[i] * i;
         }
-        return(retval ^= getAlgorithm().toLowerCase().hashCode());
+        return(retval ^= getAlgorithm().toLowerCase(Locale.ENGLISH).hashCode());
     }
 
     public boolean equals(Object obj) {
--- a/src/share/classes/com/sun/crypto/provider/PBEKeyFactory.java	Thu Jul 10 12:13:26 2014 -0700
+++ b/src/share/classes/com/sun/crypto/provider/PBEKeyFactory.java	Thu Jul 10 12:40:48 2014 -0700
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 1997, 2012, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 1997, 2014, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -32,6 +32,7 @@
 import javax.crypto.SecretKeyFactorySpi;
 import javax.crypto.spec.PBEKeySpec;
 import java.util.HashSet;
+import java.util.Locale;
 
 /**
  * This class implements a key factory for PBE keys according to PKCS#5,
@@ -56,24 +57,24 @@
 
     static {
         validTypes = new HashSet<String>(17);
-        validTypes.add("PBEWithMD5AndDES".toUpperCase());
-        validTypes.add("PBEWithSHA1AndDESede".toUpperCase());
-        validTypes.add("PBEWithSHA1AndRC2_40".toUpperCase());
-        validTypes.add("PBEWithSHA1AndRC2_128".toUpperCase());
-        validTypes.add("PBEWithSHA1AndRC4_40".toUpperCase());
-        validTypes.add("PBEWithSHA1AndRC4_128".toUpperCase());
+        validTypes.add("PBEWithMD5AndDES".toUpperCase(Locale.ENGLISH));
+        validTypes.add("PBEWithSHA1AndDESede".toUpperCase(Locale.ENGLISH));
+        validTypes.add("PBEWithSHA1AndRC2_40".toUpperCase(Locale.ENGLISH));
+        validTypes.add("PBEWithSHA1AndRC2_128".toUpperCase(Locale.ENGLISH));
+        validTypes.add("PBEWithSHA1AndRC4_40".toUpperCase(Locale.ENGLISH));
+        validTypes.add("PBEWithSHA1AndRC4_128".toUpperCase(Locale.ENGLISH));
         // Proprietary algorithm.
-        validTypes.add("PBEWithMD5AndTripleDES".toUpperCase());
-        validTypes.add("PBEWithHmacSHA1AndAES_128".toUpperCase());
-        validTypes.add("PBEWithHmacSHA224AndAES_128".toUpperCase());
-        validTypes.add("PBEWithHmacSHA256AndAES_128".toUpperCase());
-        validTypes.add("PBEWithHmacSHA384AndAES_128".toUpperCase());
-        validTypes.add("PBEWithHmacSHA512AndAES_128".toUpperCase());
-        validTypes.add("PBEWithHmacSHA1AndAES_256".toUpperCase());
-        validTypes.add("PBEWithHmacSHA224AndAES_256".toUpperCase());
-        validTypes.add("PBEWithHmacSHA256AndAES_256".toUpperCase());
-        validTypes.add("PBEWithHmacSHA384AndAES_256".toUpperCase());
-        validTypes.add("PBEWithHmacSHA512AndAES_256".toUpperCase());
+        validTypes.add("PBEWithMD5AndTripleDES".toUpperCase(Locale.ENGLISH));
+        validTypes.add("PBEWithHmacSHA1AndAES_128".toUpperCase(Locale.ENGLISH));
+        validTypes.add("PBEWithHmacSHA224AndAES_128".toUpperCase(Locale.ENGLISH));
+        validTypes.add("PBEWithHmacSHA256AndAES_128".toUpperCase(Locale.ENGLISH));
+        validTypes.add("PBEWithHmacSHA384AndAES_128".toUpperCase(Locale.ENGLISH));
+        validTypes.add("PBEWithHmacSHA512AndAES_128".toUpperCase(Locale.ENGLISH));
+        validTypes.add("PBEWithHmacSHA1AndAES_256".toUpperCase(Locale.ENGLISH));
+        validTypes.add("PBEWithHmacSHA224AndAES_256".toUpperCase(Locale.ENGLISH));
+        validTypes.add("PBEWithHmacSHA256AndAES_256".toUpperCase(Locale.ENGLISH));
+        validTypes.add("PBEWithHmacSHA384AndAES_256".toUpperCase(Locale.ENGLISH));
+        validTypes.add("PBEWithHmacSHA512AndAES_256".toUpperCase(Locale.ENGLISH));
     }
 
     public static final class PBEWithMD5AndDES
@@ -237,7 +238,7 @@
     protected KeySpec engineGetKeySpec(SecretKey key, Class<?> keySpecCl)
         throws InvalidKeySpecException {
         if ((key instanceof SecretKey)
-            && (validTypes.contains(key.getAlgorithm().toUpperCase()))
+            && (validTypes.contains(key.getAlgorithm().toUpperCase(Locale.ENGLISH)))
             && (key.getFormat().equalsIgnoreCase("RAW"))) {
 
             // Check if requested key spec is amongst the valid ones
@@ -279,7 +280,7 @@
     {
         try {
             if ((key != null) &&
-                (validTypes.contains(key.getAlgorithm().toUpperCase())) &&
+                (validTypes.contains(key.getAlgorithm().toUpperCase(Locale.ENGLISH))) &&
                 (key.getFormat().equalsIgnoreCase("RAW"))) {
 
                 // Check if key originates from this factory
--- a/src/share/classes/com/sun/crypto/provider/PBKDF2KeyImpl.java	Thu Jul 10 12:13:26 2014 -0700
+++ b/src/share/classes/com/sun/crypto/provider/PBKDF2KeyImpl.java	Thu Jul 10 12:40:48 2014 -0700
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2005, 2013, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2005, 2014, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -30,6 +30,7 @@
 import java.nio.CharBuffer;
 import java.nio.charset.Charset;
 import java.util.Arrays;
+import java.util.Locale;
 import java.security.KeyRep;
 import java.security.GeneralSecurityException;
 import java.security.NoSuchAlgorithmException;
@@ -143,7 +144,7 @@
                 @Override
                 public int hashCode() {
                     return Arrays.hashCode(password) * 41 +
-                            prf.getAlgorithm().toLowerCase().hashCode();
+                      prf.getAlgorithm().toLowerCase(Locale.ENGLISH).hashCode();
                 }
                 @Override
                 public boolean equals(Object obj) {
@@ -221,7 +222,7 @@
         for (int i = 1; i < this.key.length; i++) {
             retval += this.key[i] * i;
         }
-        return(retval ^= getAlgorithm().toLowerCase().hashCode());
+        return(retval ^= getAlgorithm().toLowerCase(Locale.ENGLISH).hashCode());
     }
 
     public boolean equals(Object obj) {
--- a/src/share/classes/com/sun/jndi/ldap/Connection.java	Thu Jul 10 12:13:26 2014 -0700
+++ b/src/share/classes/com/sun/jndi/ldap/Connection.java	Thu Jul 10 12:40:48 2014 -0700
@@ -111,6 +111,7 @@
 
     private static final boolean debug = false;
     private static final int dump = 0; // > 0 r, > 1 rw
+    public static final long DEFAULT_READ_TIMEOUT_MILLIS = 15 * 1000; // 15 second timeout;
 
 
     final private Thread worker;    // Initialized in constructor
@@ -460,7 +461,7 @@
                             // available
                             ldr.wait(readTimeout);
                         } else {
-                            ldr.wait(15 * 1000); // 15 second timeout
+                            ldr.wait(DEFAULT_READ_TIMEOUT_MILLIS);
                         }
                         waited = true;
                     } else {
--- a/src/share/classes/com/sun/security/ntlm/Client.java	Thu Jul 10 12:13:26 2014 -0700
+++ b/src/share/classes/com/sun/security/ntlm/Client.java	Thu Jul 10 12:40:48 2014 -0700
@@ -46,7 +46,7 @@
     final private String hostname;
     final private String username;
 
-    private String domain;    // might be updated by Type 2 msg
+    private String domain;
     private byte[] pw1, pw2;
 
     /**
@@ -82,7 +82,7 @@
         }
         this.hostname = hostname;
         this.username = username;
-        this.domain = domain;
+        this.domain = domain == null ? "" : domain;
         this.pw1 = getP1(password);
         this.pw2 = getP2(password);
         debug("NTLM Client: (h,u,t,version(v)) = (%s,%s,%s,%s(%s))\n",
@@ -95,19 +95,13 @@
      */
     public byte[] type1() {
         Writer p = new Writer(1, 32);
-        int flags = 0x8203;
-        if (hostname != null) {
-            flags |= 0x2000;
-        }
-        if (domain != null) {
-            flags |= 0x1000;
-        }
+        // Negotiate always sign, Negotiate NTLM,
+        // Request Target, Negotiate OEM, Negotiate unicode
+        int flags = 0x8207;
         if (v != Version.NTLM) {
             flags |= 0x80000;
         }
         p.writeInt(12, flags);
-        p.writeSecurityBuffer(24, hostname, false);
-        p.writeSecurityBuffer(16, domain, false);
         debug("NTLM Client: Type 1 created\n");
         debug(p.getBytes());
         return p.getBytes();
@@ -133,13 +127,10 @@
         byte[] challenge = r.readBytes(24, 8);
         int inputFlags = r.readInt(20);
         boolean unicode = (inputFlags & 1) == 1;
-        String domainFromServer = r.readSecurityBuffer(12, unicode);
-        if (domainFromServer != null) {
-            domain = domainFromServer;
-        }
-        if (domain == null) {
-            domain = "";
-        }
+
+        // IE uses domainFromServer to generate an alist if server has not
+        // provided one. Firefox/WebKit do not. Neither do we.
+        //String domainFromServer = r.readSecurityBuffer(12, unicode);
 
         int flags = 0x88200 | (inputFlags & 3);
         Writer p = new Writer(3, 64);
@@ -163,7 +154,9 @@
             if (writeLM) lm = calcV2(nthash,
                     username.toUpperCase(Locale.US)+domain, nonce, challenge);
             if (writeNTLM) {
-                byte[] alist = type2.length > 48 ?
+                // Some client create a alist even if server does not send
+                // one: (i16)2 (i16)len target_in_unicode (i16)0 (i16) 0
+                byte[] alist = ((inputFlags & 0x800000) != 0) ?
                     r.readSecurityBuffer(40) : new byte[0];
                 byte[] blob = new byte[32+alist.length];
                 System.arraycopy(new byte[]{1,1,0,0,0,0,0,0}, 0, blob, 0, 8);
--- a/src/share/classes/com/sun/security/ntlm/Server.java	Thu Jul 10 12:13:26 2014 -0700
+++ b/src/share/classes/com/sun/security/ntlm/Server.java	Thu Jul 10 12:40:48 2014 -0700
@@ -1,3 +1,4 @@
+
 /*
  * Copyright (c) 2010, 2012, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
@@ -92,7 +93,9 @@
         debug("NTLM Server: Type 1 received\n");
         if (type1 != null) debug(type1);
         Writer p = new Writer(2, 32);
-        int flags = 0x80205;
+        // Negotiate NTLM2 Key, Target Type Domain,
+        // Negotiate NTLM, Request Target, Negotiate unicode
+        int flags = 0x90205;
         p.writeSecurityBuffer(12, domain, true);
         p.writeInt(20, flags);
         p.writeBytes(24, nonce);
@@ -127,8 +130,9 @@
                     "Wrong domain: " + incomingDomain +
                     " vs " + domain); // Needed?
         }*/
+
         boolean verified = false;
-        char[] password = getPassword(domain, username);
+        char[] password = getPassword(incomingDomain, username);
         if (password == null) {
             throw new NTLMException(NTLMException.USER_UNKNOWN,
                     "Unknown user");
@@ -179,6 +183,8 @@
                 }
             }
             if (incomingNTLM.length > 0) {
+                // We didn't sent alist in type2(), so there
+                // is nothing to check here.
                 byte[] clientBlob = Arrays.copyOfRange(
                         incomingNTLM, 16, incomingNTLM.length);
                 byte[] ntlmresponse = calcV2(nthash,
--- a/src/share/classes/com/sun/security/sasl/gsskerb/GssKrb5Base.java	Thu Jul 10 12:13:26 2014 -0700
+++ b/src/share/classes/com/sun/security/sasl/gsskerb/GssKrb5Base.java	Thu Jul 10 12:40:48 2014 -0700
@@ -26,11 +26,14 @@
 
 package com.sun.security.sasl.gsskerb;
 
+import java.util.Locale;
 import java.util.Map;
 import java.util.logging.Level;
 import javax.security.sasl.*;
 import com.sun.security.sasl.util.AbstractSaslImpl;
 import org.ietf.jgss.*;
+import com.sun.security.jgss.ExtendedGSSContext;
+import com.sun.security.jgss.InquireType;
 
 abstract class GssKrb5Base extends AbstractSaslImpl {
 
@@ -61,6 +64,36 @@
         return "GSSAPI";
     }
 
+    @Override
+    public Object getNegotiatedProperty(String propName) {
+        if (!completed) {
+            throw new IllegalStateException("Authentication incomplete");
+        }
+        String xprefix = "com.sun.security.jgss.inquiretype.";
+        if (propName.startsWith(xprefix)) {
+            String type = propName.substring(xprefix.length());
+            if (logger.isLoggable(Level.FINEST)) {
+                logger.logp(Level.FINE, "GssKrb5Base",
+                        "getNegotiatedProperty", propName);
+            }
+            for (InquireType t: InquireType.values()) {
+                if (t.name().toLowerCase(Locale.US).equals(type)) {
+                    try {
+                        return ((ExtendedGSSContext)secCtx).inquireSecContext(t);
+                    } catch (GSSException e) {
+                        if (logger.isLoggable(Level.FINEST)) {
+                            logger.log(Level.WARNING, "inquireSecContext error", e);
+                        }
+                        return null;
+                    }
+                }
+            }
+            // No such InquireType. Although not likely to be defined
+            // as a property in a parent class, still try it.
+        }
+        return super.getNegotiatedProperty(propName);
+    }
+
     public byte[] unwrap(byte[] incoming, int start, int len)
         throws SaslException {
         if (!completed) {
--- a/src/share/classes/com/sun/security/sasl/ntlm/NTLMClient.java	Thu Jul 10 12:13:26 2014 -0700
+++ b/src/share/classes/com/sun/security/sasl/ntlm/NTLMClient.java	Thu Jul 10 12:40:48 2014 -0700
@@ -160,9 +160,17 @@
             }
         }
         try {
+            String name = ncb.getName();
+            if (name == null) {
+                name = authzid;
+            }
+            String domain = dcb.getText();
+            if (domain == null) {
+                domain = serverName;
+            }
             client = new Client(version, hostname,
-                    ncb.getName(),
-                    dcb.getText(),
+                    name,
+                    domain,
                     pcb.getPassword());
         } catch (NTLMException ne) {
             throw new SaslException(
--- a/src/share/classes/com/sun/security/sasl/ntlm/NTLMServer.java	Thu Jul 10 12:13:26 2014 -0700
+++ b/src/share/classes/com/sun/security/sasl/ntlm/NTLMServer.java	Thu Jul 10 12:40:48 2014 -0700
@@ -141,8 +141,10 @@
             server = new Server(version, domain) {
                 public char[] getPassword(String ntdomain, String username) {
                     try {
-                        RealmCallback rcb = new RealmCallback(
-                                "Domain: ", ntdomain);
+                        RealmCallback rcb =
+                                (ntdomain == null || ntdomain.isEmpty())
+                                    ? new RealmCallback("Domain: ")
+                                    : new RealmCallback("Domain: ", ntdomain);
                         NameCallback ncb = new NameCallback(
                                 "Name: ", username);
                         PasswordCallback pcb = new PasswordCallback(
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/src/share/classes/java/awt/font/JavaAWTFontAccessImpl.java	Thu Jul 10 12:40:48 2014 -0700
@@ -0,0 +1,57 @@
+/*
+ * Copyright (c) 2014, Oracle and/or its affiliates. All rights reserved.
+ * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
+ *
+ * This code is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License version 2 only, as
+ * published by the Free Software Foundation.  Oracle designates this
+ * particular file as subject to the "Classpath" exception as provided
+ * by Oracle in the LICENSE file that accompanied this code.
+ *
+ * This code is distributed in the hope that it will be useful, but WITHOUT
+ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
+ * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
+ * version 2 for more details (a copy is included in the LICENSE file that
+ * accompanied this code).
+ *
+ * You should have received a copy of the GNU General Public License version
+ * 2 along with this work; if not, write to the Free Software Foundation,
+ * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+ *
+ * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
+ * or visit www.oracle.com if you need additional information or have any
+ * questions.
+ */
+
+package java.awt.font;
+
+import java.lang.reflect.Field;
+import sun.misc.JavaAWTFontAccess;
+
+class JavaAWTFontAccessImpl implements sun.misc.JavaAWTFontAccess {
+
+    // java.awt.font.TextAttribute constants
+    public Object getTextAttributeConstant(String name) {
+        switch (name) {
+        case "RUN_DIRECTION":
+        case "NUMERIC_SHAPING":
+        case "BIDI_EMBEDDING":
+        case "RUN_DIRECTION_LTR":
+            try {
+                Field f = TextAttribute.class.getField(name);
+                return f.get(null);
+            } catch (NoSuchFieldException | IllegalAccessException x) {
+                throw new AssertionError(x);
+            }
+        }
+
+        throw new AssertionError("Constant name is not recognized");
+    }
+
+    // java.awt.font.NumericShaper
+    public void shape(Object shaper, char[] text, int start, int count) {
+        assert shaper instanceof NumericShaper;
+        ((NumericShaper)shaper).shape(text, start,count);
+    }
+
+}
--- a/src/share/classes/java/awt/font/NumericShaper.java	Thu Jul 10 12:13:26 2014 -0700
+++ b/src/share/classes/java/awt/font/NumericShaper.java	Thu Jul 10 12:40:48 2014 -0700
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2000, 2013, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2000, 2014, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -31,6 +31,7 @@
 import java.util.Comparator;
 import java.util.EnumSet;
 import java.util.Set;
+import sun.misc.SharedSecrets;
 
 /**
  * The <code>NumericShaper</code> class is used to convert Latin-1 (European)
@@ -134,6 +135,14 @@
  */
 
 public final class NumericShaper implements java.io.Serializable {
+
+    // For access from java.text.Bidi
+    static {
+        if (SharedSecrets.getJavaAWTFontAccess() == null) {
+            SharedSecrets.setJavaAWTFontAccess(new JavaAWTFontAccessImpl());
+        }
+    }
+
     /**
      * A {@code NumericShaper.Range} represents a Unicode range of a
      * script having its own decimal digits. For example, the {@link
--- a/src/share/classes/java/awt/font/TextAttribute.java	Thu Jul 10 12:13:26 2014 -0700
+++ b/src/share/classes/java/awt/font/TextAttribute.java	Thu Jul 10 12:40:48 2014 -0700
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 1997, 2013, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 1997, 2014, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -44,6 +44,7 @@
 import java.text.AttributedCharacterIterator.Attribute;
 import java.util.Map;
 import java.util.HashMap;
+import sun.misc.SharedSecrets;
 
 /**
  * The <code>TextAttribute</code> class defines attribute keys and
@@ -257,6 +258,13 @@
     private static final Map<String, TextAttribute>
             instanceMap = new HashMap<String, TextAttribute>(29);
 
+    // For access from java.text.Bidi
+    static {
+        if (SharedSecrets.getJavaAWTFontAccess() == null) {
+            SharedSecrets.setJavaAWTFontAccess(new JavaAWTFontAccessImpl());
+        }
+    }
+
     /**
      * Constructs a <code>TextAttribute</code> with the specified name.
      * @param name the attribute name to assign to this
--- a/src/share/classes/java/lang/Class.java	Thu Jul 10 12:13:26 2014 -0700
+++ b/src/share/classes/java/lang/Class.java	Thu Jul 10 12:40:48 2014 -0700
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 1994, 2013, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 1994, 2014, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -130,11 +130,15 @@
     }
 
     /*
-     * Constructor. Only the Java Virtual Machine creates Class
-     * objects.
+     * Private constructor. Only the Java Virtual Machine creates Class objects.
+     * This constructor is not used and prevents the default constructor being
+     * generated.
      */
-    private Class() {}
-
+    private Class(ClassLoader loader) {
+        // Initialize final field for classLoader.  The initialization value of non-null
+        // prevents future JIT optimizations from assuming this final field is null.
+        classLoader = loader;
+    }
 
     /**
      * Converts the object to a string. The string representation is the
@@ -677,8 +681,10 @@
     }
 
     // Package-private to allow ClassLoader access
-    native ClassLoader getClassLoader0();
-
+    ClassLoader getClassLoader0() { return classLoader; }
+
+    // Initialized in JVM not by private constructor
+    private final ClassLoader classLoader;
 
     /**
      * Returns an array of {@code TypeVariable} objects that represent the
--- a/src/share/classes/java/lang/reflect/AccessibleObject.java	Thu Jul 10 12:13:26 2014 -0700
+++ b/src/share/classes/java/lang/reflect/AccessibleObject.java	Thu Jul 10 12:40:48 2014 -0700
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 1997, 2013, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 1997, 2014, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -129,16 +129,24 @@
         setAccessible0(this, flag);
     }
 
-    /* Check that you aren't exposing java.lang.Class.<init>. */
+    /* Check that you aren't exposing java.lang.Class.<init> or sensitive
+       fields in java.lang.Class. */
     private static void setAccessible0(AccessibleObject obj, boolean flag)
         throws SecurityException
     {
         if (obj instanceof Constructor && flag == true) {
             Constructor<?> c = (Constructor<?>)obj;
             if (c.getDeclaringClass() == Class.class) {
-                throw new SecurityException("Can not make a java.lang.Class" +
+                throw new SecurityException("Cannot make a java.lang.Class" +
                                             " constructor accessible");
             }
+        } else if (obj instanceof Field && flag == true) {
+            Field f = (Field)obj;
+            if (f.getDeclaringClass() == Class.class &&
+                f.getName().equals("classLoader")) {
+                throw new SecurityException("Cannot make java.lang.Class.classLoader" +
+                                            " accessible");
+            }
         }
         obj.override = flag;
     }
--- a/src/share/classes/java/net/URL.java	Thu Jul 10 12:13:26 2014 -0700
+++ b/src/share/classes/java/net/URL.java	Thu Jul 10 12:40:48 2014 -0700
@@ -1071,7 +1071,7 @@
     /**
      * The URLStreamHandler factory.
      */
-    static URLStreamHandlerFactory factory;
+    private static volatile URLStreamHandlerFactory factory;
 
     /**
      * Sets an application's {@code URLStreamHandlerFactory}.
@@ -1106,6 +1106,7 @@
                 security.checkSetFactory();
             }
             handlers.clear();
+            // safe publication of URLStreamHandlerFactory with volatile write
             factory = fac;
         }
     }
@@ -1127,9 +1128,11 @@
 
             boolean checkedWithFactory = false;
 
-            // Use the factory (if any)
-            if (factory != null) {
-                handler = factory.createURLStreamHandler(protocol);
+            // Use the factory (if any). Volatile read makes
+            // URLStreamHandlerFactory appear fully initialized to current thread.
+            URLStreamHandlerFactory fac = factory;
+            if (fac != null) {
+                handler = fac.createURLStreamHandler(protocol);
                 checkedWithFactory = true;
             }
 
@@ -1193,8 +1196,8 @@
 
                 // Check with factory if another thread set a
                 // factory since our last check
-                if (!checkedWithFactory && factory != null) {
-                    handler2 = factory.createURLStreamHandler(protocol);
+                if (!checkedWithFactory && (fac = factory) != null) {
+                    handler2 = fac.createURLStreamHandler(protocol);
                 }
 
                 if (handler2 != null) {
--- a/src/share/classes/java/util/logging/FileHandler.java	Thu Jul 10 12:13:26 2014 -0700
+++ b/src/share/classes/java/util/logging/FileHandler.java	Thu Jul 10 12:40:48 2014 -0700
@@ -25,6 +25,7 @@
 
 package java.util.logging;
 
+import static java.nio.file.StandardOpenOption.APPEND;
 import static java.nio.file.StandardOpenOption.CREATE_NEW;
 import static java.nio.file.StandardOpenOption.WRITE;
 
@@ -34,10 +35,17 @@
 import java.io.IOException;
 import java.io.OutputStream;
 import java.nio.channels.FileChannel;
+import java.nio.channels.OverlappingFileLockException;
 import java.nio.file.FileAlreadyExistsException;
+import java.nio.file.Files;
+import java.nio.file.LinkOption;
+import java.nio.file.NoSuchFileException;
+import java.nio.file.Path;
 import java.nio.file.Paths;
 import java.security.AccessController;
 import java.security.PrivilegedAction;
+import java.util.HashSet;
+import java.util.Set;
 
 /**
  * Simple file logging <tt>Handler</tt>.
@@ -149,7 +157,7 @@
     private FileChannel lockFileChannel;
     private File files[];
     private static final int MAX_LOCKS = 100;
-    private static final java.util.HashMap<String, String> locks = new java.util.HashMap<>();
+    private static final Set<String> locks = new HashSet<>();
 
     /**
      * A metered stream is a subclass of OutputStream that
@@ -428,34 +436,80 @@
             // between processes (and not within a process), we first check
             // if we ourself already have the file locked.
             synchronized(locks) {
-                if (locks.get(lockFileName) != null) {
+                if (locks.contains(lockFileName)) {
                     // We already own this lock, for a different FileHandler
                     // object.  Try again.
                     continue;
                 }
 
-                try {
-                    lockFileChannel = FileChannel.open(Paths.get(lockFileName),
-                            CREATE_NEW, WRITE);
-                } catch (FileAlreadyExistsException ix) {
-                    // try the next lock file name in the sequence
-                    continue;
+                final Path lockFilePath = Paths.get(lockFileName);
+                FileChannel channel = null;
+                int retries = -1;
+                boolean fileCreated = false;
+                while (channel == null && retries++ < 1) {
+                    try {
+                        channel = FileChannel.open(lockFilePath,
+                                CREATE_NEW, WRITE);
+                        fileCreated = true;
+                    } catch (FileAlreadyExistsException ix) {
+                        // This may be a zombie file left over by a previous
+                        // execution. Reuse it - but only if we can actually
+                        // write to its directory.
+                        // Note that this is a situation that may happen,
+                        // but not too frequently.
+                        if (Files.isRegularFile(lockFilePath, LinkOption.NOFOLLOW_LINKS)
+                            && Files.isWritable(lockFilePath.getParent())) {
+                            try {
+                                channel = FileChannel.open(lockFilePath,
+                                    WRITE, APPEND);
+                            } catch (NoSuchFileException x) {
+                                // Race condition - retry once, and if that
+                                // fails again just try the next name in
+                                // the sequence.
+                                continue;
+                            } catch(IOException x) {
+                                // the file may not be writable for us.
+                                // try the next name in the sequence
+                                break;
+                            }
+                        } else {
+                            // at this point channel should still be null.
+                            // break and try the next name in the sequence.
+                            break;
+                        }
+                    }
                 }
 
+                if (channel == null) continue; // try the next name;
+                lockFileChannel = channel;
+
                 boolean available;
                 try {
                     available = lockFileChannel.tryLock() != null;
                     // We got the lock OK.
+                    // At this point we could call File.deleteOnExit().
+                    // However, this could have undesirable side effects
+                    // as indicated by JDK-4872014. So we will instead
+                    // rely on the fact that close() will remove the lock
+                    // file and that whoever is creating FileHandlers should
+                    // be responsible for closing them.
                 } catch (IOException ix) {
                     // We got an IOException while trying to get the lock.
                     // This normally indicates that locking is not supported
                     // on the target directory.  We have to proceed without
-                    // getting a lock.   Drop through.
-                    available = true;
+                    // getting a lock.   Drop through, but only if we did
+                    // create the file...
+                    available = fileCreated;
+                } catch (OverlappingFileLockException x) {
+                    // someone already locked this file in this VM, through
+                    // some other channel - that is - using something else
+                    // than new FileHandler(...);
+                    // continue searching for an available lock.
+                    available = false;
                 }
                 if (available) {
                     // We got the lock.  Remember it.
-                    locks.put(lockFileName, lockFileName);
+                    locks.add(lockFileName);
                     break;
                 }
 
--- a/src/share/classes/javax/crypto/spec/SecretKeySpec.java	Thu Jul 10 12:13:26 2014 -0700
+++ b/src/share/classes/javax/crypto/spec/SecretKeySpec.java	Thu Jul 10 12:40:48 2014 -0700
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 1998, 2013, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 1998, 2014, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -26,6 +26,7 @@
 package javax.crypto.spec;
 
 import java.security.spec.KeySpec;
+import java.util.Locale;
 import javax.crypto.SecretKey;
 
 /**
@@ -194,7 +195,8 @@
         if (this.algorithm.equalsIgnoreCase("TripleDES"))
             return (retval ^= "desede".hashCode());
         else
-            return (retval ^= this.algorithm.toLowerCase().hashCode());
+            return (retval ^=
+                    this.algorithm.toLowerCase(Locale.ENGLISH).hashCode());
     }
 
    /**
--- a/src/share/classes/javax/security/sasl/SaslClient.java	Thu Jul 10 12:13:26 2014 -0700
+++ b/src/share/classes/javax/security/sasl/SaslClient.java	Thu Jul 10 12:40:48 2014 -0700
@@ -204,6 +204,10 @@
      * This method can be called only after the authentication exchange has
      * completed (i.e., when {@code isComplete()} returns true); otherwise, an
      * {@code IllegalStateException} is thrown.
+     * <p>
+     * The {@link Sasl} class includes several well-known property names
+     * (For example, {@link Sasl#QOP}). A SASL provider can support other
+     * properties which are specific to the vendor and/or a mechanism.
      *
      * @param propName The non-null property name.
      * @return The value of the negotiated property. If null, the property was
--- a/src/share/classes/javax/security/sasl/SaslServer.java	Thu Jul 10 12:13:26 2014 -0700
+++ b/src/share/classes/javax/security/sasl/SaslServer.java	Thu Jul 10 12:40:48 2014 -0700
@@ -196,6 +196,10 @@
      * This method can be called only after the authentication exchange has
      * completed (i.e., when {@code isComplete()} returns true); otherwise, an
      * {@code IllegalStateException} is thrown.
+     * <p>
+     * The {@link Sasl} class includes several well-known property names
+     * (For example, {@link Sasl#QOP}). A SASL provider can support other
+     * properties which are specific to the vendor and/or a mechanism.
      *
      * @param propName the property
      * @return The value of the negotiated property. If null, the property was
--- a/src/share/classes/javax/swing/AbstractListModel.java	Thu Jul 10 12:13:26 2014 -0700
+++ b/src/share/classes/javax/swing/AbstractListModel.java	Thu Jul 10 12:40:48 2014 -0700
@@ -202,6 +202,7 @@
      * If no such listeners exist,
      * this method returns an empty array.
      *
+     * @param <T> the type of {@code EventListener} class being requested
      * @param listenerType  the type of listeners requested;
      *          this parameter should specify an interface
      *          that descends from <code>java.util.EventListener</code>
--- a/src/share/classes/javax/swing/CellRendererPane.java	Thu Jul 10 12:13:26 2014 -0700
+++ b/src/share/classes/javax/swing/CellRendererPane.java	Thu Jul 10 12:40:48 2014 -0700
@@ -190,8 +190,12 @@
 // Accessibility support
 ////////////////
 
+    /**
+     * {@code AccessibleContext} associated with this {@code CellRendererPan}
+     */
     protected AccessibleContext accessibleContext = null;
 
+
     /**
      * Gets the AccessibleContext associated with this CellRendererPane.
      * For CellRendererPanes, the AccessibleContext takes the form of an
--- a/src/share/classes/javax/swing/DefaultCellEditor.java	Thu Jul 10 12:13:26 2014 -0700
+++ b/src/share/classes/javax/swing/DefaultCellEditor.java	Thu Jul 10 12:40:48 2014 -0700
@@ -353,6 +353,7 @@
         * Returns true to indicate that editing has begun.
         *
         * @param anEvent          the event
+        * @return true to indicate editing has begun
         */
         public boolean startCellEditing(EventObject anEvent) {
             return true;
--- a/src/share/classes/javax/swing/DefaultDesktopManager.java	Thu Jul 10 12:13:26 2014 -0700
+++ b/src/share/classes/javax/swing/DefaultDesktopManager.java	Thu Jul 10 12:40:48 2014 -0700
@@ -462,7 +462,12 @@
         f.revalidate();
     }
 
-    /** Convenience method to remove the desktopIcon of <b>f</b> is necessary. */
+    /**
+     * Convenience method to remove the desktopIcon of <b>f</b> is necessary.
+     *
+     * @param f the {@code JInternalFrame} for which to remove the
+     *          {@code desktopIcon}
+     */
     protected void removeIconFor(JInternalFrame f) {
         JInternalFrame.JDesktopIcon di = f.getDesktopIcon();
         Container c = di.getParent();
@@ -472,10 +477,13 @@
         }
     }
 
-    /** The iconifyFrame() code calls this to determine the proper bounds
-      * for the desktopIcon.
-      */
-
+    /**
+     * The {@code iconifyFrame()} code calls this to determine the proper bounds
+     * for the desktopIcon.
+     *
+     * @param f the {@code JInternalFrame} of interest
+     * @return a {@code Rectangle} containing bounds for the {@code desktopIcon}
+     */
     protected Rectangle getBoundsForIconOf(JInternalFrame f) {
       //
       // Get the icon for this internal frame and its preferred size
@@ -592,6 +600,9 @@
     /**
      * Sets that the component has been iconized and the bounds of the
      * <code>desktopIcon</code> are valid.
+     *
+     * @param f     the {@code JInternalFrame} of interest
+     * @param value a {@code Boolean} signifying if component has been iconized
      */
     protected void setWasIcon(JInternalFrame f, Boolean value)  {
         if (value != null) {
--- a/src/share/classes/javax/swing/DefaultListModel.java	Thu Jul 10 12:13:26 2014 -0700
+++ b/src/share/classes/javax/swing/DefaultListModel.java	Thu Jul 10 12:40:48 2014 -0700
@@ -444,6 +444,7 @@
      * (<code>index &lt; 0 || index &gt;= size()</code>).
      *
      * @param index index of element to return
+     * @return the element at the specified position in this list
      */
     public E get(int index) {
         return delegate.elementAt(index);
--- a/src/share/classes/javax/swing/DefaultListSelectionModel.java	Thu Jul 10 12:13:26 2014 -0700
+++ b/src/share/classes/javax/swing/DefaultListSelectionModel.java	Thu Jul 10 12:40:48 2014 -0700
@@ -160,6 +160,9 @@
      * Notifies <code>ListSelectionListeners</code> that the value
      * of the selection, in the closed interval <code>firstIndex</code>,
      * <code>lastIndex</code>, has changed.
+     *
+     * @param firstIndex the first index in the interval
+     * @param lastIndex the last index in the interval
      */
     protected void fireValueChanged(int firstIndex, int lastIndex) {
         fireValueChanged(firstIndex, lastIndex, getValueIsAdjusting());
@@ -231,6 +234,7 @@
      * If no such listeners exist,
      * this method returns an empty array.
      *
+     * @param <T> the type of {@code EventListener} class being requested
      * @param listenerType  the type of listeners requested;
      *          this parameter should specify an interface
      *          that descends from <code>java.util.EventListener</code>
@@ -332,6 +336,8 @@
 
     /**
      * Sets the value of the leadAnchorNotificationEnabled flag.
+     *
+     * @param flag boolean value for {@code leadAnchorNotificationEnabled}
      * @see             #isLeadAnchorNotificationEnabled()
      */
     public void setLeadAnchorNotificationEnabled(boolean flag) {
--- a/src/share/classes/javax/swing/DefaultRowSorter.java	Thu Jul 10 12:13:26 2014 -0700
+++ b/src/share/classes/javax/swing/DefaultRowSorter.java	Thu Jul 10 12:40:48 2014 -0700
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2005, 2013, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2005, 2014, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -712,6 +712,8 @@
      *
      * @param column the index of the column to test, in terms of the
      *        underlying model
+     * @return true if values are to be converted to strings before doing
+     *              comparisons when sorting
      * @throws IndexOutOfBoundsException if <code>column</code> is not valid
      */
     protected boolean useToString(int column) {
--- a/src/share/classes/javax/swing/InputMap.java	Thu Jul 10 12:13:26 2014 -0700
+++ b/src/share/classes/javax/swing/InputMap.java	Thu Jul 10 12:40:48 2014 -0700
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 1999, 2011, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 1999, 2014, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -32,15 +32,12 @@
 import java.util.Set;
 
 /**
- * <code>InputMap</code> provides a binding between an input event
- * (currently only <code>KeyStroke</code>s are used)
- * and an <code>Object</code>. <code>InputMap</code>s
- * are usually used with an <code>ActionMap</code>,
- * to determine an <code>Action</code> to perform
- * when a key is pressed.
- * An <code>InputMap</code> can have a parent
- * that is searched for bindings not defined in the <code>InputMap</code>.
- * <p>As with <code>ActionMap</code> if you create a cycle, eg:
+ * {@code InputMap} provides a binding between an input event (currently only
+ * {@code KeyStroke}s are used) and an {@code Object}. {@code InputMap}s are
+ * usually used with an {@code ActionMap}, to determine an {@code Action} to
+ * perform when a key is pressed. An {@code InputMap} can have a parent that
+ * is searched for bindings not defined in the {@code InputMap}.
+ * <p>As with {@code ActionMap} if you create a cycle, eg:
  * <pre>
  *   InputMap am = new InputMap();
  *   InputMap bm = new InputMap():
@@ -61,34 +58,37 @@
 
 
     /**
-     * Creates an <code>InputMap</code> with no parent and no mappings.
+     * Creates an {@code InputMap} with no parent and no mappings.
      */
     public InputMap() {
     }
 
     /**
-     * Sets this <code>InputMap</code>'s parent.
+     * Sets this {@code InputMap}'s parent.
      *
-     * @param map  the <code>InputMap</code> that is the parent of this one
+     * @param map the {@code InputMap} that is the parent of this one
      */
     public void setParent(InputMap map) {
         this.parent = map;
     }
 
     /**
-     * Gets this <code>InputMap</code>'s parent.
+     * Gets this {@code InputMap}'s parent.
      *
-     * @return map  the <code>InputMap</code> that is the parent of this one,
-     *              or null if this <code>InputMap</code> has no parent
+     * @return map the {@code InputMap} that is the parent of this one,
+     *             or null if this {@code InputMap} has no parent
      */
     public InputMap getParent() {
         return parent;
     }
 
     /**
-     * Adds a binding for <code>keyStroke</code> to <code>actionMapKey</code>.
-     * If <code>actionMapKey</code> is null, this removes the current binding
-     * for <code>keyStroke</code>.
+     * Adds a binding for {@code keyStroke} to {@code actionMapKey}.
+     * If {@code actionMapKey} is null, this removes the current binding
+     * for {@code keyStroke}.
+     *
+     * @param keyStroke a {@code KeyStroke}
+     * @param actionMapKey an action map key
      */
     public void put(KeyStroke keyStroke, Object actionMapKey) {
         if (keyStroke == null) {
@@ -106,8 +106,11 @@
     }
 
     /**
-     * Returns the binding for <code>keyStroke</code>, messaging the
-     * parent <code>InputMap</code> if the binding is not locally defined.
+     * Returns the binding for {@code keyStroke}, messaging the
+     * parent {@code InputMap} if the binding is not locally defined.
+     *
+     * @param keyStroke the {@code KeyStroke} for which to get the binding
+     * @return the binding for {@code keyStroke}
      */
     public Object get(KeyStroke keyStroke) {
         if (arrayTable == null) {
@@ -131,8 +134,9 @@
     }
 
     /**
-     * Removes the binding for <code>key</code> from this
-     * <code>InputMap</code>.
+     * Removes the binding for {@code key} from this {@code InputMap}.
+     *
+     * @param key the {@code KeyStroke} for which to remove the binding
      */
     public void remove(KeyStroke key) {
         if (arrayTable != null) {
@@ -141,7 +145,7 @@
     }
 
     /**
-     * Removes all the mappings from this <code>InputMap</code>.
+     * Removes all the mappings from this {@code InputMap}.
      */
     public void clear() {
         if (arrayTable != null) {
@@ -150,7 +154,10 @@
     }
 
     /**
-     * Returns the <code>KeyStroke</code>s that are bound in this <code>InputMap</code>.
+     * Returns the {@code KeyStroke}s that are bound in this {@code InputMap}.
+     *
+     * @return an array of the {@code KeyStroke}s that are bound in this
+     *         {@code InputMap}
      */
     public KeyStroke[] keys() {
         if (arrayTable == null) {
@@ -162,7 +169,9 @@
     }
 
     /**
-     * Returns the number of <code>KeyStroke</code> bindings.
+     * Returns the number of {@code KeyStroke} bindings.
+     *
+     * @return the number of {@code KeyStroke} bindings
      */
     public int size() {
         if (arrayTable == null) {
@@ -172,9 +181,12 @@
     }
 
     /**
-     * Returns an array of the <code>KeyStroke</code>s defined in this
-     * <code>InputMap</code> and its parent. This differs from <code>keys()</code> in that
-     * this method includes the keys defined in the parent.
+     * Returns an array of the {@code KeyStroke}s defined in this
+     * {@code InputMap} and its parent. This differs from {@code keys()}
+     * in that this method includes the keys defined in the parent.
+     *
+     * @return an array of the {@code KeyStroke}s defined in this
+     *         {@code InputMap} and its parent
      */
     public KeyStroke[] allKeys() {
         int             count = size();
--- a/src/share/classes/javax/swing/JCheckBox.java	Thu Jul 10 12:13:26 2014 -0700
+++ b/src/share/classes/javax/swing/JCheckBox.java	Thu Jul 10 12:40:48 2014 -0700
@@ -132,6 +132,7 @@
      * Creates a check box where properties are taken from the
      * Action supplied.
      *
+     * @param a the {@code Action} used to specify the new check box
      * @since 1.3
      */
     public JCheckBox(Action a) {
--- a/src/share/classes/javax/swing/JCheckBoxMenuItem.java	Thu Jul 10 12:13:26 2014 -0700
+++ b/src/share/classes/javax/swing/JCheckBoxMenuItem.java	Thu Jul 10 12:40:48 2014 -0700
@@ -109,7 +109,7 @@
     /**
      * Creates an initially unselected check box menu item with an icon.
      *
-     * @param icon the icon of the CheckBoxMenuItem.
+     * @param icon the icon of the {@code JCheckBoxMenuItem}.
      */
     public JCheckBoxMenuItem(Icon icon) {
         this(null, icon, false);
@@ -118,7 +118,7 @@
     /**
      * Creates an initially unselected check box menu item with text.
      *
-     * @param text the text of the CheckBoxMenuItem
+     * @param text the text of the {@code JCheckBoxMenuItem}
      */
     public JCheckBoxMenuItem(String text) {
         this(text, null, false);
@@ -128,6 +128,7 @@
      * Creates a menu item whose properties are taken from the
      * Action supplied.
      *
+     * @param a the action of the {@code JCheckBoxMenuItem}
      * @since 1.3
      */
     public JCheckBoxMenuItem(Action a) {
@@ -138,8 +139,8 @@
     /**
      * Creates an initially unselected check box menu item with the specified text and icon.
      *
-     * @param text the text of the CheckBoxMenuItem
-     * @param icon the icon of the CheckBoxMenuItem
+     * @param text the text of the {@code JCheckBoxMenuItem}
+     * @param icon the icon of the {@code JCheckBoxMenuItem}
      */
     public JCheckBoxMenuItem(String text, Icon icon) {
         this(text, icon, false);
--- a/src/share/classes/javax/swing/JEditorPane.java	Thu Jul 10 12:13:26 2014 -0700
+++ b/src/share/classes/javax/swing/JEditorPane.java	Thu Jul 10 12:40:48 2014 -0700
@@ -1251,11 +1251,12 @@
     }
 
     /**
-     * Returns the currently registered <code>EditorKit</code>
-     * class name for the type <code>type</code>.
+     * Returns the currently registered {@code EditorKit} class name for the
+     * type {@code type}.
      *
-     * @param type  the non-<code>null</code> content type
-     *
+     * @param type  the non-{@code null} content type
+     * @return a {@code String} containing the {@code EditorKit} class name
+     *         for {@code type}
      * @since 1.3
      */
     public static String getEditorKitClassNameForContentType(String type) {
--- a/src/share/classes/javax/swing/JFileChooser.java	Thu Jul 10 12:13:26 2014 -0700
+++ b/src/share/classes/javax/swing/JFileChooser.java	Thu Jul 10 12:40:48 2014 -0700
@@ -330,6 +330,8 @@
     /**
      * Constructs a <code>JFileChooser</code> using the given
      * <code>FileSystemView</code>.
+     *
+     * @param fsv a {@code FileSystemView}
      */
     public JFileChooser(FileSystemView fsv) {
         this((File) null, fsv);
@@ -339,6 +341,10 @@
     /**
      * Constructs a <code>JFileChooser</code> using the given current directory
      * and <code>FileSystemView</code>.
+     *
+     * @param currentDirectory a {@code File} object specifying the path to a
+     *                         file or directory
+     * @param fsv a {@code FileSystemView}
      */
     public JFileChooser(File currentDirectory, FileSystemView fsv) {
         setup(fsv);
@@ -348,6 +354,10 @@
     /**
      * Constructs a <code>JFileChooser</code> using the given current directory
      * path and <code>FileSystemView</code>.
+     *
+     * @param currentDirectoryPath a {@code String} specifying the path to a file
+     *                             or directory
+     * @param fsv a {@code FileSystemView}
      */
     public JFileChooser(String currentDirectoryPath, FileSystemView fsv) {
         setup(fsv);
@@ -360,6 +370,8 @@
 
     /**
      * Performs common constructor initialization and setup.
+     *
+     * @param view the {@code FileSystemView} used for setup
      */
     protected void setup(FileSystemView view) {
         installShowFilesListener();
@@ -512,6 +524,8 @@
     /**
      * Returns a list of selected files if the file chooser is
      * set to allow multiple selection.
+     *
+     * @return an array of selected {@code File}s
      */
     public File[] getSelectedFiles() {
         if(selectedFiles == null) {
@@ -525,6 +539,7 @@
      * Sets the list of selected files if the file chooser is
      * set to allow multiple selection.
      *
+     * @param selectedFiles an array {@code File}s to be selected
      * @beaninfo
      *       bound: true
      * description: The list of selected files if the chooser is in multiple selection mode.
@@ -971,6 +986,7 @@
     /**
      * Gets the string that goes in the <code>JFileChooser</code>'s titlebar.
      *
+     * @return the string from the {@code JFileChooser} window's title bar
      * @see #setDialogTitle
      */
     public String getDialogTitle() {
@@ -1158,6 +1174,8 @@
      * Removes a filter from the list of user choosable file filters. Returns
      * true if the file filter was removed.
      *
+     * @param f the file filter to be removed
+     * @return true if the file filter was removed, false otherwise
      * @see #addChoosableFileFilter
      * @see #getChoosableFileFilters
      * @see #resetChoosableFileFilters
@@ -1215,6 +1233,8 @@
     /**
      * Returns the <code>AcceptAll</code> file filter.
      * For example, on Microsoft Windows this would be All Files (*.*).
+     *
+     * @return the {@code AcceptAll} file filter
      */
     public FileFilter getAcceptAllFileFilter() {
         FileFilter filter = null;
@@ -1240,8 +1260,10 @@
     * If false, the <code>AcceptAll</code> file filter is removed from
     * the list of available file filters.
     * If true, the <code>AcceptAll</code> file filter will become the
-    * the actively used file filter.
+    * actively used file filter.
     *
+    * @param b a {@code boolean} which determines whether the {@code AcceptAll}
+    *          file filter is an available choice in the choosable filter list
     * @beaninfo
     *   preferred: true
     *       bound: true
@@ -1284,6 +1306,7 @@
      * any listeners that the accessory might have registered with the
      * file chooser.
      *
+     * @param newAccessory the accessory component to be set
      * @beaninfo
      *   preferred: true
      *       bound: true
@@ -1355,6 +1378,7 @@
      * Convenience call that determines if files are selectable based on the
      * current file selection mode.
      *
+     * @return true if files are selectable, false otherwise
      * @see #setFileSelectionMode
      * @see #getFileSelectionMode
      */
@@ -1366,6 +1390,7 @@
      * Convenience call that determines if directories are selectable based
      * on the current file selection mode.
      *
+     * @return true if directories are selectable, false otherwise
      * @see #setFileSelectionMode
      * @see #getFileSelectionMode
      */
@@ -1487,9 +1512,10 @@
     }
 
     /**
-     * Sets the file view to used to retrieve UI information, such as
+     * Sets the file view to be used to retrieve UI information, such as
      * the icon that represents a file or the type description of a file.
      *
+     * @param fileView a {@code FileView} to be used to retrieve UI information
      * @beaninfo
      *   preferred: true
      *       bound: true
@@ -1506,6 +1532,7 @@
     /**
      * Returns the current file view.
      *
+     * @return the current file view
      * @see #setFileView
      */
     public FileView getFileView() {
@@ -1765,6 +1792,8 @@
      * notification on this event type. The event instance
      * is lazily created using the <code>command</code> parameter.
      *
+     * @param command a string that may specify a command associated with
+     *                the event
      * @see EventListenerList
      */
     protected void fireActionPerformed(String command) {
@@ -1973,6 +2002,9 @@
 // Accessibility support
 ////////////////
 
+    /**
+     * {@code AccessibleContext} associated with this {@code JFileChooser}
+     */
     protected AccessibleContext accessibleContext = null;
 
     /**
--- a/src/share/classes/javax/swing/JFrame.java	Thu Jul 10 12:13:26 2014 -0700
+++ b/src/share/classes/javax/swing/JFrame.java	Thu Jul 10 12:40:48 2014 -0700
@@ -275,6 +275,8 @@
     /**
      * Called by the constructor methods to create the default
      * <code>rootPane</code>.
+     *
+     * @return a new {@code JRootPane}
      */
     protected JRootPane createRootPane() {
         JRootPane rp = new JRootPane();
@@ -874,7 +876,9 @@
 // Accessibility support
 ////////////////
 
-    /** The accessible context property. */
+    /**
+     * The accessible context property.
+     */
     protected AccessibleContext accessibleContext = null;
 
     /**
--- a/src/share/classes/javax/swing/JMenu.java	Thu Jul 10 12:13:26 2014 -0700
+++ b/src/share/classes/javax/swing/JMenu.java	Thu Jul 10 12:40:48 2014 -0700
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 1997, 2013, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 1997, 2014, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -608,16 +608,18 @@
      * it to the end of this menu.
      *
      * @param s the string for the menu item to be added
+     * @return the new {@code JMenuItem}
      */
     public JMenuItem add(String s) {
         return add(new JMenuItem(s));
     }
 
     /**
-     * Creates a new menu item attached to the specified
-     * <code>Action</code> object and appends it to the end of this menu.
+     * Creates a new menu item attached to the specified {@code Action} object
+     * and appends it to the end of this menu.
      *
-     * @param a the <code>Action</code> for the menu item to be added
+     * @param a the {@code Action} for the menu item to be added
+     * @return the new {@code JMenuItem}
      * @see Action
      */
     public JMenuItem add(Action a) {
@@ -653,8 +655,11 @@
     }
 
     /**
-     * Returns a properly configured <code>PropertyChangeListener</code>
-     * which updates the control as changes to the <code>Action</code> occur.
+     * Returns a properly configured {@code PropertyChangeListener}
+     * which updates the control as changes to the {@code Action} occur.
+     *
+     * @param b a menu item for which to create a {@code PropertyChangeListener}
+     * @return a {@code PropertyChangeListener} for {@code b}
      */
     protected PropertyChangeListener createActionChangeListener(JMenuItem b) {
         return b.createActionPropertyChangeListener0(b.getAction());
@@ -714,6 +719,7 @@
      * @param a the <code>Action</code> object for the menu item to add
      * @param pos an integer specifying the position at which to add the
      *               new menu item
+     * @return the new menu item
      * @exception IllegalArgumentException if the value of
      *                  <code>pos</code> &lt; 0
      */
@@ -748,16 +754,16 @@
     }
 
     /**
-     * Returns the <code>JMenuItem</code> at the specified position.
-     * If the component at <code>pos</code> is not a menu item,
-     * <code>null</code> is returned.
+     * Returns the {@code JMenuItem} at the specified position.
+     * If the component at {@code pos} is not a menu item,
+     * {@code null} is returned.
      * This method is included for AWT compatibility.
      *
-     * @param pos    an integer specifying the position
-     * @exception   IllegalArgumentException if the value of
-     *                       <code>pos</code> &lt; 0
+     * @param pos  an integer specifying the position
      * @return  the menu item at the specified position; or <code>null</code>
      *          if the item as the specified position is not a menu item
+     * @exception  IllegalArgumentException if the value of
+     *             {@code pos} &lt; 0
      */
     public JMenuItem getItem(int pos) {
         if (pos < 0) {
@@ -975,6 +981,8 @@
     /**
      * Returns the popupmenu associated with this menu.  If there is
      * no popupmenu, it will create one.
+     *
+     * @return the {@code JPopupMenu} associated with this menu
      */
     public JPopupMenu getPopupMenu() {
         ensurePopupMenuCreated();
@@ -1159,6 +1167,8 @@
         JPopupMenu popupMenu;
         /**
          *  Create the window listener for the specified popup.
+         *
+         * @param p the popup menu for which to create a listener
          * @since 1.4
          */
         public WinListener(JPopupMenu p) {
--- a/src/share/classes/javax/swing/JMenuBar.java	Thu Jul 10 12:13:26 2014 -0700
+++ b/src/share/classes/javax/swing/JMenuBar.java	Thu Jul 10 12:40:48 2014 -0700
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 1997, 2013, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 1997, 2014, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -124,6 +124,8 @@
 
     /**
      * Returns the menubar's current UI.
+     *
+     * @return a {@code MenuBarUI} which is the menubar's current L&amp;F object
      * @see #setUI
      */
     public MenuBarUI getUI() {
--- a/src/share/classes/javax/swing/JSlider.java	Thu Jul 10 12:13:26 2014 -0700
+++ b/src/share/classes/javax/swing/JSlider.java	Thu Jul 10 12:40:48 2014 -0700
@@ -281,6 +281,8 @@
     /**
      * Creates a horizontal slider using the specified
      * BoundedRangeModel.
+     *
+     * @param brm a {@code BoundedRangeModel} for the slider
      */
     public JSlider(BoundedRangeModel brm)
     {
@@ -363,6 +365,8 @@
      * {@code fireStateChanged} method to forward {@code ChangeEvent}s
      * to the {@code ChangeListener}s that have been added directly to the
      * slider.
+     *
+     * @return a instance of new {@code ChangeListener}
      * @see #changeListener
      * @see #fireStateChanged
      * @see javax.swing.event.ChangeListener
--- a/src/share/classes/javax/swing/JTabbedPane.java	Thu Jul 10 12:13:26 2014 -0700
+++ b/src/share/classes/javax/swing/JTabbedPane.java	Thu Jul 10 12:40:48 2014 -0700
@@ -278,6 +278,7 @@
      * can override this to return a subclass of <code>ModelListener</code> or
      * another <code>ChangeListener</code> implementation.
      *
+     * @return a {@code ChangeListener}
      * @see #fireStateChanged
      */
     protected ChangeListener createChangeListener() {
@@ -423,6 +424,7 @@
     /**
      * Returns the model associated with this tabbedpane.
      *
+     * @return the {@code SingleSelectionModel} associated with this tabbedpane
      * @see #setModel
      */
     public SingleSelectionModel getModel() {
@@ -459,6 +461,8 @@
 
     /**
      * Returns the placement of the tabs for this tabbedpane.
+     *
+     * @return an {@code int} specifying the placement for the tabs
      * @see #setTabPlacement
      */
     public int getTabPlacement() {
@@ -507,6 +511,8 @@
     /**
      * Returns the policy used by the tabbedpane to layout the tabs when all the
      * tabs will not fit within a single run.
+     *
+     * @return an {@code int} specifying the policy used to layout the tabs
      * @see #setTabLayoutPolicy
      * @since 1.4
      */
@@ -664,6 +670,7 @@
      * will automatically set the <code>selectedIndex</code> to the index
      * corresponding to the specified component.
      *
+     * @param c the selected {@code Component} for this {@code TabbedPane}
      * @exception IllegalArgumentException if component not found in tabbed
      *          pane
      * @see #getSelectedComponent
--- a/src/share/classes/javax/swing/JTable.java	Thu Jul 10 12:13:26 2014 -0700
+++ b/src/share/classes/javax/swing/JTable.java	Thu Jul 10 12:40:48 2014 -0700
@@ -865,6 +865,8 @@
     /**
      * Equivalent to <code>new JScrollPane(aTable)</code>.
      *
+     * @param aTable a {@code JTable} to be used for the scroll pane
+     * @return a {@code JScrollPane} created using {@code aTable}
      * @deprecated As of Swing version 1.0.2,
      * replaced by <code>new JScrollPane(aTable)</code>.
      */
@@ -1961,6 +1963,7 @@
      * <code>JList</code>. See the <code>setSelectionMode</code> method
      * in <code>JList</code> for details about the modes.
      *
+     * @param selectionMode the mode used by the row and column selection models
      * @see JList#setSelectionMode
      * @beaninfo
      * description: The selection mode used by the row and column selection models.
@@ -2321,6 +2324,7 @@
      * Returns true if the specified index is in the valid range of rows,
      * and the row at that index is selected.
      *
+     * @param row a row in the row model
      * @return true if <code>row</code> is a valid index and the row at
      *              that index is selected (where 0 is the first row)
      */
@@ -3174,6 +3178,8 @@
 
     /**
      * Sizes the table columns to fit the available space.
+     *
+     * @param lastColumnOnly determines whether to resize last column only
      * @deprecated As of Swing version 1.0.3,
      * replaced by <code>doLayout()</code>.
      * @see #doLayout
@@ -6692,7 +6698,7 @@
 
     // Listeners to echo changes to the AccessiblePropertyChange mechanism
 
-        /*
+        /**
          * Describes a change in the accessible table model.
          */
         protected class AccessibleJTableModelChange
@@ -6737,6 +6743,8 @@
 
         /**
          * Track changes to the table contents
+         *
+         * @param e a {@code TableModelEvent} describing the event
          */
         public void tableChanged(TableModelEvent e) {
            firePropertyChange(AccessibleContext.ACCESSIBLE_VISIBLE_DATA_PROPERTY,
@@ -6764,6 +6772,8 @@
 
         /**
          * Track changes to the table contents (row insertions)
+         *
+         * @param e a {@code TableModelEvent} describing the event
          */
         public void tableRowsInserted(TableModelEvent e) {
            firePropertyChange(AccessibleContext.ACCESSIBLE_VISIBLE_DATA_PROPERTY,
@@ -6789,6 +6799,8 @@
 
         /**
          * Track changes to the table contents (row deletions)
+         *
+         * @param e a {@code TableModelEvent} describing the event
          */
         public void tableRowsDeleted(TableModelEvent e) {
            firePropertyChange(AccessibleContext.ACCESSIBLE_VISIBLE_DATA_PROPERTY,
@@ -7922,6 +7934,11 @@
 
             /**
              *  Constructs an <code>AccessibleJTableHeaderEntry</code>.
+             *
+             * @param t a {@code JTable}
+             * @param r an {@code int} specifying a row
+             * @param c an {@code int} specifying a column
+             * @param i an {@code int} specifying the index to this cell
              * @since 1.4
              */
             public AccessibleJTableCell(JTable t, int r, int c, int i) {
--- a/src/share/classes/javax/swing/MenuElement.java	Thu Jul 10 12:13:26 2014 -0700
+++ b/src/share/classes/javax/swing/MenuElement.java	Thu Jul 10 12:40:48 2014 -0700
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 1997, 2003, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 1997, 2014, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -29,7 +29,7 @@
 
 /**
  * Any component that can be placed into a menu should implement this interface.
- * This interface is used by <code>MenuSelectionManager</code>
+ * This interface is used by {@code MenuSelectionManager}
  * to handle selection and navigation in menu hierarchies.
  *
  * @author Arnaud Weber
@@ -39,46 +39,56 @@
 public interface MenuElement {
 
     /**
-     * Processes a mouse event. <code>event</code> is a <code>MouseEvent</code>
-     * with source being the receiving element's component.
-     * <code>path</code> is the path of the receiving element in the menu
-     * hierarchy including the receiving element itself.
-     * <code>manager</code> is the <code>MenuSelectionManager</code>
-     * for the menu hierarchy.
-     * This method should process the <code>MouseEvent</code> and change
-     * the menu selection if necessary
-     * by using <code>MenuSelectionManager</code>'s API
-     * Note: you do not have to forward the event to sub-components.
-     * This is done automatically by the <code>MenuSelectionManager</code>.
+     * Processes a mouse event. {@code event} is a {@code MouseEvent} with
+     * source being the receiving element's component. {@code path} is the
+     * path of the receiving element in the menu hierarchy including the
+     * receiving element itself. {@code manager} is the
+     * {@code MenuSelectionManager}for the menu hierarchy. This method should
+     * process the {@code MouseEvent} and change the menu selection if necessary
+     * by using {@code MenuSelectionManager}'s API Note: you do not have to
+     * forward the event to sub-components. This is done automatically by the
+     * {@code MenuSelectionManager}.
+     *
+     * @param event a {@code MouseEvent} to be processed
+     * @param path the path of the receiving element in the menu hierarchy
+     * @param manager the {@code MenuSelectionManager} for the menu hierarchy
      */
-    public void processMouseEvent(MouseEvent event,MenuElement path[],MenuSelectionManager manager);
+    public void processMouseEvent(MouseEvent event, MenuElement path[], MenuSelectionManager manager);
 
 
     /**
      *  Process a key event.
+     *
+     * @param event a {@code KeyEvent} to be processed
+     * @param path the path of the receiving element in the menu hierarchy
+     * @param manager the {@code MenuSelectionManager} for the menu hierarchy
      */
-    public void processKeyEvent(KeyEvent event,MenuElement path[],MenuSelectionManager manager);
+    public void processKeyEvent(KeyEvent event, MenuElement path[], MenuSelectionManager manager);
 
     /**
-     * Call by the <code>MenuSelectionManager</code> when the
-     * <code>MenuElement</code> is added or remove from
-     * the menu selection.
+     * Call by the {@code MenuSelectionManager} when the {@code MenuElement} is
+     * added or removed from the menu selection.
+     *
+     * @param isIncluded can be used to indicate if this {@code MenuElement} is
+     *        active (if it is a menu) or is on the part of the menu path that
+     *        changed (if it is a menu item).
      */
     public void menuSelectionChanged(boolean isIncluded);
 
     /**
-     * This method should return an array containing the sub-elements for the receiving menu element
+     * This method should return an array containing the sub-elements for the
+     * receiving menu element.
      *
-     * @return an array of MenuElements
+     * @return an array of {@code MenuElement}s
      */
     public MenuElement[] getSubElements();
 
     /**
-     * This method should return the java.awt.Component used to paint the receiving element.
-     * The returned component will be used to convert events and detect if an event is inside
-     * a MenuElement's component.
+     * This method should return the {@code java.awt.Component} used to paint the
+     * receiving element. The returned component will be used to convert events
+     * and detect if an event is inside a {@code MenuElement}'s component.
      *
-     * @return the Component value
+     * @return the {@code Component} value
      */
     public Component getComponent();
 }
--- a/src/share/classes/javax/swing/MenuSelectionManager.java	Thu Jul 10 12:13:26 2014 -0700
+++ b/src/share/classes/javax/swing/MenuSelectionManager.java	Thu Jul 10 12:40:48 2014 -0700
@@ -80,6 +80,7 @@
      * generated is always "this".
      */
     protected transient ChangeEvent changeEvent = null;
+    /** The collection of registered listeners */
     protected EventListenerList listenerList = new EventListenerList();
 
     /**
@@ -477,7 +478,11 @@
     }
 
     /**
-     * Return true if c is part of the currently used menu
+     * Return true if {@code c} is part of the currently used menu
+     *
+     * @param c a {@code Component}
+     * @return true if {@code c} is part of the currently used menu,
+     *         false otherwise
      */
     public boolean isComponentPartOfCurrentMenu(Component c) {
         if(selection.size() > 0) {
--- a/src/share/classes/javax/swing/RowFilter.java	Thu Jul 10 12:13:26 2014 -0700
+++ b/src/share/classes/javax/swing/RowFilter.java	Thu Jul 10 12:40:48 2014 -0700
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2005, 2013, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2005, 2014, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -159,6 +159,8 @@
      * {@link java.util.regex.Pattern} for a complete description of
      * the supported regular-expression constructs.
      *
+     * @param <M> the type of the model to which the {@code RowFilter} applies
+     * @param <I> the type of the identifier passed to the {@code RowFilter}
      * @param regex the regular expression to filter on
      * @param indices the indices of the values to check.  If not supplied all
      *               values are evaluated
@@ -186,6 +188,8 @@
      *   RowFilter.dateFilter(ComparisonType.AFTER, new Date());
      * </pre>
      *
+     * @param <M> the type of the model to which the {@code RowFilter} applies
+     * @param <I> the type of the identifier passed to the {@code RowFilter}
      * @param type the type of comparison to perform
      * @param date the date to compare against
      * @param indices the indices of the values to check.  If not supplied all
@@ -214,7 +218,10 @@
      *   RowFilter.numberFilter(ComparisonType.EQUAL, 10);
      * </pre>
      *
+     * @param <M> the type of the model to which the {@code RowFilter} applies
+     * @param <I> the type of the identifier passed to the {@code RowFilter}
      * @param type the type of comparison to perform
+     * @param number a {@code Number} value to compare against
      * @param indices the indices of the values to check.  If not supplied all
      *               values are evaluated
      * @return a <code>RowFilter</code> implementing the specified criteria
@@ -241,6 +248,8 @@
      *   RowFilter&lt;Object,Object&gt; fooBarFilter = RowFilter.orFilter(filters);
      * </pre>
      *
+     * @param <M> the type of the model to which the {@code RowFilter} applies
+     * @param <I> the type of the identifier passed to the {@code RowFilter}
      * @param filters the <code>RowFilter</code>s to test
      * @throws IllegalArgumentException if any of the filters
      *         are <code>null</code>
@@ -267,6 +276,8 @@
      *   RowFilter&lt;Object,Object&gt; fooBarFilter = RowFilter.andFilter(filters);
      * </pre>
      *
+     * @param <M> the type of the model the {@code RowFilter} applies to
+     * @param <I> the type of the identifier passed to the {@code RowFilter}
      * @param filters the <code>RowFilter</code>s to test
      * @return a <code>RowFilter</code> implementing the specified criteria
      * @throws IllegalArgumentException if any of the filters
@@ -283,6 +294,8 @@
      * Returns a <code>RowFilter</code> that includes entries if the
      * supplied filter does not include the entry.
      *
+     * @param <M> the type of the model to which the {@code RowFilter} applies
+     * @param <I> the type of the identifier passed to the {@code RowFilter}
      * @param filter the <code>RowFilter</code> to negate
      * @return a <code>RowFilter</code> implementing the specified criteria
      * @throws IllegalArgumentException if <code>filter</code> is
--- a/src/share/classes/javax/swing/SortingFocusTraversalPolicy.java	Thu Jul 10 12:13:26 2014 -0700
+++ b/src/share/classes/javax/swing/SortingFocusTraversalPolicy.java	Thu Jul 10 12:40:48 2014 -0700
@@ -100,6 +100,8 @@
 
     /**
      * Constructs a SortingFocusTraversalPolicy with the specified Comparator.
+     *
+     * @param comparator the {@code Comparator} to sort by
      */
     public SortingFocusTraversalPolicy(Comparator<? super Component> comparator) {
         this.comparator = comparator;
--- a/src/share/classes/javax/swing/Spring.java	Thu Jul 10 12:13:26 2014 -0700
+++ b/src/share/classes/javax/swing/Spring.java	Thu Jul 10 12:40:48 2014 -0700
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2001, 2013, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2001, 2014, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -547,9 +547,10 @@
 
 
     /**
-     * Returns <code>-s</code>: a spring running in the opposite direction to <code>s</code>.
+     * Returns {@code -s}: a spring running in the opposite direction to {@code s}.
      *
-     * @return <code>-s</code>: a spring running in the opposite direction to <code>s</code>
+     * @param s a {@code Spring} object
+     * @return {@code -s}: a spring running in the opposite direction to {@code s}
      *
      * @see Spring
      */
@@ -582,6 +583,8 @@
      * the <em>value</em>s of <code>s1</code> and <code>s2</code> is exactly equal to
      * the <em>value</em> of <code>s3</code>.
      *
+     * @param s1 a {@code Spring} object
+     * @param s2 a {@code Spring} object
      * @return <code>s1+s2</code>: a spring representing <code>s1</code> and <code>s2</code> in series
      *
      * @see Spring
@@ -591,11 +594,13 @@
      }
 
     /**
-     * Returns <code>max(s1, s2)</code>: a spring whose value is always greater than (or equal to)
-     *         the values of both <code>s1</code> and <code>s2</code>.
+     * Returns {@code max(s1, s2)}: a spring whose value is always greater than (or equal to)
+     *         the values of both {@code s1} and {@code s2}.
      *
-     * @return <code>max(s1, s2)</code>: a spring whose value is always greater than (or equal to)
-     *         the values of both <code>s1</code> and <code>s2</code>
+     * @param s1 a {@code Spring} object
+     * @param s2 a {@code Spring} object
+     * @return {@code max(s1, s2)}: a spring whose value is always greater than (or equal to)
+     *         the values of both {@code s1} and {@code s2}
      * @see Spring
      */
     public static Spring max(Spring s1, Spring s2) {
--- a/src/share/classes/javax/swing/UIManager.java	Thu Jul 10 12:13:26 2014 -0700
+++ b/src/share/classes/javax/swing/UIManager.java	Thu Jul 10 12:40:48 2014 -0700
@@ -1107,6 +1107,8 @@
      * UI class is created or when the default look and feel is changed
      * on a component instance.
      * <p>Note these are not the same as the installed look and feels.
+     *
+     * @param laf the {@code LookAndFeel} to be removed
      * @return true if the <code>LookAndFeel</code> was removed from the list
      * @see #removeAuxiliaryLookAndFeel
      * @see #getAuxiliaryLookAndFeels
--- a/src/share/classes/org/jcp/xml/dsig/internal/dom/DOMSignedInfo.java	Thu Jul 10 12:13:26 2014 -0700
+++ b/src/share/classes/org/jcp/xml/dsig/internal/dom/DOMSignedInfo.java	Thu Jul 10 12:40:48 2014 -0700
@@ -221,8 +221,17 @@
         }
 
         OutputStream os = new UnsyncBufferedOutputStream(bos);
+
+        DOMSubTreeData subTree = new DOMSubTreeData(localSiElem, true);
         try {
-            os.close();
+            ((DOMCanonicalizationMethod)
+                canonicalizationMethod).canonicalize(subTree, context, os);
+        } catch (TransformException te) {
+            throw new XMLSignatureException(te);
+        }
+
+        try {
+            os.flush();
         } catch (IOException e) {
             if (log.isLoggable(java.util.logging.Level.FINE)) {
                 log.log(java.util.logging.Level.FINE, e.getMessage(), e);
@@ -230,15 +239,6 @@
             // Impossible
         }
 
-        DOMSubTreeData subTree = new DOMSubTreeData(localSiElem, true);
-
-        try {
-            ((DOMCanonicalizationMethod)
-                canonicalizationMethod).canonicalize(subTree, context, bos);
-        } catch (TransformException te) {
-            throw new XMLSignatureException(te);
-        }
-
         byte[] signedInfoBytes = bos.toByteArray();
 
         // this whole block should only be done if logging is enabled
@@ -253,6 +253,15 @@
         }
 
         this.canonData = new ByteArrayInputStream(signedInfoBytes);
+
+        try {
+            os.close();
+        } catch (IOException e) {
+            if (log.isLoggable(java.util.logging.Level.FINE)) {
+                log.log(java.util.logging.Level.FINE, e.getMessage(), e);
+            }
+            // Impossible
+        }
     }
 
     public void marshal(Node parent, String dsPrefix, DOMCryptoContext context)
--- a/src/share/classes/sun/jvmstat/monitor/event/MonitorStatusChangeEvent.java	Thu Jul 10 12:13:26 2014 -0700
+++ b/src/share/classes/sun/jvmstat/monitor/event/MonitorStatusChangeEvent.java	Thu Jul 10 12:40:48 2014 -0700
@@ -27,6 +27,7 @@
 
 import java.util.List;
 import sun.jvmstat.monitor.MonitoredVm;
+import sun.jvmstat.monitor.Monitor;
 
 /**
  * Provides a description of a change in status of the instrumentation
@@ -42,13 +43,13 @@
      * List of instrumentation objects inserted since the last event.
      * Elements of this list will always be of type Monitor.
      */
-    protected List inserted;
+    protected List<Monitor> inserted;
 
     /**
      * List of instrumentation objects removed since the last event.
      * Elements of this list will always be of type Monitor.
      */
-    protected List removed;
+    protected List<Monitor> removed;
 
     /**
      * Construct a new MonitorStatusChangeEvent.
@@ -59,8 +60,8 @@
      * @param removed the list of instrumentation objects removed since
      *                the last event.
      */
-    public MonitorStatusChangeEvent(MonitoredVm vm, List inserted,
-                                    List removed) {
+    public MonitorStatusChangeEvent(MonitoredVm vm, List<Monitor> inserted,
+                                    List<Monitor> removed) {
         super(vm);
         this.inserted = inserted;
         this.removed = removed;
@@ -75,7 +76,7 @@
      *                new instrumentation was inserted, an emply List is
      *                returned.
      */
-    public List getInserted() {
+    public List<Monitor> getInserted() {
         return inserted;
     }
 
@@ -87,7 +88,7 @@
      *                instrumentation exported by the MonitoredHost. If no
      *                instrumentation was removed, an emply List is returned.
      */
-    public List getRemoved() {
+    public List<Monitor> getRemoved() {
         return removed;
     }
 }
--- a/src/share/classes/sun/jvmstat/monitor/event/VmStatusChangeEvent.java	Thu Jul 10 12:13:26 2014 -0700
+++ b/src/share/classes/sun/jvmstat/monitor/event/VmStatusChangeEvent.java	Thu Jul 10 12:40:48 2014 -0700
@@ -44,7 +44,7 @@
      * active Java Virtual Machine on the MonitoredHost. This Set will only
      * contain Integer objects.
      */
-    protected Set active;
+    protected Set<Integer> active;
 
     /**
      * The set of Java Virtual Machines started on MonitoredHost since the
@@ -52,7 +52,7 @@
      * <em>lvmid</em> for each Java Virtual Machine started on the
      * MonitoredHost. This Set will only contain Integer objects.
      */
-    protected Set started;
+    protected Set<Integer> started;
 
     /**
      * The set of Java Virtual Machines terminated on MonitoredHost since the
@@ -60,7 +60,7 @@
      * <em>lvmid</em> for each Java Virtual Machine started on the
      * MonitoredHost. This Set will only contain Integer objects.
      */
-    protected Set terminated;
+    protected Set<Integer> terminated;
 
     /**
      * Construct a new VmStatusChangeEvent instance.
@@ -72,8 +72,8 @@
      * @param terminated the set of Java Virtual Machines terminated since
      *                   the last event.
      */
-    public VmStatusChangeEvent(MonitoredHost host, Set active,
-                               Set started, Set terminated) {
+    public VmStatusChangeEvent(MonitoredHost host, Set<Integer> active,
+                               Set<Integer> started, Set<Integer> terminated) {
         super(host);
         this.active = active;
         this.started = started;
@@ -90,7 +90,7 @@
      *               there are no active Java Virtual Machines on the host,
      *               an empty Set is returned.
      */
-    public Set getActive() {
+    public Set<Integer> getActive() {
         return active;
     }
 
@@ -105,7 +105,7 @@
      *               no Java Virtual Machines were recently started on the
      *               host, an empty Set is returned.
      */
-    public Set getStarted() {
+    public Set<Integer> getStarted() {
         return started;
     }
 
@@ -120,7 +120,7 @@
      *               no Java Virtual Machines were recently terminated on the
      *               host, an empty Set is returned.
      */
-    public Set getTerminated() {
+    public Set<Integer> getTerminated() {
         return terminated;
     }
 }
--- a/src/share/classes/sun/jvmstat/perfdata/monitor/AbstractPerfDataBuffer.java	Thu Jul 10 12:13:26 2014 -0700
+++ b/src/share/classes/sun/jvmstat/perfdata/monitor/AbstractPerfDataBuffer.java	Thu Jul 10 12:40:48 2014 -0700
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2004, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2004, 2014, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -169,7 +169,7 @@
 
         try {
             Class<?> implClass = Class.forName(classname);
-            Constructor cons = implClass.getConstructor(new Class[] {
+            Constructor<?> cons = implClass.getConstructor(new Class<?>[] {
                     Class.forName("java.nio.ByteBuffer"),
                     Integer.TYPE
             });
--- a/src/share/classes/sun/jvmstat/perfdata/monitor/MonitorStatus.java	Thu Jul 10 12:13:26 2014 -0700
+++ b/src/share/classes/sun/jvmstat/perfdata/monitor/MonitorStatus.java	Thu Jul 10 12:40:48 2014 -0700
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2004, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2004, 2014, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -26,6 +26,7 @@
 package sun.jvmstat.perfdata.monitor;
 
 import java.util.List;
+import sun.jvmstat.monitor.Monitor;
 
 /**
  * Immutable class containing the list of inserted and deleted
@@ -39,12 +40,12 @@
     /**
      * The list of Monitors inserted since the last query.
      */
-    protected List inserted;
+    protected List<Monitor> inserted;
 
     /**
      * The list of Monitors removed since the last query.
      */
-    protected List removed;
+    protected List<Monitor> removed;
 
     /**
      * Create a MonitorStatus instance.
@@ -52,7 +53,7 @@
      * @param inserted the list of Monitors inserted
      * @param removed the list of Monitors removed
      */
-    public MonitorStatus(List inserted, List removed) {
+    public MonitorStatus(List<Monitor> inserted, List<Monitor> removed) {
         this.inserted = inserted;
         this.removed = removed;
     }
@@ -62,7 +63,7 @@
      *
      * @return List - the List of Monitor objects inserted or an empty List.
      */
-    public List getInserted() {
+    public List<Monitor> getInserted() {
         return inserted;
     }
 
@@ -71,7 +72,7 @@
      *
      * @return List - the List of Monitor objects removed or an empty List.
      */
-    public List getRemoved() {
+    public List<Monitor> getRemoved() {
         return removed;
     }
 }
--- a/src/share/classes/sun/jvmstat/perfdata/monitor/PerfDataBufferImpl.java	Thu Jul 10 12:13:26 2014 -0700
+++ b/src/share/classes/sun/jvmstat/perfdata/monitor/PerfDataBufferImpl.java	Thu Jul 10 12:40:48 2014 -0700
@@ -66,7 +66,7 @@
     /**
      * A cache of resolved monitor aliases.
      */
-    protected Map aliasCache;
+    protected Map<String, Monitor> aliasCache;
 
 
     /**
@@ -79,9 +79,9 @@
     protected PerfDataBufferImpl(ByteBuffer buffer, int lvmid) {
         this.buffer = buffer;
         this.lvmid = lvmid;
-        this.monitors = new TreeMap<String, Monitor>();
-        this.aliasMap = new HashMap<String, ArrayList<String>>();
-        this.aliasCache = new HashMap();
+        this.monitors = new TreeMap<>();
+        this.aliasMap = new HashMap<>();
+        this.aliasCache = new HashMap<>();
     }
 
     /**
@@ -200,12 +200,12 @@
     protected Monitor findByAlias(String name) {
         assert Thread.holdsLock(this);
 
-        Monitor  m = (Monitor)aliasCache.get(name);
+        Monitor  m = aliasCache.get(name);
         if (m == null) {
-            ArrayList al = aliasMap.get(name);
+            ArrayList<String> al = aliasMap.get(name);
             if (al != null) {
-                for (Iterator i = al.iterator(); i.hasNext() && m == null; ) {
-                    String alias = (String)i.next();
+                for (Iterator<String> i = al.iterator(); i.hasNext() && m == null; ) {
+                    String alias = i.next();
                     m = monitors.get(alias);
                 }
             }
@@ -287,21 +287,21 @@
 
         Pattern pattern = Pattern.compile(patternString);
         Matcher matcher = pattern.matcher("");
-        List<Monitor> matches = new ArrayList<Monitor>();
+        List<Monitor> matches = new ArrayList<>();
 
-        Set monitorSet = monitors.entrySet();
+        Set<Map.Entry<String,Monitor>> monitorSet = monitors.entrySet();
 
-        for (Iterator i = monitorSet.iterator(); i.hasNext(); /* empty */) {
-            Map.Entry me = (Map.Entry)i.next();
-            String name = (String)me.getKey();
-            Monitor m = (Monitor)me.getValue();
+        for (Iterator<Map.Entry<String, Monitor>> i = monitorSet.iterator(); i.hasNext(); /* empty */) {
+            Map.Entry<String, Monitor> me = i.next();
+            String name = me.getKey();
+            Monitor m = me.getValue();
 
             // apply pattern to monitor item name
             matcher.reset(name);
 
             // if the pattern matches, then add monitor to list
             if (matcher.lookingAt()) {
-                 matches.add((Monitor)me.getValue());
+                 matches.add(me.getValue());
             }
         }
         return matches;
--- a/src/share/classes/sun/jvmstat/perfdata/monitor/protocol/local/LocalMonitoredVm.java	Thu Jul 10 12:13:26 2014 -0700
+++ b/src/share/classes/sun/jvmstat/perfdata/monitor/protocol/local/LocalMonitoredVm.java	Thu Jul 10 12:40:48 2014 -0700
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2004, 2008, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2004, 2014, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -143,16 +143,17 @@
      * @param inserted List of Monitor objects inserted.
      * @param removed List of Monitor objects removed.
      */
-    void fireMonitorStatusChangedEvents(List inserted, List removed) {
+    @SuppressWarnings("unchecked") // Cast of result of clone
+    void fireMonitorStatusChangedEvents(List<Monitor> inserted, List<Monitor> removed) {
         MonitorStatusChangeEvent ev = null;
-        ArrayList registered = null;
+        ArrayList<VmListener> registered = null;
 
         synchronized (listeners) {
             registered = (ArrayList)listeners.clone();
         }
 
-        for (Iterator i = registered.iterator(); i.hasNext(); /* empty */) {
-            VmListener l = (VmListener)i.next();
+        for (Iterator<VmListener> i = registered.iterator(); i.hasNext(); /* empty */) {
+            VmListener l = i.next();
             // lazily create the event object;
             if (ev == null) {
                 ev = new MonitorStatusChangeEvent(this, inserted, removed);
@@ -190,8 +191,8 @@
             super.run();
             try {
                 MonitorStatus status = getMonitorStatus();
-                List inserted = status.getInserted();
-                List removed = status.getRemoved();
+                List<Monitor> inserted = status.getInserted();
+                List<Monitor> removed = status.getRemoved();
 
                 if (!inserted.isEmpty() || !removed.isEmpty()) {
                     fireMonitorStatusChangedEvents(inserted, removed);
--- a/src/share/classes/sun/jvmstat/perfdata/monitor/protocol/local/MonitoredHostProvider.java	Thu Jul 10 12:13:26 2014 -0700
+++ b/src/share/classes/sun/jvmstat/perfdata/monitor/protocol/local/MonitoredHostProvider.java	Thu Jul 10 12:40:48 2014 -0700
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2004, 2008, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2004, 2014, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -160,17 +160,18 @@
      * @param terminated a set of Integer objects containing the vmid of
      *                   terminated Vms since last interval.
      */
-    private void fireVmStatusChangedEvents(Set active, Set started,
-                                           Set terminated) {
-        ArrayList registered = null;
+    @SuppressWarnings("unchecked") // Cast of result of clone
+    private void fireVmStatusChangedEvents(Set<Integer> active, Set<Integer> started,
+                                           Set<Integer> terminated) {
+        ArrayList<HostListener> registered = null;
         VmStatusChangeEvent ev = null;
 
         synchronized(listeners) {
             registered = (ArrayList)listeners.clone();
         }
 
-        for (Iterator i = registered.iterator(); i.hasNext(); /* empty */) {
-            HostListener l = (HostListener)i.next();
+        for (Iterator<HostListener> i = registered.iterator(); i.hasNext(); /* empty */) {
+            HostListener l = i.next();
             if (ev == null) {
                 ev = new VmStatusChangeEvent(this, active, started, terminated);
             }
@@ -186,7 +187,7 @@
             super.run();
 
             // save the last set of active JVMs
-            Set lastActiveVms = activeVms;
+            Set<Integer> lastActiveVms = activeVms;
 
             // get the current set of active JVMs
             activeVms = (HashSet<Integer>)vmManager.activeVms();
@@ -194,20 +195,20 @@
             if (activeVms.isEmpty()) {
                 return;
             }
-            Set<Integer> startedVms = new HashSet<Integer>();
-            Set<Object> terminatedVms = new HashSet<Object>();
+            Set<Integer> startedVms = new HashSet<>();
+            Set<Integer> terminatedVms = new HashSet<>();
 
-            for (Iterator i = activeVms.iterator(); i.hasNext(); /* empty */) {
-                Integer vmid = (Integer)i.next();
+            for (Iterator<Integer> i = activeVms.iterator(); i.hasNext(); /* empty */) {
+                Integer vmid = i.next();
                 if (!lastActiveVms.contains(vmid)) {
                     // a new file has been detected, add to set
                     startedVms.add(vmid);
                 }
             }
 
-            for (Iterator i = lastActiveVms.iterator(); i.hasNext();
+            for (Iterator<Integer> i = lastActiveVms.iterator(); i.hasNext();
                     /* empty */) {
-                Object o = i.next();
+                Integer o = i.next();
                 if (!activeVms.contains(o)) {
                     // JVM has terminated, remove it from the active list
                     terminatedVms.add(o);
--- a/src/share/classes/sun/jvmstat/perfdata/monitor/protocol/rmi/MonitoredHostProvider.java	Thu Jul 10 12:13:26 2014 -0700
+++ b/src/share/classes/sun/jvmstat/perfdata/monitor/protocol/rmi/MonitoredHostProvider.java	Thu Jul 10 12:40:48 2014 -0700
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2004, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2004, 2014, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -246,17 +246,18 @@
      *                   Vm Identifiers of terminated JVMs since last
      *                   interval.
      */
-    private void fireVmStatusChangedEvents(Set active, Set started,
-                                           Set terminated) {
-        ArrayList registered = null;
+    @SuppressWarnings("unchecked") // Cast of result of clone
+    private void fireVmStatusChangedEvents(Set<Integer> active, Set<Integer> started,
+                                           Set<Integer> terminated) {
+        ArrayList<HostListener> registered = null;
         VmStatusChangeEvent ev = null;
 
         synchronized(listeners) {
             registered = (ArrayList)listeners.clone();
         }
 
-        for (Iterator i = registered.iterator(); i.hasNext(); /* empty */) {
-            HostListener l = (HostListener)i.next();
+        for (Iterator<HostListener> i = registered.iterator(); i.hasNext(); /* empty */) {
+            HostListener l = i.next();
             if (ev == null) {
                 ev = new VmStatusChangeEvent(this, active, started, terminated);
             }
@@ -267,16 +268,17 @@
     /**
      * Fire hostDisconnectEvent events.
      */
+    @SuppressWarnings("unchecked") // Cast of result of clone
     void fireDisconnectedEvents() {
-        ArrayList registered = null;
+        ArrayList<HostListener> registered = null;
         HostEvent ev = null;
 
         synchronized(listeners) {
             registered = (ArrayList)listeners.clone();
         }
 
-        for (Iterator i = registered.iterator(); i.hasNext(); /* empty */) {
-            HostListener l = (HostListener)i.next();
+        for (Iterator<HostListener> i = registered.iterator(); i.hasNext(); /* empty */) {
+            HostListener l = i.next();
             if (ev == null) {
                 ev = new HostEvent(this);
             }
@@ -292,7 +294,7 @@
             super.run();
 
             // save the last set of active JVMs
-            Set lastActiveVms = activeVms;
+            Set<Integer> lastActiveVms = activeVms;
 
             try {
                 // get the current set of active JVMs
@@ -313,20 +315,20 @@
                 return;
             }
 
-            Set<Integer> startedVms = new HashSet<Integer>();
-            Set<Object> terminatedVms = new HashSet<Object>();
+            Set<Integer> startedVms = new HashSet<>();
+            Set<Integer> terminatedVms = new HashSet<>();
 
-            for (Iterator i = activeVms.iterator(); i.hasNext(); /* empty */ ) {
-                Integer vmid = (Integer)i.next();
+            for (Iterator<Integer> i = activeVms.iterator(); i.hasNext(); /* empty */ ) {
+                Integer vmid = i.next();
                 if (!lastActiveVms.contains(vmid)) {
                     // a new file has been detected, add to set
                     startedVms.add(vmid);
                 }
             }
 
-            for (Iterator i = lastActiveVms.iterator(); i.hasNext();
+            for (Iterator<Integer> i = lastActiveVms.iterator(); i.hasNext();
                     /* empty */ ) {
-                Object o = i.next();
+                Integer o = i.next();
                 if (!activeVms.contains(o)) {
                     // JVM has terminated, remove it from the active list
                     terminatedVms.add(o);
--- a/src/share/classes/sun/jvmstat/perfdata/monitor/protocol/rmi/RemoteMonitoredVm.java	Thu Jul 10 12:13:26 2014 -0700
+++ b/src/share/classes/sun/jvmstat/perfdata/monitor/protocol/rmi/RemoteMonitoredVm.java	Thu Jul 10 12:40:48 2014 -0700
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2004, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2004, 2014, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -198,16 +198,17 @@
      * @param inserted List of Monitor objects inserted.
      * @param removed List of Monitor objects removed.
      */
-    void fireMonitorStatusChangedEvents(List inserted, List removed) {
-        ArrayList registered = null;
+    @SuppressWarnings("unchecked") // Cast of result of clone
+    void fireMonitorStatusChangedEvents(List<Monitor> inserted, List<Monitor> removed) {
+        ArrayList<VmListener> registered = null;
         MonitorStatusChangeEvent ev = null;
 
         synchronized(listeners) {
             registered = (ArrayList)listeners.clone();
         }
 
-        for (Iterator i = registered.iterator(); i.hasNext(); /* empty */) {
-            VmListener l = (VmListener)i.next();
+        for (Iterator<VmListener> i = registered.iterator(); i.hasNext(); /* empty */) {
+            VmListener l = i.next();
             if (ev == null) {
                 ev = new MonitorStatusChangeEvent(this, inserted, removed);
             }
@@ -218,16 +219,17 @@
     /**
      * Fire MonitoredVmStructureChanged events.
      */
+    @SuppressWarnings("unchecked") // Cast of result of clone
     void fireMonitorsUpdatedEvents() {
-        ArrayList registered = null;
+        ArrayList<VmListener> registered = null;
         VmEvent ev = null;
 
         synchronized(listeners) {
             registered = (ArrayList)listeners.clone();
         }
 
-        for (Iterator i = registered.iterator(); i.hasNext(); /* empty */) {
-            VmListener l = (VmListener)i.next();
+        for (Iterator<VmListener> i = registered.iterator(); i.hasNext(); /* empty */) {
+            VmListener l = i.next();
             if (ev == null) {
                 ev = new VmEvent(this);
             }
@@ -256,8 +258,8 @@
             try {
                 MonitorStatus status = getMonitorStatus();
 
-                List inserted = status.getInserted();
-                List removed = status.getRemoved();
+                List<Monitor> inserted = status.getInserted();
+                List<Monitor> removed = status.getRemoved();
 
                 if (!inserted.isEmpty() || !removed.isEmpty()) {
                     fireMonitorStatusChangedEvents(inserted, removed);
--- a/src/share/classes/sun/jvmstat/perfdata/monitor/v1_0/PerfDataBuffer.java	Thu Jul 10 12:13:26 2014 -0700
+++ b/src/share/classes/sun/jvmstat/perfdata/monitor/v1_0/PerfDataBuffer.java	Thu Jul 10 12:40:48 2014 -0700
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2004, 2010, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2004, 2014, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -47,7 +47,7 @@
     private static final boolean DEBUG = false;
     private static final int syncWaitMs =
             Integer.getInteger("sun.jvmstat.perdata.syncWaitMs", 5000);
-    private static final ArrayList EMPTY_LIST = new ArrayList(0);
+    private static final ArrayList<Monitor> EMPTY_LIST = new ArrayList<Monitor>(0);
 
     /*
      * the following constants must be kept in sync with struct
@@ -190,8 +190,8 @@
         getNewMonitors(map);
 
         // current implementation doesn't support deletion or reuse of entries
-        ArrayList removed = EMPTY_LIST;
-        ArrayList inserted = insertedMonitors;
+        ArrayList<Monitor> removed = EMPTY_LIST;
+        ArrayList<Monitor> inserted = insertedMonitors;
 
         insertedMonitors = new ArrayList<Monitor>();
         return new MonitorStatus(inserted, removed);
@@ -618,14 +618,14 @@
     /**
      * Method to dump debugging information
      */
-    private void dumpAll(Map map, int lvmid) {
+    private void dumpAll(Map<String, Monitor> map, int lvmid) {
         if (DEBUG) {
-            Set keys = map.keySet();
+            Set<String> keys = map.keySet();
 
             System.err.println("Dump for " + lvmid);
             int j = 0;
-            for (Iterator i = keys.iterator(); i.hasNext(); j++) {
-                Monitor monitor = (Monitor)map.get(i.next());
+            for (Iterator<String> i = keys.iterator(); i.hasNext(); j++) {
+                Monitor monitor = map.get(i.next());
                 System.err.println(j + "\t" + monitor.getName()
                                    + "=" + monitor.getValue());
             }
--- a/src/share/classes/sun/jvmstat/perfdata/monitor/v2_0/PerfDataBuffer.java	Thu Jul 10 12:13:26 2014 -0700
+++ b/src/share/classes/sun/jvmstat/perfdata/monitor/v2_0/PerfDataBuffer.java	Thu Jul 10 12:40:48 2014 -0700
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2004, 2010, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2004, 2014, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -65,7 +65,7 @@
     private static final boolean DEBUG = false;
     private static final int syncWaitMs =
             Integer.getInteger("sun.jvmstat.perdata.syncWaitMs", 5000);
-    private static final ArrayList EMPTY_LIST = new ArrayList(0);
+    private static final ArrayList<Monitor> EMPTY_LIST = new ArrayList<>(0);
 
     /*
      * These are primarily for documentary purposes and the match up
@@ -198,10 +198,10 @@
         getNewMonitors(map);
 
         // current implementation doesn't support deletion of reuse of entries
-        ArrayList removed = EMPTY_LIST;
-        ArrayList inserted = insertedMonitors;
+        ArrayList<Monitor> removed = EMPTY_LIST;
+        ArrayList<Monitor> inserted = insertedMonitors;
 
-        insertedMonitors = new ArrayList<Monitor>();
+        insertedMonitors = new ArrayList<>();
         return new MonitorStatus(inserted, removed);
     }
 
@@ -524,7 +524,7 @@
 
             System.err.println("Dump for " + lvmid);
             int j = 0;
-            for (Iterator i = keys.iterator(); i.hasNext(); j++) {
+            for (Iterator<String> i = keys.iterator(); i.hasNext(); j++) {
                 Monitor monitor = map.get(i.next());
                 System.err.println(j + "\t" + monitor.getName()
                                    + "=" + monitor.getValue());
--- a/src/share/classes/sun/management/DiagnosticCommandImpl.java	Thu Jul 10 12:13:26 2014 -0700
+++ b/src/share/classes/sun/management/DiagnosticCommandImpl.java	Thu Jul 10 12:40:48 2014 -0700
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2013, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2013, 2014, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -84,10 +84,10 @@
             Exception cause = null;
             if (info.getPermissionClass() != null) {
                 try {
-                    Class c = Class.forName(info.getPermissionClass());
+                    Class<?> c = Class.forName(info.getPermissionClass());
                     if (info.getPermissionAction() == null) {
                         try {
-                            Constructor constructor = c.getConstructor(String.class);
+                            Constructor<?> constructor = c.getConstructor(String.class);
                             permission = (Permission) constructor.newInstance(info.getPermissionName());
 
                         } catch (InstantiationException | IllegalAccessException
@@ -98,7 +98,7 @@
                     }
                     if (permission == null) {
                         try {
-                            Constructor constructor = c.getConstructor(String.class, String.class);
+                            Constructor<?> constructor = c.getConstructor(String.class, String.class);
                             permission = (Permission) constructor.newInstance(
                                     info.getPermissionName(),
                                     info.getPermissionAction());
@@ -158,7 +158,7 @@
         SortedSet<MBeanOperationInfo> operations = new TreeSet<>(new OperationInfoComparator());
         Map<String, Wrapper> wrappersmap;
         if (!isSupported) {
-            wrappersmap = (Map<String, Wrapper>) Collections.EMPTY_MAP;
+            wrappersmap = Collections.emptyMap();
         } else {
             try {
                 String[] command = getDiagnosticCommands();
@@ -189,7 +189,7 @@
                     }
                 }
             } catch (IllegalArgumentException | UnsupportedOperationException e) {
-                wrappersmap = (Map<String, Wrapper>) Collections.EMPTY_MAP;
+                wrappersmap = Collections.emptyMap();
             }
         }
         wrappers =  Collections.unmodifiableMap(wrappersmap);
--- a/src/share/classes/sun/management/GarbageCollectionNotifInfoCompositeData.java	Thu Jul 10 12:13:26 2014 -0700
+++ b/src/share/classes/sun/management/GarbageCollectionNotifInfoCompositeData.java	Thu Jul 10 12:40:48 2014 -0700
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2011, 2012, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2011, 2014, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -65,7 +65,7 @@
         final GcInfoBuilder builder = AccessController.doPrivileged (new PrivilegedAction<GcInfoBuilder>() {
                 public GcInfoBuilder run() {
                     try {
-                        Class cl = Class.forName("com.sun.management.GcInfo");
+                        Class<?> cl = Class.forName("com.sun.management.GcInfo");
                         Field f = cl.getDeclaredField("builder");
                         f.setAccessible(true);
                         return (GcInfoBuilder)f.get(gcNotifInfo.getGcInfo());
--- a/src/share/classes/sun/management/GcInfoBuilder.java	Thu Jul 10 12:13:26 2014 -0700
+++ b/src/share/classes/sun/management/GcInfoBuilder.java	Thu Jul 10 12:40:48 2014 -0700
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2003, 2012, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2003, 2014, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -98,7 +98,7 @@
 
         // First, fill with the attributes in the GcInfo
         String[] gcInfoItemNames = GcInfoCompositeData.getBaseGcInfoItemNames();
-        OpenType[] gcInfoItemTypes = GcInfoCompositeData.getBaseGcInfoItemTypes();
+        OpenType<?>[] gcInfoItemTypes = GcInfoCompositeData.getBaseGcInfoItemTypes();
         int numGcInfoItems = gcInfoItemNames.length;
 
         int itemCount = numGcInfoItems + gcExtItemCount;
--- a/src/share/classes/sun/management/GcInfoCompositeData.java	Thu Jul 10 12:13:26 2014 -0700
+++ b/src/share/classes/sun/management/GcInfoCompositeData.java	Thu Jul 10 12:40:48 2014 -0700
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2004, 2012, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2004, 2014, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -72,7 +72,7 @@
         final GcInfoBuilder builder = AccessController.doPrivileged (new PrivilegedAction<GcInfoBuilder>() {
                         public GcInfoBuilder run() {
                             try {
-                                Class cl = Class.forName("com.sun.management.GcInfo");
+                                Class<?> cl = Class.forName("com.sun.management.GcInfo");
                                 Field f = cl.getDeclaredField("builder");
                                 f.setAccessible(true);
                                 return (GcInfoBuilder)f.get(info);
@@ -84,7 +84,7 @@
         final Object[] extAttr = AccessController.doPrivileged (new PrivilegedAction<Object[]>() {
                         public Object[] run() {
                             try {
-                                Class cl = Class.forName("com.sun.management.GcInfo");
+                                Class<?> cl = Class.forName("com.sun.management.GcInfo");
                                 Field f = cl.getDeclaredField("extAttributes");
                                 f.setAccessible(true);
                                 return (Object[])f.get(info);
@@ -182,8 +182,8 @@
         return baseGcInfoItemNames;
     }
 
-    private static OpenType[] baseGcInfoItemTypes = null;
-    static synchronized OpenType[] getBaseGcInfoItemTypes() {
+    private static OpenType<?>[] baseGcInfoItemTypes = null;
+    static synchronized OpenType<?>[] getBaseGcInfoItemTypes() {
         if (baseGcInfoItemTypes == null) {
             OpenType<?> memoryUsageOpenType = memoryUsageMapType.getOpenType();
             baseGcInfoItemTypes = new OpenType<?>[] {
--- a/src/share/classes/sun/management/MappedMXBeanType.java	Thu Jul 10 12:13:26 2014 -0700
+++ b/src/share/classes/sun/management/MappedMXBeanType.java	Thu Jul 10 12:40:48 2014 -0700
@@ -227,6 +227,7 @@
     //   Enum <-> enum's name
     //
     static class EnumMXBeanType extends MappedMXBeanType {
+        @SuppressWarnings("rawtypes")
         final Class enumClass;
         EnumMXBeanType(Class<?> c) {
             this.enumClass = c;
@@ -754,7 +755,7 @@
         }
     }
 
-    private static class InProgress extends OpenType {
+    private static class InProgress<T> extends OpenType<T> {
         private static final String description =
                   "Marker to detect recursive type use -- internal use only!";
 
@@ -783,7 +784,7 @@
     static {
         OpenType<?> t;
         try {
-            t = new InProgress();
+            t = new InProgress<>();
         } catch (OpenDataException e) {
             // Should not reach here
             throw new AssertionError(e);
@@ -791,7 +792,7 @@
         inProgress = t;
     }
 
-    private static final OpenType[] simpleTypes = {
+    private static final OpenType<?>[] simpleTypes = {
         BIGDECIMAL, BIGINTEGER, BOOLEAN, BYTE, CHARACTER, DATE,
         DOUBLE, FLOAT, INTEGER, LONG, OBJECTNAME, SHORT, STRING,
         VOID,
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/src/share/classes/sun/misc/JavaAWTFontAccess.java	Thu Jul 10 12:40:48 2014 -0700
@@ -0,0 +1,39 @@
+/*
+ * Copyright (c) 2014, Oracle and/or its affiliates. All rights reserved.
+ * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
+ *
+ * This code is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License version 2 only, as
+ * published by the Free Software Foundation.  Oracle designates this
+ * particular file as subject to the "Classpath" exception as provided
+ * by Oracle in the LICENSE file that accompanied this code.
+ *
+ * This code is distributed in the hope that it will be useful, but WITHOUT
+ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
+ * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
+ * version 2 for more details (a copy is included in the LICENSE file that
+ * accompanied this code).
+ *
+ * You should have received a copy of the GNU General Public License version
+ * 2 along with this work; if not, write to the Free Software Foundation,
+ * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+ *
+ * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
+ * or visit www.oracle.com if you need additional information or have any
+ * questions.
+ */
+
+/**
+ * SharedSecrets interface used for the access from java.text.Bidi
+ */
+
+package sun.misc;
+
+public interface JavaAWTFontAccess {
+
+    // java.awt.font.TextAttribute constants
+    public Object getTextAttributeConstant(String name);
+
+    // java.awt.font.NumericShaper
+    public void shape(Object shaper, char[] text, int start, int count);
+}
--- a/src/share/classes/sun/misc/SharedSecrets.java	Thu Jul 10 12:13:26 2014 -0700
+++ b/src/share/classes/sun/misc/SharedSecrets.java	Thu Jul 10 12:40:48 2014 -0700
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2002, 2013, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2002, 2014, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -55,6 +55,7 @@
     private static JavaSecurityAccess javaSecurityAccess;
     private static JavaUtilZipFileAccess javaUtilZipFileAccess;
     private static JavaAWTAccess javaAWTAccess;
+    private static JavaAWTFontAccess javaAWTFontAccess;
     private static JavaBeansIntrospectorAccess javaBeansIntrospectorAccess;
 
     public static JavaUtilJarAccess javaUtilJarAccess() {
@@ -180,12 +181,19 @@
     public static JavaAWTAccess getJavaAWTAccess() {
         // this may return null in which case calling code needs to
         // provision for.
-        if (javaAWTAccess == null) {
-            return null;
-        }
         return javaAWTAccess;
     }
 
+    public static void setJavaAWTFontAccess(JavaAWTFontAccess jafa) {
+        javaAWTFontAccess = jafa;
+    }
+
+    public static JavaAWTFontAccess getJavaAWTFontAccess() {
+        // this may return null in which case calling code needs to
+        // provision for.
+        return javaAWTFontAccess;
+    }
+
     public static JavaBeansIntrospectorAccess getJavaBeansIntrospectorAccess() {
         return javaBeansIntrospectorAccess;
     }
--- a/src/share/classes/sun/security/pkcs12/PKCS12KeyStore.java	Thu Jul 10 12:13:26 2014 -0700
+++ b/src/share/classes/sun/security/pkcs12/PKCS12KeyStore.java	Thu Jul 10 12:40:48 2014 -0700
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 1999, 2013, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 1999, 2014, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -900,7 +900,7 @@
     private static ObjectIdentifier mapPBEAlgorithmToOID(String algorithm)
         throws NoSuchAlgorithmException {
         // Check for PBES2 algorithms
-        if (algorithm.toLowerCase().startsWith("pbewithhmacsha")) {
+        if (algorithm.toLowerCase(Locale.ENGLISH).startsWith("pbewithhmacsha")) {
             return pbes2_OID;
         }
         return AlgorithmId.get(algorithm).getOID();
--- a/src/share/classes/sun/security/provider/ConfigFile.java	Thu Jul 10 12:13:26 2014 -0700
+++ b/src/share/classes/sun/security/provider/ConfigFile.java	Thu Jul 10 12:40:48 2014 -0700
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2000, 2013, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2000, 2014, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -451,7 +451,7 @@
 
                 // controlFlag (required, optional, etc)
                 LoginModuleControlFlag controlFlag;
-                String sflag = match("controlFlag").toUpperCase();
+                String sflag = match("controlFlag").toUpperCase(Locale.ENGLISH);
                 switch (sflag) {
                     case "REQUIRED":
                         controlFlag = LoginModuleControlFlag.REQUIRED;
--- a/src/share/classes/sun/security/provider/PolicyParser.java	Thu Jul 10 12:13:26 2014 -0700
+++ b/src/share/classes/sun/security/provider/PolicyParser.java	Thu Jul 10 12:40:48 2014 -0700
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 1997, 2013, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 1997, 2014, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -707,7 +707,7 @@
             } catch (PropertyExpander.ExpandException peee) {
                 throw new IOException(peee.getLocalizedMessage());
             }
-            properties.put(key.toLowerCase(), value);
+            properties.put(key.toLowerCase(Locale.ENGLISH), value);
         }
 
         return properties;
--- a/src/share/classes/sun/security/tools/keytool/Main.java	Thu Jul 10 12:13:26 2014 -0700
+++ b/src/share/classes/sun/security/tools/keytool/Main.java	Thu Jul 10 12:40:48 2014 -0700
@@ -1540,7 +1540,7 @@
         boolean useDefaultPBEAlgorithm = true;
         SecretKey secKey = null;
 
-        if (keyAlgName.toUpperCase().startsWith("PBE")) {
+        if (keyAlgName.toUpperCase(Locale.ENGLISH).startsWith("PBE")) {
             SecretKeyFactory factory = SecretKeyFactory.getInstance("PBE");
 
             // User is prompted for PBE credential
--- a/src/share/classes/sun/text/bidi/BidiBase.java	Thu Jul 10 12:13:26 2014 -0700
+++ b/src/share/classes/sun/text/bidi/BidiBase.java	Thu Jul 10 12:40:48 2014 -0700
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2009, 2012, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2009, 2014, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -54,13 +54,12 @@
 
 import java.io.IOException;
 import java.lang.reflect.Array;
-import java.lang.reflect.Field;
-import java.lang.reflect.Method;
-import java.lang.reflect.InvocationTargetException;
 import java.text.AttributedCharacterIterator;
 import java.text.Bidi;
 import java.util.Arrays;
 import java.util.MissingResourceException;
+import sun.misc.JavaAWTFontAccess;
+import sun.misc.SharedSecrets;
 import sun.text.normalizer.UBiDiProps;
 import sun.text.normalizer.UCharacter;
 import sun.text.normalizer.UTF16;
@@ -3446,7 +3445,13 @@
      * java.awt.font.TextAttribute without creating a static dependency.
      */
     private static class TextAttributeConstants {
-        private static final Class<?> clazz = getClass("java.awt.font.TextAttribute");
+        // Make sure to load the AWT's TextAttribute class before using the constants, if any.
+        static {
+            try {
+                Class.forName("java.awt.font.TextAttribute", true, null);
+            } catch (ClassNotFoundException e) {}
+        }
+        static final JavaAWTFontAccess jafa = SharedSecrets.getJavaAWTFontAccess();
 
         /**
          * TextAttribute instances (or a fake Attribute type if
@@ -3462,88 +3467,41 @@
         /**
          * TextAttribute.RUN_DIRECTION_LTR
          */
-        static final Boolean RUN_DIRECTION_LTR = (clazz == null) ?
-            Boolean.FALSE : (Boolean)getStaticField(clazz, "RUN_DIRECTION_LTR");
-
-
-        private static Class<?> getClass(String name) {
-            try {
-                return Class.forName(name, true, null);
-            } catch (ClassNotFoundException e) {
-                return null;
-            }
-        }
-
-        private static Object getStaticField(Class<?> clazz, String name) {
-            try {
-                Field f = clazz.getField(name);
-                return f.get(null);
-            } catch (NoSuchFieldException | IllegalAccessException x) {
-                throw new AssertionError(x);
-            }
-        }
+        static final Boolean RUN_DIRECTION_LTR = (jafa == null) ?
+            Boolean.FALSE : (Boolean)jafa.getTextAttributeConstant("RUN_DIRECTION_LTR");
 
         @SuppressWarnings("serial")
         private static AttributedCharacterIterator.Attribute
             getTextAttribute(String name)
         {
-            if (clazz == null) {
+            if (jafa == null) {
                 // fake attribute
                 return new AttributedCharacterIterator.Attribute(name) { };
             } else {
-                return (AttributedCharacterIterator.Attribute)getStaticField(clazz, name);
+                return (AttributedCharacterIterator.Attribute)jafa.getTextAttributeConstant(name);
             }
         }
     }
 
     /**
-     * A class that provides access to java.awt.font.NumericShaping without
+     * A class that provides access to java.awt.font.NumericShaper without
      * creating a static dependency.
      */
     private static class NumericShapings {
-        private static final Class<?> clazz =
-            getClass("java.awt.font.NumericShaper");
-        private static final Method shapeMethod =
-            getMethod(clazz, "shape", char[].class, int.class, int.class);
-
-        private static Class<?> getClass(String name) {
+        // Make sure to load the AWT's NumericShaper class before calling shape, if any.
+        static {
             try {
-                return Class.forName(name, true, null);
-            } catch (ClassNotFoundException e) {
-                return null;
-            }
+                Class.forName("java.awt.font.NumericShaper", true, null);
+            } catch (ClassNotFoundException e) {}
         }
-
-        private static Method getMethod(Class<?> clazz,
-                                        String name,
-                                        Class<?>... paramTypes)
-        {
-            if (clazz != null) {
-                try {
-                    return clazz.getMethod(name, paramTypes);
-                } catch (NoSuchMethodException e) {
-                    throw new AssertionError(e);
-                }
-            } else {
-                return null;
-            }
-        }
+        static final JavaAWTFontAccess jafa = SharedSecrets.getJavaAWTFontAccess();
 
         /**
          * Invokes NumericShaping shape(text,start,count) method.
          */
         static void shape(Object shaper, char[] text, int start, int count) {
-            if (shapeMethod == null)
-                throw new AssertionError("Should not get here");
-            try {
-                shapeMethod.invoke(shaper, text, start, count);
-            } catch (InvocationTargetException e) {
-                Throwable cause = e.getCause();
-                if (cause instanceof RuntimeException)
-                    throw (RuntimeException)cause;
-                throw new AssertionError(e);
-            } catch (IllegalAccessException iae) {
-                throw new AssertionError(iae);
+            if (jafa != null) {
+                jafa.shape(shaper, text, start, count);
             }
         }
     }
--- a/src/share/javavm/export/jvm.h	Thu Jul 10 12:13:26 2014 -0700
+++ b/src/share/javavm/export/jvm.h	Thu Jul 10 12:40:48 2014 -0700
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 1997, 2013, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 1997, 2014, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -426,9 +426,6 @@
 JNIEXPORT jobjectArray JNICALL
 JVM_GetClassInterfaces(JNIEnv *env, jclass cls);
 
-JNIEXPORT jobject JNICALL
-JVM_GetClassLoader(JNIEnv *env, jclass cls);
-
 JNIEXPORT jboolean JNICALL
 JVM_IsInterface(JNIEnv *env, jclass cls);
 
--- a/src/share/lib/security/BlacklistedCertsConverter.java	Thu Jul 10 12:13:26 2014 -0700
+++ /dev/null	Thu Jan 01 00:00:00 1970 +0000
@@ -1,89 +0,0 @@
-/*
- * Copyright (c) 2013, Oracle and/or its affiliates. All rights reserved.
- * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
- *
- * This code is free software; you can redistribute it and/or modify it
- * under the terms of the GNU General Public License version 2 only, as
- * published by the Free Software Foundation.
- *
- * This code is distributed in the hope that it will be useful, but WITHOUT
- * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
- * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
- * version 2 for more details (a copy is included in the LICENSE file that
- * accompanied this code).
- *
- * You should have received a copy of the GNU General Public License version
- * 2 along with this work; if not, write to the Free Software Foundation,
- * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
- *
- * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
- * or visit www.oracle.com if you need additional information or have any
- * questions.
- */
-
-import java.security.MessageDigest;
-import java.security.NoSuchAlgorithmException;
-import java.security.cert.Certificate;
-import java.security.cert.CertificateEncodingException;
-import java.security.cert.CertificateFactory;
-import java.security.cert.X509Certificate;
-import java.util.Collection;
-
-/**
- * This is the tool to convert blacklisted.certs.pem to blacklisted.certs.
- * Every time a new blacklisted certs is added, please append the PEM format
- * to the end of blacklisted.certs.pem (with proper comments) and then use
- * this tool to generate an updated blacklisted.certs. Make sure to include
- * changes to both in a changeset.
- */
-public class BlacklistedCertsConverter {
-    public static void main(String[] args) throws Exception {
-        if (args.length == 0) {
-            System.out.println("Usage: java BlacklistedCertsConverter SHA-256" +
-                    " < blacklisted.certs.pem > blacklisted.certs");
-            System.exit(1);
-        }
-        String mdAlg = args[0];
-        CertificateFactory cf = CertificateFactory.getInstance("X.509");
-        Collection<? extends Certificate> certs
-                = cf.generateCertificates(System.in);
-        System.out.println("Algorithm=" + mdAlg);
-        for (Certificate cert: certs) {
-            System.out.println(
-                    getCertificateFingerPrint(mdAlg, (X509Certificate)cert));
-        }
-    }
-
-    /**
-     * Converts a byte to hex digit and writes to the supplied buffer
-     */
-    private static void byte2hex(byte b, StringBuffer buf) {
-        char[] hexChars = { '0', '1', '2', '3', '4', '5', '6', '7', '8',
-                '9', 'A', 'B', 'C', 'D', 'E', 'F' };
-        int high = ((b & 0xf0) >> 4);
-        int low = (b & 0x0f);
-        buf.append(hexChars[high]);
-        buf.append(hexChars[low]);
-    }
-
-    /**
-     * Gets the requested finger print of the certificate.
-     */
-    private static String getCertificateFingerPrint(String mdAlg,
-                                                    X509Certificate cert) {
-        String fingerPrint = "";
-        try {
-            byte[] encCertInfo = cert.getEncoded();
-            MessageDigest md = MessageDigest.getInstance(mdAlg);
-            byte[] digest = md.digest(encCertInfo);
-            StringBuffer buf = new StringBuffer();
-            for (int i = 0; i < digest.length; i++) {
-                byte2hex(digest[i], buf);
-            }
-            fingerPrint = buf.toString();
-        } catch (NoSuchAlgorithmException | CertificateEncodingException e) {
-            // ignored
-        }
-        return fingerPrint;
-    }
-}
--- a/src/share/lib/security/blacklisted.certs	Thu Jul 10 12:13:26 2014 -0700
+++ /dev/null	Thu Jan 01 00:00:00 1970 +0000
@@ -1,19 +0,0 @@
-Algorithm=SHA-256
-76A45A496031E4DD2D7ED23E8F6FF97DBDEA980BAAC8B0BA94D7EDB551348645
-4CBBF8256BC9888A8007B2F386940A2E394378B0D903CBB3863C5A6394B889CE
-D24566BF315F4E597D6E381C87119FB4198F5E9E2607F5F4AB362EF7E2E7672F
-14E6D2764A4B06701C6CBC376A253775F79C782FBCB6C0EE6F99DE4BA1024ADD
-D3A936E1A7775A45217C8296A1F22AC5631DCDEC45594099E78EEEBBEDCBA967
-5E83124D68D24E8E177E306DF643D5EA99C5A94D6FC34B072F7544A1CABB7C7B
-9ED8F9B0E8E42A1656B8E1DD18F42BA42DC06FE52686173BA2FC70E756F207DC
-FDEDB5BDFCB67411513A61AEE5CB5B5D7C52AF06028EFC996CC1B05B1D6CEA2B
-A686FEE577C88AB664D0787ECDFFF035F4806F3DE418DC9E4D516324FFF02083
-4FEE0163686ECBD65DB968E7494F55D84B25486D438E9DE558D629D28CD4D176
-8A1BD21661C60015065212CC98B1ABB50DFD14C872A208E66BAE890F25C448AF
-B8686723E415534BC0DBD16326F9486F85B0B0799BF6639334E61DAAE67F36CD
-3946901F46B0071E90D78279E82FABABCA177231A704BE72C5B0E8918566EA66
-31C8FD37DB9B56E708B03D1F01848B068C6DA66F36FB5D82C008C6040FA3E133
-450F1B421BB05C8609854884559C323319619E8B06B001EA2DCBB74A23AA3BE2
-FC02FD48DB92D4DCE6F11679D38354CF750CFC7F584A520EB90BDE80E241F2BD
-DF21016B00FC54F9FE3BC8B039911BB216E9162FAD2FD14D990AB96E951B49BE
-F5B6F88F75D391A4B1EB336F9E201239FB6B1377DB8CFA7B84736216E5AFFFD7
--- a/src/share/lib/security/blacklisted.certs.pem	Thu Jul 10 12:13:26 2014 -0700
+++ /dev/null	Thu Jan 01 00:00:00 1970 +0000
@@ -1,721 +0,0 @@
-// Subject: CN=Digisign Server ID (Enrich),
-//          OU=457608-K,
-//          O=Digicert Sdn. Bhd.,
-//          C=MY
-// Issuer:  CN=GTE CyberTrust Global Root,
-//          OU=GTE CyberTrust Solutions, Inc.,
-//          O=GTE Corporation,
-//          C=US
-// Serial:  120001705 (07:27:14:a9)
------BEGIN CERTIFICATE-----
-MIIDyzCCAzSgAwIBAgIEBycUqTANBgkqhkiG9w0BAQUFADB1MQswCQYDVQQGEwJV
-UzEYMBYGA1UEChMPR1RFIENvcnBvcmF0aW9uMScwJQYDVQQLEx5HVEUgQ3liZXJU
-cnVzdCBTb2x1dGlvbnMsIEluYy4xIzAhBgNVBAMTGkdURSBDeWJlclRydXN0IEds
-b2JhbCBSb290MB4XDTA3MDcxNzE1MTc0OFoXDTEyMDcxNzE1MTY1NFowYzELMAkG
-A1UEBhMCTVkxGzAZBgNVBAoTEkRpZ2ljZXJ0IFNkbi4gQmhkLjERMA8GA1UECxMI
-NDU3NjA4LUsxJDAiBgNVBAMTG0RpZ2lzaWduIFNlcnZlciBJRCAoRW5yaWNoKTCB
-nzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEArahkS02Hx4RZufuQRqCmicDx/tXa
-VII3DZkrRSYK6Fawf8qo9I5HhAGCKeOzarWR8/uVhbxyqGToCkCcxfRxrnt7agfq
-kBRPjYmvlKuyBtQCanuYH1m5Os1U+iDfsioK6bjdaZDAKdNO0JftZszFGUkGf/pe
-LHx7hRsyQt97lSUCAwEAAaOCAXgwggF0MBIGA1UdEwEB/wQIMAYBAf8CAQAwXAYD
-VR0gBFUwUzBIBgkrBgEEAbE+AQAwOzA5BggrBgEFBQcCARYtaHR0cDovL2N5YmVy
-dHJ1c3Qub21uaXJvb3QuY29tL3JlcG9zaXRvcnkuY2ZtMAcGBWCDSgEBMA4GA1Ud
-DwEB/wQEAwIB5jCBiQYDVR0jBIGBMH+heaR3MHUxCzAJBgNVBAYTAlVTMRgwFgYD
-VQQKEw9HVEUgQ29ycG9yYXRpb24xJzAlBgNVBAsTHkdURSBDeWJlclRydXN0IFNv
-bHV0aW9ucywgSW5jLjEjMCEGA1UEAxMaR1RFIEN5YmVyVHJ1c3QgR2xvYmFsIFJv
-b3SCAgGlMEUGA1UdHwQ+MDwwOqA4oDaGNGh0dHA6Ly93d3cucHVibGljLXRydXN0
-LmNvbS9jZ2ktYmluL0NSTC8yMDE4L2NkcC5jcmwwHQYDVR0OBBYEFMYWk04WF+wW
-royUdvOGbcV0boR3MA0GCSqGSIb3DQEBBQUAA4GBAHYAe6Z4K2Ydjl42xqSOBfIj
-knyTZ9P0wAp9iy3Z6tVvGvPhSilaIoRNUC9LDPL/hcJ7VdREgr5trGeOvLQfkpxR
-gBoU9m6rYYgLrRx/90tQUdZlG6ZHcRVesHHzNRTyN71jyNXwk1o0X9g96F33xR7A
-5c8fhiSpPAdmzcHSNmNZ
------END CERTIFICATE-----
-
-// Subject: CN=Digisign Server ID - (Enrich),
-//          OU=457608-K,
-//          O=Digicert Sdn. Bhd.,
-//          C=MY
-// Issuer:  CN=Entrust.net Certification Authority (2048)
-//          OU=(c) 1999 Entrust.net Limited,
-//          OU=www.entrust.net/CPS_2048 incorp. by ref. (limits liab.),
-//          O=Entrust.net
-// Serial:  1184644297 (4c:0e:63:6a)
------BEGIN CERTIFICATE-----
-MIIEzjCCA7agAwIBAgIETA5jajANBgkqhkiG9w0BAQUFADCBtDEUMBIGA1UEChML
-RW50cnVzdC5uZXQxQDA+BgNVBAsUN3d3dy5lbnRydXN0Lm5ldC9DUFNfMjA0OCBp
-bmNvcnAuIGJ5IHJlZi4gKGxpbWl0cyBsaWFiLikxJTAjBgNVBAsTHChjKSAxOTk5
-IEVudHJ1c3QubmV0IExpbWl0ZWQxMzAxBgNVBAMTKkVudHJ1c3QubmV0IENlcnRp
-ZmljYXRpb24gQXV0aG9yaXR5ICgyMDQ4KTAeFw0xMDA3MTYxNzIzMzdaFw0xNTA3
-MTYxNzUzMzdaMGUxCzAJBgNVBAYTAk1ZMRswGQYDVQQKExJEaWdpY2VydCBTZG4u
-IEJoZC4xETAPBgNVBAsTCDQ1NzYwOC1LMSYwJAYDVQQDEx1EaWdpc2lnbiBTZXJ2
-ZXIgSUQgLSAoRW5yaWNoKTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEB
-AMWJ5PQNBkCSWccaszXRDkwqM/n4r8qef+65p21g9FTob9Wb8xtjMQRoctE0Foy0
-FyyX3nPF2JAVoBor9cuzSIZE8B2ITM5BQhrv9Qze/kDaOSD3BlU6ap1GwdJvpbLI
-Vz4po5zg6YV3ZuiYpyR+vsBZIOVEb7ZX2L7OwmV3WMZhQdF0BMh/SULFcqlyFu6M
-3RJdtErU0a9Qt9iqdXZorT5dqjBtYairEFs+E78z4K9EnTgiW+9ML6ZxJhUmyiiM
-2fqOjqmiFDXimySItPR/hZ2DTwehthSQNsQ0HI0mYW0Tb3i+6I8nx0uElqOGaAwj
-vgvsjJQAqQSKE5D334VsDLECAwEAAaOCATQwggEwMA4GA1UdDwEB/wQEAwIBBjAS
-BgNVHRMBAf8ECDAGAQH/AgEAMCcGA1UdJQQgMB4GCCsGAQUFBwMBBggrBgEFBQcD
-AgYIKwYBBQUHAwQwMwYIKwYBBQUHAQEEJzAlMCMGCCsGAQUFBzABhhdodHRwOi8v
-b2NzcC5lbnRydXN0Lm5ldDBEBgNVHSAEPTA7MDkGBWCDSgEBMDAwLgYIKwYBBQUH
-AgEWImh0dHA6Ly93d3cuZGlnaWNlcnQuY29tLm15L2Nwcy5odG0wMgYDVR0fBCsw
-KTAnoCWgI4YhaHR0cDovL2NybC5lbnRydXN0Lm5ldC8yMDQ4Y2EuY3JsMBEGA1Ud
-DgQKBAhMTswlKAMpgTAfBgNVHSMEGDAWgBRV5IHREYC+2Im5CKMx+aEkCRa5cDAN
-BgkqhkiG9w0BAQUFAAOCAQEAl0zvSjpJrHL8MCBrtClbp8WVBJD5MtXChWreA6E3
-+YkAsFqsVX7bQzX/yQH4Ub7MJsrIaqTEVD4mHucMo82XZ5TdpkLrXM2POXlrM3kh
-Bnn6gkQVmczBtznTRmJ8snDrb84gqj4Zt+l0gpy0pUtNYQA35IfS8hQ6ZHy4qXth
-4JMi59WfPkfmNnagU9gAAzoPtTP+lsrT0oI6Lt3XSOHkp2nMHOmZSufKcEXXCwcO
-mnUb0C+Sb/akB8O9HEumhLZ9qJqp0qcp8QtXaR6XVybsK0Os1EWDBQDp4/BGQAf6
-6rFRc5Mcpd1TETfIKqcVJx20qsx/qjEw/LhFn0gJ7RDixQ==
------END CERTIFICATE-----
-
-// Subject: CN=Java Media APIs,
-//          OU=Java Signed Extensions,
-//          OU=Corporate Object Signing,
-//          O=Sun Microsystems Inc
-// Issuer:  CN=Object Signing CA,
-//          OU=Class 2 OnSite Subscriber CA,
-//          OU=VeriSign Trust Network,
-//          O=Sun Microsystems Inc
-// Serial:  6a:8b:99:91:37:59:4f:89:53:e2:97:18:9f:19:1e:4e
------BEGIN CERTIFICATE-----
-MIIFdzCCBF+gAwIBAgIQaouZkTdZT4lT4pcYnxkeTjANBgkqhkiG9w0BAQUFADCB
-gzEdMBsGA1UEChMUU3VuIE1pY3Jvc3lzdGVtcyBJbmMxHzAdBgNVBAsTFlZlcmlT
-aWduIFRydXN0IE5ldHdvcmsxJTAjBgNVBAsTHENsYXNzIDIgT25TaXRlIFN1YnNj
-cmliZXIgQ0ExGjAYBgNVBAMTEU9iamVjdCBTaWduaW5nIENBMB4XDTA5MDUxMjAw
-MDAwMFoXDTEyMDUxMTIzNTk1OVowfTEdMBsGA1UEChQUU3VuIE1pY3Jvc3lzdGVt
-cyBJbmMxITAfBgNVBAsUGENvcnBvcmF0ZSBPYmplY3QgU2lnbmluZzEfMB0GA1UE
-CxQWSmF2YSBTaWduZWQgRXh0ZW5zaW9uczEYMBYGA1UEAxQPSmF2YSBNZWRpYSBB
-UElzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl5blzoKTVE8y4Hpz
-q6E15RZz1bF5HnYEyYqgHkZXnAKedmYCoMzm1XK8s+gQWShLEvGEAvs5yqarx9gE
-nnC21N28aEZgIJMa2/arKxCUkS4pxdGPYGexL9UzSRkUpoBShCZKEGdmX7gfJE2K
-/sd9MFvGV5/yZtWXrADzvm0Kd/9mg1KRv1gfrZIq0TJbupoXPYYqb73AkI9eT2ZD
-q9MdwD4E5+oojsDFXt8GU/D00fUhtXpYwuplU7D667WHYdJhIah0ST6JywyqcLXG
-XSuFTXOgITT2idSHluZVmx3dqJ72u9kPkO4JdJTMDfaK8zgNLaRkiU8Qcj+qhLYH
-ytaqcwIDAQABo4IB6jCCAeYwCQYDVR0TBAIwADAOBgNVHQ8BAf8EBAMCB4AwfwYD
-VR0fBHgwdjB0oHKgcIZuaHR0cDovL29uc2l0ZWNybC52ZXJpc2lnbi5jb20vU3Vu
-TWljcm9zeXN0ZW1zSW5jQ29ycG9yYXRlT2JqZWN0U2lnbmluZ0phdmFTaWduZWRF
-eHRlbnNpb25zQ2xhc3NCL0xhdGVzdENSTC5jcmwwHwYDVR0jBBgwFoAUs0crgn5T
-tHPKuLsZt76BTQeVx+0wHQYDVR0OBBYEFKS32mVx0gNWTeS4ProHEaeSpvvIMDsG
-CCsGAQUFBwEBBC8wLTArBggrBgEFBQcwAYYfaHR0cDovL29uc2l0ZS1vY3NwLnZl
-cmlzaWduLmNvbTCBtQYDVR0gBIGtMIGqMDkGC2CGSAGG+EUBBxcCMCowKAYIKwYB
-BQUHAgEWHGh0dHBzOi8vd3d3LnZlcmlzaWduLmNvbS9ycGEwbQYLYIZIAYb3AIN9
-nD8wXjAnBggrBgEFBQcCARYbaHR0cHM6Ly93d3cuc3VuLmNvbS9wa2kvY3BzMDMG
-CCsGAQUFBwICMCcaJVZhbGlkYXRlZCBGb3IgU3VuIEJ1c2luZXNzIE9wZXJhdGlv
-bnMwEwYDVR0lBAwwCgYIKwYBBQUHAwMwDQYJKoZIhvcNAQEFBQADggEBAAe6BO4W
-3TSNWfezyelJs6kE3HfulT6Bdyz4UUoh9ykXcV8nRwT+kh25I5MdyG2GfkJoADPR
-VhC5DYo13UFpIsTNVjq+hGYe2hML93bN7ad9SxCCyjHUo3yMz2qgBbHZI3VA9ZHA
-aWM4Tx0saMwbcnVvlbuGh+PXvStfypJqYT6lzcdFfjNVX4FI/QQNGhBswMY51tC8
-GTBCL2qhJon0gSCU4zaawDOf7+XxJWirLamYL1Aal1/h2z2sFrvA/1ftxtU3kZ6I
-7De8DyoHeZg7pYGdrj7g+lPhCga/WvEhN152I+aP08YbFcJHYmK05ngl/Ye4c6Bd
-cdrdfbw6QzEUIYY=
------END CERTIFICATE-----
-
-// Subject: CN=JavaFX 1.0 Runtime,
-//          OU=Java Signed Extensions,
-//          OU=Corporate Object Signing,
-//          O=Sun Microsystems Inc
-// Issuer:  CN=Object Signing CA,
-//          OU=Class 2 OnSite Subscriber CA,
-//          OU=VeriSign Trust Network,
-//          O=Sun Microsystems Inc
-// Serial:  55:c0:e6:44:59:59:79:9e:d9:26:f1:b0:4a:1e:f0:27
------BEGIN CERTIFICATE-----
-MIIFezCCBGOgAwIBAgIQVcDmRFlZeZ7ZJvGwSh7wJzANBgkqhkiG9w0BAQUFADCB
-gzEdMBsGA1UEChMUU3VuIE1pY3Jvc3lzdGVtcyBJbmMxHzAdBgNVBAsTFlZlcmlT
-aWduIFRydXN0IE5ldHdvcmsxJTAjBgNVBAsTHENsYXNzIDIgT25TaXRlIFN1YnNj
-cmliZXIgQ0ExGjAYBgNVBAMTEU9iamVjdCBTaWduaW5nIENBMB4XDTA4MTAwOTAw
-MDAwMFoXDTExMTAwOTIzNTk1OVowgYAxHTAbBgNVBAoUFFN1biBNaWNyb3N5c3Rl
-bXMgSW5jMSEwHwYDVQQLFBhDb3Jwb3JhdGUgT2JqZWN0IFNpZ25pbmcxHzAdBgNV
-BAsUFkphdmEgU2lnbmVkIEV4dGVuc2lvbnMxGzAZBgNVBAMUEkphdmFGWCAxLjAg
-UnVudGltZTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAM+WDc6+bu+4
-tmAcS/lBtUc02WOt9QZpVsXg9cG2pu/8bUtmDELa8iiYBVFpIs8DU58HLrGQtCUY
-SIAGOVPsOJoN29UKCDWfY9j5JeVhfhMGqk9DwrWhzgsjy4cpZ1pIp+k/fJ8zT8Ul
-aYLpow1vg3UNddsmwz02tN7cOrMw9WYIG4CRYnY1OrtJSfe2pYzheC4zyvR+aiVl
-nang2OtqikSQsNFOFHsLOJFxngy9LrO8evDSu25VTKI6zlWU6/bMeqtztJPN0VOn
-NyUrJZvkxZ207Jg0T693BGSxNC1n+ihztXogql8950M/pEuUbDjylv5FFvlp6DSB
-dDT2MkutmyMCAwEAAaOCAeowggHmMAkGA1UdEwQCMAAwDgYDVR0PAQH/BAQDAgeA
-MH8GA1UdHwR4MHYwdKByoHCGbmh0dHA6Ly9vbnNpdGVjcmwudmVyaXNpZ24uY29t
-L1N1bk1pY3Jvc3lzdGVtc0luY0NvcnBvcmF0ZU9iamVjdFNpZ25pbmdKYXZhU2ln
-bmVkRXh0ZW5zaW9uc0NsYXNzQi9MYXRlc3RDUkwuY3JsMB8GA1UdIwQYMBaAFLNH
-K4J+U7Rzyri7Gbe+gU0HlcftMB0GA1UdDgQWBBTjgufVi3XJ3gx1ewsA6Rr7BR4Z
-zjA7BggrBgEFBQcBAQQvMC0wKwYIKwYBBQUHMAGGH2h0dHA6Ly9vbnNpdGUtb2Nz
-cC52ZXJpc2lnbi5jb20wgbUGA1UdIASBrTCBqjA5BgtghkgBhvhFAQcXAjAqMCgG
-CCsGAQUFBwIBFhxodHRwczovL3d3dy52ZXJpc2lnbi5jb20vcnBhMG0GC2CGSAGG
-9wCDfZw/MF4wJwYIKwYBBQUHAgEWG2h0dHBzOi8vd3d3LnN1bi5jb20vcGtpL2Nw
-czAzBggrBgEFBQcCAjAnGiVWYWxpZGF0ZWQgRm9yIFN1biBCdXNpbmVzcyBPcGVy
-YXRpb25zMBMGA1UdJQQMMAoGCCsGAQUFBwMDMA0GCSqGSIb3DQEBBQUAA4IBAQAB
-YVJTTVe7rzyTO4jc3zajErOT/COkdQTfNo0eIX1QbNynFieJvwY/jRzUZwjktIFR
-2p4JtbpHGAtKtjOAOTieQ8xdDOoC1djzpE7/AbMvuvlTavtUKT+F7tPdhfXgWXJV
-6Wbt8jryKyk3zZGiEhauIwZUkfjRkEtffEmZWLUd8c8rURJjfC/XHH2oyurscoxc
-CjX29c9ynxSiS/VvQp1an0HvErGh69N48wj7cj8mtZ1yHzd2XCzSSR1OfTPfk0Pt
-yg51p7yJaFiH21PTZegEL6zyVNOYBTKwwIi2OzpwYalD3uvK6e3OKDrfFCOxu17u
-4PveESbrdyrmvLe7IVez
------END CERTIFICATE-----
-
-// Subject: CN=JavaFX Runtime,
-//          OU=Java Signed Extensions,
-//          OU=Corporate Object Signing,
-//          O=Sun Microsystems Inc
-// Issuer:  CN=Object Signing CA,
-//          OU=Class 2 OnSite Subscriber CA,
-//          OU=VeriSign Trust Network,
-//          O=Sun Microsystems Inc
-// Serial:  47:f4:55:f1:da:4a:5e:f9:e3:f7:a8:03:62:17:c0:ff
------BEGIN CERTIFICATE-----
-MIIFdjCCBF6gAwIBAgIQR/RV8dpKXvnj96gDYhfA/zANBgkqhkiG9w0BAQUFADCB
-gzEdMBsGA1UEChMUU3VuIE1pY3Jvc3lzdGVtcyBJbmMxHzAdBgNVBAsTFlZlcmlT
-aWduIFRydXN0IE5ldHdvcmsxJTAjBgNVBAsTHENsYXNzIDIgT25TaXRlIFN1YnNj
-cmliZXIgQ0ExGjAYBgNVBAMTEU9iamVjdCBTaWduaW5nIENBMB4XDTA5MDEyOTAw
-MDAwMFoXDTEyMDEyOTIzNTk1OVowfDEdMBsGA1UEChQUU3VuIE1pY3Jvc3lzdGVt
-cyBJbmMxITAfBgNVBAsUGENvcnBvcmF0ZSBPYmplY3QgU2lnbmluZzEfMB0GA1UE
-CxQWSmF2YSBTaWduZWQgRXh0ZW5zaW9uczEXMBUGA1UEAxQOSmF2YUZYIFJ1bnRp
-bWUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCIzd0fAk8mI9ONc6RJ
-aGieioK2FLdXEwj8zL3vdGDVmBwyR1zwYkaOIFFgF9IW/8qc4iAYA5sGUY+0g8q3
-5DuYAxfTzBB5KdaYvbuq6GGnoHIWmTirXY+1friFp8lyXSvtuEaGB1VHaBoZchEg
-k+UgeVDA43dHwcT1Ov3DePczJRUes8T/QHzLX+BxUDG43vjyncCEO/AjqLZxXEz2
-xrNbKLcH3lGMJK7hdbfssUfF5BjC38Hn71HauYlA43b2no+2y0Sjulwzez2YPbDC
-0GLR3TnKtA8dqOrnl5t3DniDbfOBNtBE3VOydJO0XW57Ng1HRXD023nm9ECPY2xp
-0N/pAgMBAAGjggHqMIIB5jAJBgNVHRMEAjAAMA4GA1UdDwEB/wQEAwIHgDB/BgNV
-HR8EeDB2MHSgcqBwhm5odHRwOi8vb25zaXRlY3JsLnZlcmlzaWduLmNvbS9TdW5N
-aWNyb3N5c3RlbXNJbmNDb3Jwb3JhdGVPYmplY3RTaWduaW5nSmF2YVNpZ25lZEV4
-dGVuc2lvbnNDbGFzc0IvTGF0ZXN0Q1JMLmNybDAfBgNVHSMEGDAWgBSzRyuCflO0
-c8q4uxm3voFNB5XH7TAdBgNVHQ4EFgQUvOdd0cKPj+Yik/iOBwTdphh5A+gwOwYI
-KwYBBQUHAQEELzAtMCsGCCsGAQUFBzABhh9odHRwOi8vb25zaXRlLW9jc3AudmVy
-aXNpZ24uY29tMIG1BgNVHSAEga0wgaowOQYLYIZIAYb4RQEHFwIwKjAoBggrBgEF
-BQcCARYcaHR0cHM6Ly93d3cudmVyaXNpZ24uY29tL3JwYTBtBgtghkgBhvcAg32c
-PzBeMCcGCCsGAQUFBwIBFhtodHRwczovL3d3dy5zdW4uY29tL3BraS9jcHMwMwYI
-KwYBBQUHAgIwJxolVmFsaWRhdGVkIEZvciBTdW4gQnVzaW5lc3MgT3BlcmF0aW9u
-czATBgNVHSUEDDAKBggrBgEFBQcDAzANBgkqhkiG9w0BAQUFAAOCAQEAbGcf2NjL
-AI93HG6ny2BbepaZA1a8xa/R6uUc7xV+Qw6MgLwFD4Q4i6LWUztQDvg9l68MM2/i
-Y9LEi1KM4lcNbK5+D+t9x98wXBiuojXhVdp5ZmC03EyEBbriopdBsmXVLDSu/Y3+
-zowOO5xwpMK3dbgsSDs2Vt0UosD3FTcRaD3GNfOhXMp+o1grHNiXF9YgkmdQbPPZ
-DQ2KBhFPCRJXBGvyKOqno/DTg0sQ3crGH/C4/4t7mnQXWldZotmJUZ0ONc9oD+Q1
-JAaguUKqIwn9yZ093ie+JWHbYNid9IIIPXYgtRxmf9a376WBhqhu56uJftBJ7x9g
-eQ7Lot6CSWCiFw==
------END CERTIFICATE-----
-
-// Subject: CN=Solaris INTERNAL DEVELOPMENT USE ONLY,
-//          OU=Solaris Cryptographic Framework,
-//          OU=Corporate Object Signing,
-//          O=Sun Microsystems Inc
-// Issuer:  CN=Object Signing CA,
-//          OU=Class 2 OnSite Subscriber CA,
-//          OU=VeriSign Trust Network,
-//          O=Sun Microsystems Inc
-// Serial:  77:29:77:52:6a:19:7b:9a:a6:a2:c7:99:a0:e1:cd:8c
------BEGIN CERTIFICATE-----
-MIIFHjCCBAagAwIBAgIQdyl3UmoZe5qmoseZoOHNjDANBgkqhkiG9w0BAQUFADCB
-gzEdMBsGA1UEChMUU3VuIE1pY3Jvc3lzdGVtcyBJbmMxHzAdBgNVBAsTFlZlcmlT
-aWduIFRydXN0IE5ldHdvcmsxJTAjBgNVBAsTHENsYXNzIDIgT25TaXRlIFN1YnNj
-cmliZXIgQ0ExGjAYBgNVBAMTEU9iamVjdCBTaWduaW5nIENBMB4XDTA3MDEwNDAw
-MDAwMFoXDTEwMDEwMzIzNTk1OVowgZwxHTAbBgNVBAoUFFN1biBNaWNyb3N5c3Rl
-bXMgSW5jMSEwHwYDVQQLFBhDb3Jwb3JhdGUgT2JqZWN0IFNpZ25pbmcxKDAmBgNV
-BAsUH1NvbGFyaXMgQ3J5cHRvZ3JhcGhpYyBGcmFtZXdvcmsxLjAsBgNVBAMUJVNv
-bGFyaXMgSU5URVJOQUwgREVWRUxPUE1FTlQgVVNFIE9OTFkwgZ8wDQYJKoZIhvcN
-AQEBBQADgY0AMIGJAoGBALbNU4hf3mD5ArDI9pjgioAyvV3bjMPRQdCZniIeGJBp
-odFlSEH+Mh64W1DsY8coeZ7FvvGJkx9IpTMJW9k8w1oJK9UNqHyAQfaYjQyXi3xQ
-LJp62EvYdGfDlwOZejEcR/MbzZG+GOPMMvQj5+xyFDvLXNGfQNTnxw2qnBgCJXjj
-AgMBAAGjggH1MIIB8TAJBgNVHRMEAjAAMA4GA1UdDwEB/wQEAwIHgDCBiQYDVR0f
-BIGBMH8wfaB7oHmGd2h0dHA6Ly9vbnNpdGVjcmwudmVyaXNpZ24uY29tL1N1bk1p
-Y3Jvc3lzdGVtc0luY0NvcnBvcmF0ZU9iamVjdFNpZ25pbmdTb2xhcmlzQ3J5cHRv
-Z3JhcGhpY0ZyYW1ld29ya0NsYXNzQi9MYXRlc3RDUkwuY3JsMB8GA1UdIwQYMBaA
-FLNHK4J+U7Rzyri7Gbe+gU0HlcftMB0GA1UdDgQWBBRpfiGYkehTnsIzuN2H6AFb
-VCZG8jA7BggrBgEFBQcBAQQvMC0wKwYIKwYBBQUHMAGGH2h0dHA6Ly9vbnNpdGUt
-b2NzcC52ZXJpc2lnbi5jb20wgbUGA1UdIASBrTCBqjA5BgtghkgBhvhFAQcXAjAq
-MCgGCCsGAQUFBwIBFhxodHRwczovL3d3dy52ZXJpc2lnbi5jb20vcnBhMG0GC2CG
-SAGG9wCDfZw/MF4wJwYIKwYBBQUHAgEWG2h0dHBzOi8vd3d3LnN1bi5jb20vcGtp
-L2NwczAzBggrBgEFBQcCAjAnFiVWYWxpZGF0ZWQgRm9yIFN1biBCdXNpbmVzcyBP
-cGVyYXRpb25zMBMGA1UdJQQMMAoGCCsGAQUFBwMDMA0GCSqGSIb3DQEBBQUAA4IB
-AQCG5soy3LFHTFbA8/5SzDRhQoJkHUnOP0t3b6nvX6vZYRp649fje7TQOPRm1pFd
-CZ17J+tggdZwgzTqY4aYpJ00jZaK6pV37q/vgFC/ia6jDs8Q+ly9cEcadBZ5loYg
-cmxp9p57W2MNWx8VA8oFdNtKfF0jUNXbLNtvwGHmgR6YcwLrGN1b6/9Lt9bO3ODl
-FO+ZDwkfQz5ClUVrTx2dGBvKRYFqSG5S8JAfsgYhPvcacUQkA7ExyKvfRXLWVrce
-ZiPpcElbx+819H2sAPvVvparVeAruZGMAtejHZp9NFoowKen5drJp9VxePS4eM49
-3DepB6lKRrNRw66LNQol4ZBz
------END CERTIFICATE-----
-
-// Subject: EMAILADDRESS=info@diginotar.nl, CN=DigiNotar Cyber CA,
-//          O=DigiNotar, C=NL
-// Issuer:  CN=GTE CyberTrust Global Root,
-//          OU=GTE CyberTrust Solutions, Inc.,
-//          O=GTE Corporation,
-//          C=US
-// Serial:  120000525 (07:27:10:0D)
------BEGIN CERTIFICATE-----
-MIIFWjCCBMOgAwIBAgIEBycQDTANBgkqhkiG9w0BAQUFADB1MQswCQYDVQQGEwJV
-UzEYMBYGA1UEChMPR1RFIENvcnBvcmF0aW9uMScwJQYDVQQLEx5HVEUgQ3liZXJU
-cnVzdCBTb2x1dGlvbnMsIEluYy4xIzAhBgNVBAMTGkdURSBDeWJlclRydXN0IEds
-b2JhbCBSb290MB4XDTA2MTAwNDEwNTQxMVoXDTExMTAwNDEwNTMxMVowYDELMAkG
-A1UEBhMCTkwxEjAQBgNVBAoTCURpZ2lOb3RhcjEbMBkGA1UEAxMSRGlnaU5vdGFy
-IEN5YmVyIENBMSAwHgYJKoZIhvcNAQkBFhFpbmZvQGRpZ2lub3Rhci5ubDCCAiIw
-DQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIBANLOFQotqF6EZ639vu9Gx8i5z3P8
-9DS5+SxD52ATPXrjss87Z2yQrcC5P4RS8DVC3HTcKDu9UrSnrHJFF8bwieu0qiXy
-XUte0dmHutZ9fPXOMp8QM8WxSrtekTHC0OlBwpFkfglBO9uLCDdqqspS3rU5HsCI
-A6U/i5kTYUO1m4Kz7iBvz6FEouova0CfjytXraFTwoUiaZ2gP1HfC0GRDaXhqKpc
-SQhdvd5wQbEPyWNr0380dAIvNFp4dRxoeoFnivPaQPBgY/SSINcDpj2jHmfEhBtB
-pcmM5r3qSLYFFgizNxJa92E89zhvLpfgb1Y4VNMota0Ubi5LZLUnZbd1JQm2Bz2V
-VgIKgmCyc0XgMyZRdJq51FAc9k1bW1JSE1qmf6cO4ehBVGeYjIfVydNsy9NUkgYJ
-NEH3gW8/nsl8dVWw58Gzd+jDxAA1lUBwEEoF3iW7n1mlZLxHYL9g43aLE1Xd4XR6
-uc8kpmp/3mQiRFhogmoQ+T3lPhu5vfwi9GAEibtVbShV+t6OjRshFNc3izR7Tfay
-shDPM7F9HGKZSMsrbHaWVb8ZDR0fu2WqG46ZtcYokOWCLXhQIJr9eS8kf/CJKWn0
-fc1zvrPtTsHR7VJej/e4142HrbLZG1ES/1az4a80fVykeIgQnp0DxqWqoiRR90kU
-xbHuWUOV36toKDA/AgMBAAGjggGGMIIBgjASBgNVHRMBAf8ECDAGAQH/AgEBMFMG
-A1UdIARMMEowSAYJKwYBBAGxPgEAMDswOQYIKwYBBQUHAgEWLWh0dHA6Ly93d3cu
-cHVibGljLXRydXN0LmNvbS9DUFMvT21uaVJvb3QuaHRtbDAOBgNVHQ8BAf8EBAMC
-AQYwgaAGA1UdIwSBmDCBlYAUpgwdn2H/Bxe1vzhG20Mw1Y6wUgaheaR3MHUxCzAJ
-BgNVBAYTAlVTMRgwFgYDVQQKEw9HVEUgQ29ycG9yYXRpb24xJzAlBgNVBAsTHkdU
-RSBDeWJlclRydXN0IFNvbHV0aW9ucywgSW5jLjEjMCEGA1UEAxMaR1RFIEN5YmVy
-VHJ1c3QgR2xvYmFsIFJvb3SCAgGlMEUGA1UdHwQ+MDwwOqA4oDaGNGh0dHA6Ly93
-d3cucHVibGljLXRydXN0LmNvbS9jZ2ktYmluL0NSTC8yMDE4L2NkcC5jcmwwHQYD
-VR0OBBYEFKv5aN/PSjfXe0WMX3LeQETDZbvCMA0GCSqGSIb3DQEBBQUAA4GBAI9o
-a6VbB7pEZg4cqFwwezPkCiYE/O+eGjjWLqEf0JlHwnVkJP2eOyh2uSYoYZEMbSz4
-BJ98UAHV42mv7xXSRZskCSpmBU8lgcpdvqrBWSeuM46C9990sFWzjvjnN8huqlZE
-9r1TgSOWPbT6MopTZkQloiXGpjwljPDgKAYityZB
------END CERTIFICATE-----
-
-// Subject: CN=DigiNotar Cyber CA, O=DigiNotar, C=NL
-// Issuer:  CN=GTE CyberTrust Global Root,
-//          OU=GTE CyberTrust Solutions, Inc.,
-//          O=GTE Corporation,
-//          C=US
-// Serial:  120000505 (07:27:0F:F9)
------BEGIN CERTIFICATE-----
-MIIFODCCBKGgAwIBAgIEBycP+TANBgkqhkiG9w0BAQUFADB1MQswCQYDVQQGEwJV
-UzEYMBYGA1UEChMPR1RFIENvcnBvcmF0aW9uMScwJQYDVQQLEx5HVEUgQ3liZXJU
-cnVzdCBTb2x1dGlvbnMsIEluYy4xIzAhBgNVBAMTGkdURSBDeWJlclRydXN0IEds
-b2JhbCBSb290MB4XDTA2MDkyMDA5NDUzMloXDTEzMDkyMDA5NDQwNlowPjELMAkG
-A1UEBhMCTkwxEjAQBgNVBAoTCURpZ2lOb3RhcjEbMBkGA1UEAxMSRGlnaU5vdGFy
-IEN5YmVyIENBMIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEA0s4VCi2o
-XoRnrf2+70bHyLnPc/z0NLn5LEPnYBM9euOyzztnbJCtwLk/hFLwNULcdNwoO71S
-tKesckUXxvCJ67SqJfJdS17R2Ye61n189c4ynxAzxbFKu16RMcLQ6UHCkWR+CUE7
-24sIN2qqylLetTkewIgDpT+LmRNhQ7WbgrPuIG/PoUSi6i9rQJ+PK1etoVPChSJp
-naA/Ud8LQZENpeGoqlxJCF293nBBsQ/JY2vTfzR0Ai80Wnh1HGh6gWeK89pA8GBj
-9JIg1wOmPaMeZ8SEG0GlyYzmvepItgUWCLM3Elr3YTz3OG8ul+BvVjhU0yi1rRRu
-LktktSdlt3UlCbYHPZVWAgqCYLJzReAzJlF0mrnUUBz2TVtbUlITWqZ/pw7h6EFU
-Z5iMh9XJ02zL01SSBgk0QfeBbz+eyXx1VbDnwbN36MPEADWVQHAQSgXeJbufWaVk
-vEdgv2DjdosTVd3hdHq5zySman/eZCJEWGiCahD5PeU+G7m9/CL0YASJu1VtKFX6
-3o6NGyEU1zeLNHtN9rKyEM8zsX0cYplIyytsdpZVvxkNHR+7Zaobjpm1xiiQ5YIt
-eFAgmv15LyR/8IkpafR9zXO+s+1OwdHtUl6P97jXjYetstkbURL/VrPhrzR9XKR4
-iBCenQPGpaqiJFH3SRTFse5ZQ5Xfq2goMD8CAwEAAaOCAYYwggGCMBIGA1UdEwEB
-/wQIMAYBAf8CAQEwUwYDVR0gBEwwSjBIBgkrBgEEAbE+AQAwOzA5BggrBgEFBQcC
-ARYtaHR0cDovL3d3dy5wdWJsaWMtdHJ1c3QuY29tL0NQUy9PbW5pUm9vdC5odG1s
-MA4GA1UdDwEB/wQEAwIBBjCBoAYDVR0jBIGYMIGVgBSmDB2fYf8HF7W/OEbbQzDV
-jrBSBqF5pHcwdTELMAkGA1UEBhMCVVMxGDAWBgNVBAoTD0dURSBDb3Jwb3JhdGlv
-bjEnMCUGA1UECxMeR1RFIEN5YmVyVHJ1c3QgU29sdXRpb25zLCBJbmMuMSMwIQYD
-VQQDExpHVEUgQ3liZXJUcnVzdCBHbG9iYWwgUm9vdIICAaUwRQYDVR0fBD4wPDA6
-oDigNoY0aHR0cDovL3d3dy5wdWJsaWMtdHJ1c3QuY29tL2NnaS1iaW4vQ1JMLzIw
-MTgvY2RwLmNybDAdBgNVHQ4EFgQUq/lo389KN9d7RYxfct5ARMNlu8IwDQYJKoZI
-hvcNAQEFBQADgYEACcpiD427SuDUejUrBi3RKGG2rAH7g0m8rtQvLYauGYOl1h0T
-4he+/jJ06XoUOMqUXvcpAWlxG5Ea/aO7qh3Ke+IW/aGjDvMMX7LhIDGUK16Sdu36
-6bUjpr8KOwOpb1JgVM1f6bcvfKIn/UGDdbYN+3gm87FF6TKVKho1IZXFonU=
------END CERTIFICATE-----
-
-// Subject: CN=DigiNotar Cyber CA, O=DigiNotar, C=NL
-// Issuer:  CN=GTE CyberTrust Global Root,
-//          OU=GTE CyberTrust Solutions, Inc.,
-//          O=GTE Corporation,
-//          C=US
-// Serial:  120000515 (07:27:10:03)
------BEGIN CERTIFICATE-----
-MIIFODCCBKGgAwIBAgIEBycQAzANBgkqhkiG9w0BAQUFADB1MQswCQYDVQQGEwJV
-UzEYMBYGA1UEChMPR1RFIENvcnBvcmF0aW9uMScwJQYDVQQLEx5HVEUgQ3liZXJU
-cnVzdCBTb2x1dGlvbnMsIEluYy4xIzAhBgNVBAMTGkdURSBDeWJlclRydXN0IEds
-b2JhbCBSb290MB4XDTA2MDkyNzEwNTMzMloXDTExMDkyNzEwNTIzMFowPjELMAkG
-A1UEBhMCTkwxEjAQBgNVBAoTCURpZ2lOb3RhcjEbMBkGA1UEAxMSRGlnaU5vdGFy
-IEN5YmVyIENBMIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEA0s4VCi2o
-XoRnrf2+70bHyLnPc/z0NLn5LEPnYBM9euOyzztnbJCtwLk/hFLwNULcdNwoO71S
-tKesckUXxvCJ67SqJfJdS17R2Ye61n189c4ynxAzxbFKu16RMcLQ6UHCkWR+CUE7
-24sIN2qqylLetTkewIgDpT+LmRNhQ7WbgrPuIG/PoUSi6i9rQJ+PK1etoVPChSJp
-naA/Ud8LQZENpeGoqlxJCF293nBBsQ/JY2vTfzR0Ai80Wnh1HGh6gWeK89pA8GBj
-9JIg1wOmPaMeZ8SEG0GlyYzmvepItgUWCLM3Elr3YTz3OG8ul+BvVjhU0yi1rRRu
-LktktSdlt3UlCbYHPZVWAgqCYLJzReAzJlF0mrnUUBz2TVtbUlITWqZ/pw7h6EFU
-Z5iMh9XJ02zL01SSBgk0QfeBbz+eyXx1VbDnwbN36MPEADWVQHAQSgXeJbufWaVk
-vEdgv2DjdosTVd3hdHq5zySman/eZCJEWGiCahD5PeU+G7m9/CL0YASJu1VtKFX6
-3o6NGyEU1zeLNHtN9rKyEM8zsX0cYplIyytsdpZVvxkNHR+7Zaobjpm1xiiQ5YIt
-eFAgmv15LyR/8IkpafR9zXO+s+1OwdHtUl6P97jXjYetstkbURL/VrPhrzR9XKR4
-iBCenQPGpaqiJFH3SRTFse5ZQ5Xfq2goMD8CAwEAAaOCAYYwggGCMBIGA1UdEwEB
-/wQIMAYBAf8CAQEwUwYDVR0gBEwwSjBIBgkrBgEEAbE+AQAwOzA5BggrBgEFBQcC
-ARYtaHR0cDovL3d3dy5wdWJsaWMtdHJ1c3QuY29tL0NQUy9PbW5pUm9vdC5odG1s
-MA4GA1UdDwEB/wQEAwIBBjCBoAYDVR0jBIGYMIGVgBSmDB2fYf8HF7W/OEbbQzDV
-jrBSBqF5pHcwdTELMAkGA1UEBhMCVVMxGDAWBgNVBAoTD0dURSBDb3Jwb3JhdGlv
-bjEnMCUGA1UECxMeR1RFIEN5YmVyVHJ1c3QgU29sdXRpb25zLCBJbmMuMSMwIQYD
-VQQDExpHVEUgQ3liZXJUcnVzdCBHbG9iYWwgUm9vdIICAaUwRQYDVR0fBD4wPDA6
-oDigNoY0aHR0cDovL3d3dy5wdWJsaWMtdHJ1c3QuY29tL2NnaS1iaW4vQ1JMLzIw
-MTgvY2RwLmNybDAdBgNVHQ4EFgQUq/lo389KN9d7RYxfct5ARMNlu8IwDQYJKoZI
-hvcNAQEFBQADgYEAWcyGZhizJlRP1jjNupZey+yZG6oMDW4Z11boriMHbYPCndBE
-bVh07zmPbZsihOw9w/vm5KbVX5CgxUv4Rhzh/20Faixf3P3bpWg0qgzHVVusNVR/
-P50aKkpdK3hp+QLl56e+lWOddSAINIpmcuyDI1hyuzB+GJEASm9tNU/6rs8=
------END CERTIFICATE-----
-
-// Subject: EMAILADDRESS=info@diginotar.nl,
-//          CN=DigiNotar Root CA,
-//          O=DigiNotar, C=NL
-// Issuer:  CN=Entrust.net Secure Server Certification Authority
-//          OU=(c) 1999 Entrust.net Limited,
-//          OU=www.entrust.net/CPS incorp. by ref. (limits liab.),
-//          O=Entrust.net,
-//          C=US,
-// Serial:  1184644297 (46:9C:3C:C9)
------BEGIN CERTIFICATE-----
-MIIFSDCCBLGgAwIBAgIERpw8yTANBgkqhkiG9w0BAQUFADCBwzELMAkGA1UEBhMC
-VVMxFDASBgNVBAoTC0VudHJ1c3QubmV0MTswOQYDVQQLEzJ3d3cuZW50cnVzdC5u
-ZXQvQ1BTIGluY29ycC4gYnkgcmVmLiAobGltaXRzIGxpYWIuKTElMCMGA1UECxMc
-KGMpIDE5OTkgRW50cnVzdC5uZXQgTGltaXRlZDE6MDgGA1UEAxMxRW50cnVzdC5u
-ZXQgU2VjdXJlIFNlcnZlciBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eTAeFw0wNzA0
-MjYwNTAwMDBaFw0xMzA4MTQyMDEyMzZaMF8xCzAJBgNVBAYTAk5MMRIwEAYDVQQK
-EwlEaWdpTm90YXIxGjAYBgNVBAMTEURpZ2lOb3RhciBSb290IENBMSAwHgYJKoZI
-hvcNAQkBFhFpbmZvQGRpZ2lub3Rhci5ubDCCAiIwDQYJKoZIhvcNAQEBBQADggIP
-ADCCAgoCggIBAKywWMEAvdghCAsrmv5uVjAFnxt3kBBBXMMNhxF3joHxynzpjGrt
-OHQ1u9rf+bvACTe0lnOBfTMamDn3k2+Vfz25sXWHulFI6ItwPpUExdi2wxbZiLCx
-hx1w2oa0DxSLes8Q0XQ2ohJ7d4ZKeeZ73wIRaKVOhq40WJskE3hWIiUeAYtLUXH7
-gsxZlmmIWmhTxbkNAjfLS7xmSpB+KgsFB+0WX1WQddhGyRuD4gi+8SPMmR3WKg+D
-IBVYJ4Iu+uIiwkmxuQGBap1tnUB3aHZOISpthECFTnaZfILz87cCWdQmARuO361T
-BtGuGN3isjrL14g4jqxbKbkZ05j5GAPPSIKGZgsbaQ/J6ziIeiYaBUyS1yTUlvKs
-Ui2jR9VS9j/+zoQGcKaqPqLytlY0GFei5IFt58rwatPHkWsCg0F8Fe9rmmRe49A8
-5bHre12G+8vmd0nNo2Xc97mcuOQLX5PPzDAaMhzOHGOVpfnq4XSLnukrqTB7oBgf
-DhgL5Vup09FsHgdnj5FLqYq80maqkwGIspH6MVzVpsFSCAnNCmOi0yKm6KHZOQaX
-9W6NApCMFHs/gM0bnLrEWHIjr7ZWn8Z6QjMpBz+CyeYfBQ3NTCg2i9PIPhzGiO9e
-7olk6R3r2ol+MqZp0d3MiJ/R0MlmIdwGZ8WUepptYkx9zOBkgLKeR46jAgMBAAGj
-ggEmMIIBIjASBgNVHRMBAf8ECDAGAQH/AgEBMCcGA1UdJQQgMB4GCCsGAQUFBwMB
-BggrBgEFBQcDAgYIKwYBBQUHAwQwEQYDVR0gBAowCDAGBgRVHSAAMDMGCCsGAQUF
-BwEBBCcwJTAjBggrBgEFBQcwAYYXaHR0cDovL29jc3AuZW50cnVzdC5uZXQwMwYD
-VR0fBCwwKjAooCagJIYiaHR0cDovL2NybC5lbnRydXN0Lm5ldC9zZXJ2ZXIxLmNy
-bDAdBgNVHQ4EFgQUiGi/4I41xDs4a2L3KDuEgcgM100wCwYDVR0PBAQDAgEGMB8G
-A1UdIwQYMBaAFPAXYhNVPbP/CgBr+1CEl/PtYtAaMBkGCSqGSIb2fQdBAAQMMAob
-BFY3LjEDAgCBMA0GCSqGSIb3DQEBBQUAA4GBAI979rBep8tu3TeLunapgsZ0jtXp
-GDFjKWSk87dj1jCyYi+q/GyDyZ6ZQZNRP0sF+6twscq05lClWNy3TROMp7QeuoLO
-G7Utw3OJaswUtp4YglANMRTHEe3g9ltifUXRH5tSuy7u6yi4LD4WTm5ULP6r/g6l
-0CnjXYb0+b1Fmz6U
------END CERTIFICATE-----
-
-// Subject: EMAILADDRESS=info@diginotar.nl,
-//          CN=DigiNotar Root CA,
-//          O=DigiNotar, C=NL
-// Issuer:  CN=Entrust.net Secure Server Certification Authority
-//          OU=(c) 1999 Entrust.net Limited,
-//          OU=www.entrust.net/CPS incorp. by ref. (limits liab.),
-//          O=Entrust.net,
-//          C=US,
-// Serial:  1184640175 (46:9C:2C:AF)
------BEGIN CERTIFICATE-----
-MIIFSDCCBLGgAwIBAgIERpwsrzANBgkqhkiG9w0BAQUFADCBwzELMAkGA1UEBhMC
-VVMxFDASBgNVBAoTC0VudHJ1c3QubmV0MTswOQYDVQQLEzJ3d3cuZW50cnVzdC5u
-ZXQvQ1BTIGluY29ycC4gYnkgcmVmLiAobGltaXRzIGxpYWIuKTElMCMGA1UECxMc
-KGMpIDE5OTkgRW50cnVzdC5uZXQgTGltaXRlZDE6MDgGA1UEAxMxRW50cnVzdC5u
-ZXQgU2VjdXJlIFNlcnZlciBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eTAeFw0wNzA3
-MjYxNTU3MzlaFw0xMzA4MjYxNjI3MzlaMF8xCzAJBgNVBAYTAk5MMRIwEAYDVQQK
-EwlEaWdpTm90YXIxGjAYBgNVBAMTEURpZ2lOb3RhciBSb290IENBMSAwHgYJKoZI
-hvcNAQkBFhFpbmZvQGRpZ2lub3Rhci5ubDCCAiIwDQYJKoZIhvcNAQEBBQADggIP
-ADCCAgoCggIBAKywWMEAvdghCAsrmv5uVjAFnxt3kBBBXMMNhxF3joHxynzpjGrt
-OHQ1u9rf+bvACTe0lnOBfTMamDn3k2+Vfz25sXWHulFI6ItwPpUExdi2wxbZiLCx
-hx1w2oa0DxSLes8Q0XQ2ohJ7d4ZKeeZ73wIRaKVOhq40WJskE3hWIiUeAYtLUXH7
-gsxZlmmIWmhTxbkNAjfLS7xmSpB+KgsFB+0WX1WQddhGyRuD4gi+8SPMmR3WKg+D
-IBVYJ4Iu+uIiwkmxuQGBap1tnUB3aHZOISpthECFTnaZfILz87cCWdQmARuO361T
-BtGuGN3isjrL14g4jqxbKbkZ05j5GAPPSIKGZgsbaQ/J6ziIeiYaBUyS1yTUlvKs
-Ui2jR9VS9j/+zoQGcKaqPqLytlY0GFei5IFt58rwatPHkWsCg0F8Fe9rmmRe49A8
-5bHre12G+8vmd0nNo2Xc97mcuOQLX5PPzDAaMhzOHGOVpfnq4XSLnukrqTB7oBgf
-DhgL5Vup09FsHgdnj5FLqYq80maqkwGIspH6MVzVpsFSCAnNCmOi0yKm6KHZOQaX
-9W6NApCMFHs/gM0bnLrEWHIjr7ZWn8Z6QjMpBz+CyeYfBQ3NTCg2i9PIPhzGiO9e
-7olk6R3r2ol+MqZp0d3MiJ/R0MlmIdwGZ8WUepptYkx9zOBkgLKeR46jAgMBAAGj
-ggEmMIIBIjASBgNVHRMBAf8ECDAGAQH/AgEBMCcGA1UdJQQgMB4GCCsGAQUFBwMB
-BggrBgEFBQcDAgYIKwYBBQUHAwQwEQYDVR0gBAowCDAGBgRVHSAAMDMGCCsGAQUF
-BwEBBCcwJTAjBggrBgEFBQcwAYYXaHR0cDovL29jc3AuZW50cnVzdC5uZXQwMwYD
-VR0fBCwwKjAooCagJIYiaHR0cDovL2NybC5lbnRydXN0Lm5ldC9zZXJ2ZXIxLmNy
-bDAdBgNVHQ4EFgQUiGi/4I41xDs4a2L3KDuEgcgM100wCwYDVR0PBAQDAgEGMB8G
-A1UdIwQYMBaAFPAXYhNVPbP/CgBr+1CEl/PtYtAaMBkGCSqGSIb2fQdBAAQMMAob
-BFY3LjEDAgCBMA0GCSqGSIb3DQEBBQUAA4GBAEa6RcDNcEIGUlkDJUY/pWTds4zh
-xbVkp3wSmpwPFhx5fxTyF4HD2L60jl3aqjTB7gPpsL2Pk5QZlNsi3t4UkCV70UOd
-ueJRN3o/LOtk4+bjXY2lC0qTHbN80VMLqPjmaf9ghSA9hwhskdtMgRsgfd90q5QP
-ZFdYf+hthc3m6IcJ
------END CERTIFICATE-----
-
-// Subject: CN=DigiNotar PKIoverheid CA Organisatie - G2,
-//          O=DigiNotar B.V.,
-//          C=NL
-// Issuer:  CN=Staat der Nederlanden Organisatie CA - G2,
-//          O=Staat der Nederlanden,
-//          C=NL
-// Serial:  20001983 (01:31:34:bf)
------BEGIN CERTIFICATE-----
-MIIGnDCCBISgAwIBAgIEATE0vzANBgkqhkiG9w0BAQsFADBhMQswCQYDVQQGEwJO
-TDEeMBwGA1UECgwVU3RhYXQgZGVyIE5lZGVybGFuZGVuMTIwMAYDVQQDDClTdGFh
-dCBkZXIgTmVkZXJsYW5kZW4gT3JnYW5pc2F0aWUgQ0EgLSBHMjAeFw0xMDA1MTIw
-ODUxMzhaFw0yMDAzMjMwOTUwMDRaMFoxCzAJBgNVBAYTAk5MMRcwFQYDVQQKDA5E
-aWdpTm90YXIgQi5WLjEyMDAGA1UEAwwpRGlnaU5vdGFyIFBLSW92ZXJoZWlkIENB
-IE9yZ2FuaXNhdGllIC0gRzIwggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoIC
-AQCxExkPJ+Zs1FWGS9DsiYpFkXisR71HK+T8RetPtCZzWzfTw3/2497Xo/gtaMUI
-PkuU1uSHJTZrhLUYdPMoWHMvm2rPvAQe9t7dr/xLqvXbZmIlASWC3vKXWhBu3V2p
-IrEEqSNzOvhxrR3PhETrR9Gvbch8KKvH8jd6dF9fxQIUiqNa4xtsAeNdjtlo1vQJ
-GzLckbUs9SDrjANtJkm4k8SFXdjSm69WaswFM8ygQp40VUSca6DUEtArVM23iQ3l
-9uvo+4UBM096a/GdcjOWDveyhKWlJ8Qn8VFzKXe6Z27+TNy04qGhgS85SY1DOBPO
-0KVcwoc6AGdlQiPxNlkKHaNRyLyjlCox3+M88p0aPASw77EKMBNzttfzo0wBdRSF
-eMDXijlYhVD6LubFvs+LP6+PNtQlCS3SD6xyk/K/i9RQs/kVUJuZ9RTZ+4uRozIm
-JqD43ztggYaDeVsr6xM9KTrBbd29no6H1kquNJcF7hSm9tw4fkrpJFQHPZdoN0Zr
-DceoIa8TVOQJavFNRgrJXfubT73e+7dUy7g4nKc5+2otwHuNq6WnV+xKkoozxeEg
-XHPYkJIrgNUPhhhpfDlPhIa890xb89W0yqDC8DciynlSH1PmqvOQsDvd8ij9rOvF
-BiSgydQvD1j9tZ7sD8+yWdCiBHo4aq5y+73wJWKUCacFCwIDAQABo4IBYTCCAV0w
-SAYDVR0gBEEwPzA9BgRVHSAAMDUwMwYIKwYBBQUHAgEWJ2h0dHA6Ly93d3cuZGln
-aW5vdGFyLm5sL2Nwcy9wa2lvdmVyaGVpZDAPBgNVHRMBAf8EBTADAQH/MA4GA1Ud
-DwEB/wQEAwIBBjCBhQYDVR0jBH4wfIAUORCLSZJc22ESIM1JnRqO2pxnQLmhXqRc
-MFoxCzAJBgNVBAYTAk5MMR4wHAYDVQQKDBVTdGFhdCBkZXIgTmVkZXJsYW5kZW4x
-KzApBgNVBAMMIlN0YWF0IGRlciBOZWRlcmxhbmRlbiBSb290IENBIC0gRzKCBACY
-lvQwSQYDVR0fBEIwQDA+oDygOoY4aHR0cDovL2NybC5wa2lvdmVyaGVpZC5ubC9E
-b21PcmdhbmlzYXRpZUxhdGVzdENSTC1HMi5jcmwwHQYDVR0OBBYEFLxdlDvZq3sD
-JXNhwtst7vyrj2WhMA0GCSqGSIb3DQEBCwUAA4ICAQCP/C1Mt9kt1R+978v0t2gX
-dZ1O1ffdnPEqJu2forYcA9VTs+wIzzTi48P0tRYvyMO+19NzqwA2+RpKftZj6V5G
-uqW2jhW3oyrYQx3vXcgfgYWzi/f/PPTZ9EYIP5y8HaDZqEzNJVJOCrEg9x/pQ9lU
-RoETmsBedGwqmDLq/He7DaWiMZgifnx859qkrey3LhoZcfhIUNpDjyyE3cFAJ+O1
-8BVOltT4XOOGKUYr1zsH6zh/yIZXl9PvKjPEF1DVZGlrK2tFXl0vF8paTs/D1zk8
-9TufRrmb5w5Jl53W1eMbD+qPAU6aE5RZCgIHSEsaYKt/T+0L2FUNaG9VnGllFULs
-wNzdbKzDFs4LHVabpMTE0i7gD+JEJytQaaTcYuiKISlCbMwAOpZ2m+9AwKRed4Qy
-bCYqOWauXeO5ubIsaB8empADOfCqs6TMSYsYNOk3yXspx4R8b0QVL+xhWQTJRcui
-1lKifH8pktZKxYtCqNT+6tjHhyMY5J16fXNAUpigrm7jBT8FD+Clxm1N7YM3iJzH
-89xCmmq21yFJNnfy7xhPxXDZnunetyuL9Lx+KN8NQMmFXK6dxTH/0FwOtah+8Okv
-uq+IruW10Vilr5xxpykBkINpN4IFuvwJwQhujHg7wzMCgD9EhQgd31VWCK0shS1d
-sQPhrqp0xaTzTro3mHuCuQ==
------END CERTIFICATE-----
-
-// Subject: CN=DigiNotar PKIoverheid CA Overheid en Bedrijven,
-//          O=DigiNotar B.V.,
-//          C=NL
-// Issuer:  CN=Staat der Nederlanden Overheid CA
-//          O=Staat der Nederlanden,
-//          C=NL
-// Serial:  20015536 (01:31:69:b0)
------BEGIN CERTIFICATE-----
-MIIEiDCCA3CgAwIBAgIEATFpsDANBgkqhkiG9w0BAQUFADBZMQswCQYDVQQGEwJO
-TDEeMBwGA1UEChMVU3RhYXQgZGVyIE5lZGVybGFuZGVuMSowKAYDVQQDEyFTdGFh
-dCBkZXIgTmVkZXJsYW5kZW4gT3ZlcmhlaWQgQ0EwHhcNMDcwNzA1MDg0MjA3WhcN
-MTUwNzI3MDgzOTQ2WjBfMQswCQYDVQQGEwJOTDEXMBUGA1UEChMORGlnaU5vdGFy
-IEIuVi4xNzA1BgNVBAMTLkRpZ2lOb3RhciBQS0lvdmVyaGVpZCBDQSBPdmVyaGVp
-ZCBlbiBCZWRyaWp2ZW4wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDc
-vdKnTmoKuzuiheF/AK2+tDBomAfNoHrElM9x+Yo35FPrV3bMi+Zs/u6HVcg+uwQ5
-AKeAeKxbT370vbhUuHE7BzFJOZNUfCA7eSuPu2GQfbGs5h+QLp1FAalkLU3DL7nn
-UNVOKlyrdnY3Rtd57EKZ96LspIlw3Dgrh6aqJOadkiQbvvb91C8ZF3rmMgeUVAVT
-Q+lsvK9Hy7zL/b07RBKB8WtLu+20z6slTxjSzAL8o0+1QjPLWc0J3NNQ/aB2jKx+
-ZopC9q0ckvO2+xRG603XLzDgbe5bNr5EdLcgBVeFTegAGaL2DOauocBC36esgl3H
-aLcY5olLmmv6znn58yynAgMBAAGjggFQMIIBTDBIBgNVHSAEQTA/MD0GBFUdIAAw
-NTAzBggrBgEFBQcCARYnaHR0cDovL3d3dy5kaWdpbm90YXIubmwvY3BzL3BraW92
-ZXJoZWlkMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0PAQH/BAQDAgEGMIGABgNVHSME
-eTB3gBQLhtYPd6NosftkCcOIblwEHFfpPaFZpFcwVTELMAkGA1UEBhMCTkwxHjAc
-BgNVBAoTFVN0YWF0IGRlciBOZWRlcmxhbmRlbjEmMCQGA1UEAxMdU3RhYXQgZGVy
-IE5lZGVybGFuZGVuIFJvb3QgQ0GCBACYmnkwPQYDVR0fBDYwNDAyoDCgLoYsaHR0
-cDovL2NybC5wa2lvdmVyaGVpZC5ubC9Eb21PdkxhdGVzdENSTC5jcmwwHQYDVR0O
-BBYEFEwIyY128ZjHPt881y91DbF2eZfMMA0GCSqGSIb3DQEBBQUAA4IBAQAMlIca
-v03jheLu19hjeQ5Q38aEW9K72fUxCho1l3TfFPoqDz7toOMI9tVOW6+mriXiRWsi
-D7dUKH6S3o0UbNEc5W50BJy37zRERd/Jgx0ZH8Apad+J1T/CsFNt5U4X5HNhIxMm
-cUP9TFnLw98iqiEr2b+VERqKpOKrp11Lbyn1UtHk0hWxi/7wA8+nfemZhzizDXMU
-5HIs4c71rQZIZPrTKbmi2Lv01QulQERDjqC/zlqlUkxk0xcxYczopIro5Ij76eUv
-BjMzm5RmZrGrUDqhCYF0U1onuabSJc/Tw6f/ltAv6uAejVLpGBwgCkegllYOQJBR
-RKwa/fHuhR/3Qlpl
------END CERTIFICATE-----
-
-// Subject: CN=DigiNotar PKIoverheid CA Overheid
-//          O=DigiNotar B.V.,
-//          C=NL
-// Issuer:  CN=Staat der Nederlanden Overheid CA
-//          O=Staat der Nederlanden,
-//          C=NL
-// Serial:  20006006 (01:31:44:76)
------BEGIN CERTIFICATE-----
-MIIEezCCA2OgAwIBAgIEATFEdjANBgkqhkiG9w0BAQUFADBZMQswCQYDVQQGEwJO
-TDEeMBwGA1UEChMVU3RhYXQgZGVyIE5lZGVybGFuZGVuMSowKAYDVQQDEyFTdGFh
-dCBkZXIgTmVkZXJsYW5kZW4gT3ZlcmhlaWQgQ0EwHhcNMDQwNjI0MDgxOTMyWhcN
-MTAwNjIzMDgxNzM2WjBSMQswCQYDVQQGEwJOTDEXMBUGA1UEChMORGlnaU5vdGFy
-IEIuVi4xKjAoBgNVBAMTIURpZ2lOb3RhciBQS0lvdmVyaGVpZCBDQSBPdmVyaGVp
-ZDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBANSlrubta5tlOjVCi/gb
-yLCvRqfBjxG8H594VcKHu0WAYc99SPZF9cycj5mw2GyfQvy/WIrGrL4iyNq1gSqR
-0QA/mTXKZIaPqzpDhdm+VvrKkmjrbZfaQxgMSs3ChtBsjcP9Lc0X1zXZ4Q8nBe3k
-BTp+zehINfmbjoEgXLxsMR5RQ6GxzKjuC04PQpbJQgTIakglKaqYcDDZbEscWgPV
-Hgj/2aoHlj6leW/ThHZ+O41jUguEmBLZA3mu3HrCfrHntb5dPt0ihzSx7GtD/SaX
-5HBLxnP189YuqMk5iRA95CtiSdKauvon/xRKRLNgG6XAz0ctSoY7xLDdiBVU5kJd
-FScCAwEAAaOCAVAwggFMMEgGA1UdIARBMD8wPQYEVR0gADA1MDMGCCsGAQUFBwIB
-FidodHRwOi8vd3d3LmRpZ2lub3Rhci5ubC9jcHMvcGtpb3ZlcmhlaWQwDwYDVR0T
-AQH/BAUwAwEB/zAOBgNVHQ8BAf8EBAMCAQYwgYAGA1UdIwR5MHeAFAuG1g93o2ix
-+2QJw4huXAQcV+k9oVmkVzBVMQswCQYDVQQGEwJOTDEeMBwGA1UEChMVU3RhYXQg
-ZGVyIE5lZGVybGFuZGVuMSYwJAYDVQQDEx1TdGFhdCBkZXIgTmVkZXJsYW5kZW4g
-Um9vdCBDQYIEAJiaeTA9BgNVHR8ENjA0MDKgMKAuhixodHRwOi8vY3JsLnBraW92
-ZXJoZWlkLm5sL0RvbU92TGF0ZXN0Q1JMLmNybDAdBgNVHQ4EFgQUvRaYQh2+kdE9
-wpcl4CjXWOC1f+IwDQYJKoZIhvcNAQEFBQADggEBAGhQsCWLiaN2EOhPAW+JQP6o
-XBOrLv5w6joahzBFVn1BiefzmlMKjibqKYxURRvMAsMkh82/MfL8V0w6ugxl81lu
-i42dcxl9cKSVXKMw4bbBzJ2VQI5HTIABwefeNuy/eX6idVwYdt3ajAH7fUA8Q9Cq
-vr6H8B+8mwoEqTVTEVlCSsC/EXsokYEUr06PPzRudKjDmijgj7zFaIioZNc8hk7g
-ufEgrs/tmcNGylrwRHgCXjCRBt2NHlZ08l7A1AGU8HcHlSbG9Un/2q9kVHUkps0D
-gtUaEK+x6jpAu/R8Ojezu/+ZEcwwjI/KOhG+84+ejFmtyEkrUdsAdEdLf/2dKsw=
------END CERTIFICATE-----
-
-// Subject: EMAILADDRESS=info@diginotar.nl,
-//          CN=DigiNotar Services 1024 CA
-//          O=DigiNotar, C=NL
-// Issuer:  CN=Entrust.net Secure Server Certification Authority,
-//          OU=(c) 1999 Entrust.net Limited,
-//          OU=www.entrust.net/CPS incorp. by ref. (limits liab.),
-//          O=Entrust.net,
-//          C=US
-// Serial:  1184640176 (46:9c:2c:b0)
------BEGIN CERTIFICATE-----
-MIIDzTCCAzagAwIBAgIERpwssDANBgkqhkiG9w0BAQUFADCBwzELMAkGA1UEBhMC
-VVMxFDASBgNVBAoTC0VudHJ1c3QubmV0MTswOQYDVQQLEzJ3d3cuZW50cnVzdC5u
-ZXQvQ1BTIGluY29ycC4gYnkgcmVmLiAobGltaXRzIGxpYWIuKTElMCMGA1UECxMc
-KGMpIDE5OTkgRW50cnVzdC5uZXQgTGltaXRlZDE6MDgGA1UEAxMxRW50cnVzdC5u
-ZXQgU2VjdXJlIFNlcnZlciBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eTAeFw0wNzA3
-MjYxNTU5MDBaFw0xMzA4MjYxNjI5MDBaMGgxCzAJBgNVBAYTAk5MMRIwEAYDVQQK
-EwlEaWdpTm90YXIxIzAhBgNVBAMTGkRpZ2lOb3RhciBTZXJ2aWNlcyAxMDI0IENB
-MSAwHgYJKoZIhvcNAQkBFhFpbmZvQGRpZ2lub3Rhci5ubDCBnzANBgkqhkiG9w0B
-AQEFAAOBjQAwgYkCgYEA2ptNXTz50eKLxsYIIMXZHkjsZlhneWIrQWP0iY1o2q+4
-lDaLGSSkoJPSmQ+yrS01Tc0vauH5mxkrvAQafi09UmTN8T5nD4ku6PJPrqYIoYX+
-oakJ5sarPkP8r3oDkdqmOaZh7phPGKjTs69mgumfvN1y+QYEvRLZGCTnq5NTi1kC
-AwEAAaOCASYwggEiMBIGA1UdEwEB/wQIMAYBAf8CAQAwJwYDVR0lBCAwHgYIKwYB
-BQUHAwEGCCsGAQUFBwMCBggrBgEFBQcDBDARBgNVHSAECjAIMAYGBFUdIAAwMwYI
-KwYBBQUHAQEEJzAlMCMGCCsGAQUFBzABhhdodHRwOi8vb2NzcC5lbnRydXN0Lm5l
-dDAzBgNVHR8ELDAqMCigJqAkhiJodHRwOi8vY3JsLmVudHJ1c3QubmV0L3NlcnZl
-cjEuY3JsMB0GA1UdDgQWBBT+3JRJDG/vXH/G8RKZTxZJrfuCZTALBgNVHQ8EBAMC
-AQYwHwYDVR0jBBgwFoAU8BdiE1U9s/8KAGv7UISX8+1i0BowGQYJKoZIhvZ9B0EA
-BAwwChsEVjcuMQMCAIEwDQYJKoZIhvcNAQEFBQADgYEAY3RqN6k/lpxmyFisCcnv
-9WWUf6MCxDgxvV0jh+zUVrLJsm7kBQb87PX6iHBZ1O7m3bV6oKNgLwIMq94SXa/w
-NUuqikeRGvWFLELHHe+VQ7NeuJWTpdrFKKqtci0xrZlrbP+MISevrZqRK8fdWMNu
-B8WfedLHjFW/TMcnXlEWKz4=
------END CERTIFICATE-----
-
-// Subject: CN=Buster Paper Comercial Ltda,
-//          O=Buster Paper Comercial Ltda,
-//          L=S?o Jos? Dos Campos,
-//          ST=S?o Paulo,
-//          C=BR
-// Issuer:  CN=DigiCert Assured ID Code Signing CA-1,
-//          OU=www.digicert.com,
-//          O=DigiCert Inc,
-//          C=US
-// Serial:  07:b4:4c:db:ff:fb:78:de:05:f4:26:16:72:a6:73:12
------BEGIN CERTIFICATE-----
-MIIGwzCCBaugAwIBAgIQB7RM2//7eN4F9CYWcqZzEjANBgkqhkiG9w0BAQUFADBv
-MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3
-d3cuZGlnaWNlcnQuY29tMS4wLAYDVQQDEyVEaWdpQ2VydCBBc3N1cmVkIElEIENv
-ZGUgU2lnbmluZyBDQS0xMB4XDTEzMDExNzAwMDAwMFoXDTE0MDEyMjEyMDAwMFow
-gY4xCzAJBgNVBAYTAkJSMRMwEQYDVQQIDApTw6NvIFBhdWxvMR4wHAYDVQQHDBVT
-w6NvIEpvc8OpIERvcyBDYW1wb3MxJDAiBgNVBAoTG0J1c3RlciBQYXBlciBDb21l
-cmNpYWwgTHRkYTEkMCIGA1UEAxMbQnVzdGVyIFBhcGVyIENvbWVyY2lhbCBMdGRh
-MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzO0l6jWIpEfO2oUpVHpL
-HETj5lzivNb0S9jKHgGJax917czh81PnGTxwxFXd6gLJuy/XFHvmiSi8g8jzlymn
-2Ji5zQ3CPaz7nomJokSUDlMVJ2qYWtctw4jrdjuI4qtn+koXXUFkWjkf8h8251I4
-tUs7S49HE2Go5owCYP3byajj7fsFAYR/Xb7TdVtndkZsUB/YgOjHovyACjouaNCi
-mDiRyQ6zLLjZGiyeD65Yiseuhp5b8/BL5h1p7w76QYMYMVQNAdtDKut2R8MBpuWf
-Ny7Eoi0x/gm1p9X5Rcl5aN7K0G4UtTAJKbkuUfXddsyFoM0Nx8uo8SgNQ8Y/X5Jx
-BwIDAQABo4IDOTCCAzUwHwYDVR0jBBgwFoAUe2jOKarAF75JeuHlP9an90WPNTIw
-HQYDVR0OBBYEFFLZ3n5nt/Eer7n1bvtOqMb1qKO5MA4GA1UdDwEB/wQEAwIHgDAT
-BgNVHSUEDDAKBggrBgEFBQcDAzBzBgNVHR8EbDBqMDOgMaAvhi1odHRwOi8vY3Js
-My5kaWdpY2VydC5jb20vYXNzdXJlZC1jcy0yMDExYS5jcmwwM6AxoC+GLWh0dHA6
-Ly9jcmw0LmRpZ2ljZXJ0LmNvbS9hc3N1cmVkLWNzLTIwMTFhLmNybDCCAcQGA1Ud
-IASCAbswggG3MIIBswYJYIZIAYb9bAMBMIIBpDA6BggrBgEFBQcCARYuaHR0cDov
-L3d3dy5kaWdpY2VydC5jb20vc3NsLWNwcy1yZXBvc2l0b3J5Lmh0bTCCAWQGCCsG
-AQUFBwICMIIBVh6CAVIAQQBuAHkAIAB1AHMAZQAgAG8AZgAgAHQAaABpAHMAIABD
-AGUAcgB0AGkAZgBpAGMAYQB0AGUAIABjAG8AbgBzAHQAaQB0AHUAdABlAHMAIABh
-AGMAYwBlAHAAdABhAG4AYwBlACAAbwBmACAAdABoAGUAIABEAGkAZwBpAEMAZQBy
-AHQAIABDAFAALwBDAFAAUwAgAGEAbgBkACAAdABoAGUAIABSAGUAbAB5AGkAbgBn
-ACAAUABhAHIAdAB5ACAAQQBnAHIAZQBlAG0AZQBuAHQAIAB3AGgAaQBjAGgAIABs
-AGkAbQBpAHQAIABsAGkAYQBiAGkAbABpAHQAeQAgAGEAbgBkACAAYQByAGUAIABp
-AG4AYwBvAHIAcABvAHIAYQB0AGUAZAAgAGgAZQByAGUAaQBuACAAYgB5ACAAcgBl
-AGYAZQByAGUAbgBjAGUALjCBggYIKwYBBQUHAQEEdjB0MCQGCCsGAQUFBzABhhho
-dHRwOi8vb2NzcC5kaWdpY2VydC5jb20wTAYIKwYBBQUHMAKGQGh0dHA6Ly9jYWNl
-cnRzLmRpZ2ljZXJ0LmNvbS9EaWdpQ2VydEFzc3VyZWRJRENvZGVTaWduaW5nQ0Et
-MS5jcnQwDAYDVR0TAQH/BAIwADANBgkqhkiG9w0BAQUFAAOCAQEAPTTQvpOIikXI
-hTLnNbajaFRR5GhQpTzUNgBfF9VYSlNw/wMjpGsrh5RxaJCip52jbehmTgjMRhft
-jRYyml44PAVsCcR9uEoDpCZYpI1fHI1R+F8jd1C9rqprbSwwOG4xlg4SmvTHYs6e
-gBItQ/1p9XY+Sf4Wv1qOuOFL1qvV/5VyR2zdlOQCmKCeMgxt6a/tHLBDiAA67D44
-/vfdoNJl0CU2It0PO60jdCPFNWIRcxL+OSDqAoePeUC7xQ+JsTEIxuUE8+d6w6fc
-BV2mYb1flh22t46GLjh4gyo7xw3aL6L0L0jzlTT6IcEw6NIbaPbIKj/npQnHobYj
-XMuKLxbh7g==
------END CERTIFICATE-----
-
-// Subject: CN=BUSTER ASSISTENCIA TECNICA ELETRONICA LTDA - ME,
-//          O=BUSTER ASSISTENCIA TECNICA ELETRONICA LTDA - ME,
-//          L=S?o Paulo,
-//          ST=S?o Paulo,
-//          C=BR
-// Issuer:  CN=DigiCert Assured ID Code Signing CA-1,
-//          OU=www.digicert.com,
-//          O=DigiCert Inc,
-//          C=US
-// Serial:  0a:38:9b:95:ee:73:6d:d1:3b:c0:ed:74:3f:d7:4d:2f
------BEGIN CERTIFICATE-----
-MIIG4DCCBcigAwIBAgIQCjible5zbdE7wO10P9dNLzANBgkqhkiG9w0BAQUFADBv
-MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3
-d3cuZGlnaWNlcnQuY29tMS4wLAYDVQQDEyVEaWdpQ2VydCBBc3N1cmVkIElEIENv
-ZGUgU2lnbmluZyBDQS0xMB4XDTEyMTEwOTAwMDAwMFoXDTEzMTExNDEyMDAwMFow
-gasxCzAJBgNVBAYTAkJSMRMwEQYDVQQIDApTw6NvIFBhdWxvMRMwEQYDVQQHDApT
-w6NvIFBhdWxvMTgwNgYDVQQKEy9CVVNURVIgQVNTSVNURU5DSUEgVEVDTklDQSBF
-TEVUUk9OSUNBIExUREEgLSBNRTE4MDYGA1UEAxMvQlVTVEVSIEFTU0lTVEVOQ0lB
-IFRFQ05JQ0EgRUxFVFJPTklDQSBMVERBIC0gTUUwggEiMA0GCSqGSIb3DQEBAQUA
-A4IBDwAwggEKAoIBAQDAqNeEs5/B2CTXGjTOkUIdu6jV6qulOZwdw4sefHWYj1UR
-4z6zPk9kjpUgbnb402RFq88QtfInwddZ/wXn9OxMtDd/3TnC7HrhNS7ga79ZFL2V
-JnmzKHum2Yvh0q82QEJ9tHBR2X9VdKpUIH08Zs3k6cWWM1H0YX0cxA/HohhesQJW
-kwJ3urOIJiH/HeByDk8a1NS8safcCxk5vxvW4WvCg43iT09LeHY5Aa8abKw8lqVb
-0tD5ZSIjdmdj3TT1U37iAHLLRM2DXbxfdbhouUX1c5U1ZHAMA67HwjKiseOiDaHj
-NUGbC37C+cgbc9VVM/cURD8WvS0Kj6fQv7F2QtJDAgMBAAGjggM5MIIDNTAfBgNV
-HSMEGDAWgBR7aM4pqsAXvkl64eU/1qf3RY81MjAdBgNVHQ4EFgQU88EXKAyDsh30
-o9+Gu9a4xUy+FSMwDgYDVR0PAQH/BAQDAgeAMBMGA1UdJQQMMAoGCCsGAQUFBwMD
-MHMGA1UdHwRsMGowM6AxoC+GLWh0dHA6Ly9jcmwzLmRpZ2ljZXJ0LmNvbS9hc3N1
-cmVkLWNzLTIwMTFhLmNybDAzoDGgL4YtaHR0cDovL2NybDQuZGlnaWNlcnQuY29t
-L2Fzc3VyZWQtY3MtMjAxMWEuY3JsMIIBxAYDVR0gBIIBuzCCAbcwggGzBglghkgB
-hv1sAwEwggGkMDoGCCsGAQUFBwIBFi5odHRwOi8vd3d3LmRpZ2ljZXJ0LmNvbS9z
-c2wtY3BzLXJlcG9zaXRvcnkuaHRtMIIBZAYIKwYBBQUHAgIwggFWHoIBUgBBAG4A
-eQAgAHUAcwBlACAAbwBmACAAdABoAGkAcwAgAEMAZQByAHQAaQBmAGkAYwBhAHQA
-ZQAgAGMAbwBuAHMAdABpAHQAdQB0AGUAcwAgAGEAYwBjAGUAcAB0AGEAbgBjAGUA
-IABvAGYAIAB0AGgAZQAgAEQAaQBnAGkAQwBlAHIAdAAgAEMAUAAvAEMAUABTACAA
-YQBuAGQAIAB0AGgAZQAgAFIAZQBsAHkAaQBuAGcAIABQAGEAcgB0AHkAIABBAGcA
-cgBlAGUAbQBlAG4AdAAgAHcAaABpAGMAaAAgAGwAaQBtAGkAdAAgAGwAaQBhAGIA
-aQBsAGkAdAB5ACAAYQBuAGQAIABhAHIAZQAgAGkAbgBjAG8AcgBwAG8AcgBhAHQA
-ZQBkACAAaABlAHIAZQBpAG4AIABiAHkAIAByAGUAZgBlAHIAZQBuAGMAZQAuMIGC
-BggrBgEFBQcBAQR2MHQwJAYIKwYBBQUHMAGGGGh0dHA6Ly9vY3NwLmRpZ2ljZXJ0
-LmNvbTBMBggrBgEFBQcwAoZAaHR0cDovL2NhY2VydHMuZGlnaWNlcnQuY29tL0Rp
-Z2lDZXJ0QXNzdXJlZElEQ29kZVNpZ25pbmdDQS0xLmNydDAMBgNVHRMBAf8EAjAA
-MA0GCSqGSIb3DQEBBQUAA4IBAQAei1QmiXepje8OIfo/WonD4MIXgpPr2dfRaquQ
-A8q63OpTRSveyqdQDCSPpDRF/nvO1Y30yksZvIH1tNBsW5LBdxAKN3lFdBlqBwtE
-Q3jHc0KVVYRJ0FBaGE/PJHmRajscdAhYIcMPhTga0u0tDK+wOHEq3993dfl6yHjA
-XHU2iW5pnk75ZoE39zALD5eKXT8ZXrET5c3XUFJKWA+XuGmdmyzqo0Au49PanBv9
-UlZnabYfqoMArqMS0tGSX4cGgi9/2E+pHG9BX4sFW+ZDumroOA2pxyMWEKjxePEL
-zCOfhbsRWdMLYepauaNZOIMZXmFwcrIl0TGMkTAtATz+XmZc
------END CERTIFICATE-----
-
-// Subject: CN=CLEARESULT CONSULTING INC., OU=Corporate IT,
-//          O=CLEARESULT CONSULTING INC., L=Austin, ST=TX, C=US
-// Issuer:  SERIALNUMBER=07969287,
-//          CN=Go Daddy Secure Certification Authority,
-//          OU=http://certificates.godaddy.com/repository,
-//          O="GoDaddy.com, Inc.",
-//          L=Scottsdale,
-//          ST=Arizona,
-//          C=US
-// Serial:  2b:73:43:2a:a8:4f:44
------BEGIN CERTIFICATE-----
-MIIFYjCCBEqgAwIBAgIHK3NDKqhPRDANBgkqhkiG9w0BAQUFADCByjELMAkGA1UE
-BhMCVVMxEDAOBgNVBAgTB0FyaXpvbmExEzARBgNVBAcTClNjb3R0c2RhbGUxGjAY
-BgNVBAoTEUdvRGFkZHkuY29tLCBJbmMuMTMwMQYDVQQLEypodHRwOi8vY2VydGlm
-aWNhdGVzLmdvZGFkZHkuY29tL3JlcG9zaXRvcnkxMDAuBgNVBAMTJ0dvIERhZGR5
-IFNlY3VyZSBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eTERMA8GA1UEBRMIMDc5Njky
-ODcwHhcNMTIwMjE1MjEwOTA2WhcNMTQwMjE1MjEwOTA2WjCBjDELMAkGA1UEBgwC
-VVMxCzAJBgNVBAgMAlRYMQ8wDQYDVQQHDAZBdXN0aW4xIzAhBgNVBAoMGkNMRUFS
-RVNVTFQgQ09OU1VMVElORyBJTkMuMRUwEwYDVQQLDAxDb3Jwb3JhdGUgSVQxIzAh
-BgNVBAMMGkNMRUFSRVNVTFQgQ09OU1VMVElORyBJTkMuMIIBIjANBgkqhkiG9w0B
-AQEFAAOCAQ8AMIIBCgKCAQEAtIOjCKeAicull+7ZIzt0/4ya3IeXUFlfypqKMLkU
-IbKjn0P5uMj6VE3rlbZr44RCegxvdnR6umBh1c0ZXoN3o+yc0JKcKcLiApmJJ277
-p7IbLwYDhBXRQNoIJm187IOMRPIxsKN4hL91txn9jGBmW+9zKlJlNhR5R7vjwU2E
-jrH/6oqsc9EM2yYpfjlNv6+3jSwAYZCkSWr+27PQOV+YHKmIxtJjX0upFz5FdIrV
-9CCX+L2Kji1THOkSgG4QTbYxmEcHqGViWz8hXLeNXjcbEsPuIiAu3hknxRHfUTE/
-U0Lh0Ug1e3LrJu+WnxM2SmUY4krsZ22c0yWUW9hzWITIjQIDAQABo4IBhzCCAYMw
-DwYDVR0TAQH/BAUwAwEBADATBgNVHSUEDDAKBggrBgEFBQcDAzAOBgNVHQ8BAf8E
-BAMCB4AwMwYDVR0fBCwwKjAooCagJIYiaHR0cDovL2NybC5nb2RhZGR5LmNvbS9n
-ZHM1LTE2LmNybDBTBgNVHSAETDBKMEgGC2CGSAGG/W0BBxcCMDkwNwYIKwYBBQUH
-AgEWK2h0dHA6Ly9jZXJ0aWZpY2F0ZXMuZ29kYWRkeS5jb20vcmVwb3NpdG9yeS8w
-gYAGCCsGAQUFBwEBBHQwcjAkBggrBgEFBQcwAYYYaHR0cDovL29jc3AuZ29kYWRk
-eS5jb20vMEoGCCsGAQUFBzAChj5odHRwOi8vY2VydGlmaWNhdGVzLmdvZGFkZHku
-Y29tL3JlcG9zaXRvcnkvZ2RfaW50ZXJtZWRpYXRlLmNydDAfBgNVHSMEGDAWgBT9
-rGEyk2xF1uLuhV+auud2mWjM5zAdBgNVHQ4EFgQUDtdeKqeN2QkcbEp1HovFieNB
-XiowDQYJKoZIhvcNAQEFBQADggEBAD74Agw5tvi2aBl4/f/s7/VE/BClzDsKMb9K
-v9qpeC45ZA/jelxV11HKbQnVF194gDb7D2H9OsAsRUy8HVKbXEcc/8dKvwOqb+BC
-2i/EmfjLgmCfezNFtLq8xcPxF3zIRc44vPrK0z4YZsaHdH+yTEJ51p5EMdTqaLaP
-4n5m8LX3RfqlQB9dYFe6dUoYZjKm9d/pIRww3VqfOzjl42Edi1w6dWmBVMx1NZuR
-DBabJH1vJ9Gd+KwxMCmBZ6pQPl28JDimhJhI2LNqU349uADQVV0HJosddN/ARyyI
-LSIQO7BnNVKVG9Iujf33bvPNeg0qNz5qw+rKKq97Pqeum+L5oKU=
------END CERTIFICATE-----
--- a/src/share/lib/security/java.security-aix	Thu Jul 10 12:13:26 2014 -0700
+++ b/src/share/lib/security/java.security-aix	Thu Jul 10 12:40:48 2014 -0700
@@ -206,7 +206,6 @@
                com.sun.org.glassfish.,\
                com.oracle.xmlns.internal.,\
                com.oracle.webservices.internal.,\
-               oracle.jrockit.jfr.,\
                org.jcp.xml.dsig.internal.,\
                jdk.internal.,\
                jdk.nashorn.internal.,\
@@ -253,7 +252,6 @@
                    com.sun.org.glassfish.,\
                    com.oracle.xmlns.internal.,\
                    com.oracle.webservices.internal.,\
-                   oracle.jrockit.jfr.,\
                    org.jcp.xml.dsig.internal.,\
                    jdk.internal.,\
                    jdk.nashorn.internal.,\
--- a/src/share/lib/security/java.security-linux	Thu Jul 10 12:13:26 2014 -0700
+++ b/src/share/lib/security/java.security-linux	Thu Jul 10 12:40:48 2014 -0700
@@ -206,7 +206,6 @@
                com.sun.org.glassfish.,\
                com.oracle.xmlns.internal.,\
                com.oracle.webservices.internal.,\
-               oracle.jrockit.jfr.,\
                org.jcp.xml.dsig.internal.,\
                jdk.internal.,\
                jdk.nashorn.internal.,\
@@ -253,7 +252,6 @@
                    com.sun.org.glassfish.,\
                    com.oracle.xmlns.internal.,\
                    com.oracle.webservices.internal.,\
-                   oracle.jrockit.jfr.,\
                    org.jcp.xml.dsig.internal.,\
                    jdk.internal.,\
                    jdk.nashorn.internal.,\
--- a/src/share/lib/security/java.security-macosx	Thu Jul 10 12:13:26 2014 -0700
+++ b/src/share/lib/security/java.security-macosx	Thu Jul 10 12:40:48 2014 -0700
@@ -207,7 +207,6 @@
                com.sun.org.glassfish.,\
                com.oracle.xmlns.internal.,\
                com.oracle.webservices.internal.,\
-               oracle.jrockit.jfr.,\
                org.jcp.xml.dsig.internal.,\
                jdk.internal.,\
                jdk.nashorn.internal.,\
@@ -254,7 +253,6 @@
                    com.sun.org.glassfish.,\
                    com.oracle.xmlns.internal.,\
                    com.oracle.webservices.internal.,\
-                   oracle.jrockit.jfr.,\
                    org.jcp.xml.dsig.internal.,\
                    jdk.internal.,\
                    jdk.nashorn.internal.,\
--- a/src/share/lib/security/java.security-solaris	Thu Jul 10 12:13:26 2014 -0700
+++ b/src/share/lib/security/java.security-solaris	Thu Jul 10 12:40:48 2014 -0700
@@ -208,7 +208,6 @@
                com.sun.org.glassfish.,\
                com.oracle.xmlns.internal.,\
                com.oracle.webservices.internal.,\
-               oracle.jrockit.jfr.,\
                org.jcp.xml.dsig.internal.,\
                jdk.internal.,\
                jdk.nashorn.internal.,\
@@ -254,7 +253,6 @@
                    com.sun.org.glassfish.,\
                    com.oracle.xmlns.internal.,\
                    com.oracle.webservices.internal.,\
-                   oracle.jrockit.jfr.,\
                    org.jcp.xml.dsig.internal.,\
                    jdk.internal.,\
                    jdk.nashorn.internal.,\
--- a/src/share/lib/security/java.security-windows	Thu Jul 10 12:13:26 2014 -0700
+++ b/src/share/lib/security/java.security-windows	Thu Jul 10 12:40:48 2014 -0700
@@ -207,7 +207,6 @@
                com.sun.org.glassfish.,\
                com.oracle.xmlns.internal.,\
                com.oracle.webservices.internal.,\
-               oracle.jrockit.jfr.,\
                org.jcp.xml.dsig.internal.,\
                jdk.internal.,\
                jdk.nashorn.internal.,\
@@ -254,7 +253,6 @@
                    com.sun.org.glassfish.,\
                    com.oracle.xmlns.internal.,\
                    com.oracle.webservices.internal.,\
-                   oracle.jrockit.jfr.,\
                    org.jcp.xml.dsig.internal.,\
                    jdk.internal.,\
                    jdk.nashorn.internal.,\
--- a/src/share/native/common/check_code.c	Thu Jul 10 12:13:26 2014 -0700
+++ b/src/share/native/common/check_code.c	Thu Jul 10 12:40:48 2014 -0700
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 1994, 2013, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 1994, 2014, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -1357,16 +1357,9 @@
                 }
                 (*env)->DeleteLocalRef(env, super);
 
-                /* The optimizer make cause this to happen on local code */
+                /* The optimizer may cause this to happen on local code */
                 if (not_found) {
-#ifdef BROKEN_JAVAC
-                    jobject loader = JVM_GetClassLoader(env, context->class);
-                    int has_loader = (loader != 0);
-                    (*env)->DeleteLocalRef(env, loader);
-                    if (has_loader)
-#endif /* BROKEN_JAVAC */
-                        CCerror(context,
-                                "Illegal use of nonvirtual function call");
+                    CCerror(context, "Illegal use of nonvirtual function call");
                 }
             }
         }
--- a/src/share/native/java/lang/Class.c	Thu Jul 10 12:13:26 2014 -0700
+++ b/src/share/native/java/lang/Class.c	Thu Jul 10 12:40:48 2014 -0700
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 1994, 2013, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 1994, 2014, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -45,7 +45,6 @@
 #define CLS "Ljava/lang/Class;"
 #define CPL "Lsun/reflect/ConstantPool;"
 #define STR "Ljava/lang/String;"
-#define JCL "Ljava/lang/ClassLoader;"
 #define FLD "Ljava/lang/reflect/Field;"
 #define MHD "Ljava/lang/reflect/Method;"
 #define CTR "Ljava/lang/reflect/Constructor;"
@@ -56,7 +55,6 @@
     {"getName0",         "()" STR,          (void *)&JVM_GetClassName},
     {"getSuperclass",    "()" CLS,          NULL},
     {"getInterfaces0",   "()[" CLS,         (void *)&JVM_GetClassInterfaces},
-    {"getClassLoader0",  "()" JCL,          (void *)&JVM_GetClassLoader},
     {"isInterface",      "()Z",             (void *)&JVM_IsInterface},
     {"getSigners",       "()[" OBJ,         (void *)&JVM_GetClassSigners},
     {"setSigners",       "([" OBJ ")V",     (void *)&JVM_SetClassSigners},
@@ -81,7 +79,6 @@
 #undef OBJ
 #undef CLS
 #undef STR
-#undef JCL
 #undef FLD
 #undef MHD
 #undef CTR
--- a/src/share/native/java/lang/java_props.h	Thu Jul 10 12:13:26 2014 -0700
+++ b/src/share/native/java/lang/java_props.h	Thu Jul 10 12:40:48 2014 -0700
@@ -117,7 +117,7 @@
 
     char *exceptionList;
 
-    char *awt_headless  /* java.awt.headless setting, if NULL (default) will not be set */
+    char *awt_headless;  /* java.awt.headless setting, if NULL (default) will not be set */
 #endif
 
 } java_props_t;
--- a/src/solaris/classes/sun/net/www/protocol/http/ntlm/NTLMAuthentication.java	Thu Jul 10 12:13:26 2014 -0700
+++ b/src/solaris/classes/sun/net/www/protocol/http/ntlm/NTLMAuthentication.java	Thu Jul 10 12:40:48 2014 -0700
@@ -77,8 +77,7 @@
 
     static {
         defaultDomain = java.security.AccessController.doPrivileged(
-            new sun.security.action.GetPropertyAction("http.auth.ntlm.domain",
-                                                      "domain"));
+            new sun.security.action.GetPropertyAction("http.auth.ntlm.domain", ""));
     };
 
     public static boolean supportsTransparentAuth () {
@@ -100,17 +99,13 @@
             public String run() {
                 String localhost;
                 try {
-                    localhost = InetAddress.getLocalHost().getHostName().toUpperCase();
+                    localhost = InetAddress.getLocalHost().getHostName();
                 } catch (UnknownHostException e) {
                      localhost = "localhost";
                 }
                 return localhost;
             }
         });
-        int x = hostname.indexOf ('.');
-        if (x != -1) {
-            hostname = hostname.substring (0, x);
-        }
     };
 
     PasswordAuthentication pw;
--- a/src/solaris/native/java/lang/locale_str.h	Thu Jul 10 12:13:26 2014 -0700
+++ b/src/solaris/native/java/lang/locale_str.h	Thu Jul 10 12:40:48 2014 -0700
@@ -135,7 +135,7 @@
     "sr_SP", "sr_YU",
     "tchinese", "zh_TW",
 #endif
-    ""
+    "", "",
  };
 
 /*
@@ -188,7 +188,7 @@
     "japanese", "ja",
     "korean", "ko",
 #endif
-    "",
+    "", "",
 };
 
 /*
@@ -201,7 +201,7 @@
     "iqtelif", "Latn",
     "latin", "Latn",
 #endif
-    "",
+    "", "",
 };
 
 /*
@@ -212,7 +212,7 @@
     "RN", "US", // used on Linux, not clear what it stands for
 #endif
     "YU", "CS", // YU has been removed from ISO 3166
-    "",
+    "", "",
 };
 
 /*
@@ -220,5 +220,5 @@
  */
 static char *variant_names[] = {
     "nynorsk", "NY",
-    "",
+    "", "",
 };
--- a/src/windows/native/java/net/net_util_md.c	Thu Jul 10 12:13:26 2014 -0700
+++ b/src/windows/native/java/net/net_util_md.c	Thu Jul 10 12:40:48 2014 -0700
@@ -443,6 +443,13 @@
 {
     int rv;
 
+    if (level == IPPROTO_IPV6 && optname == IPV6_TCLASS) {
+        int *intopt = (int *)optval;
+        *intopt = 0;
+        *optlen = sizeof(*intopt);
+        return 0;
+    }
+
     rv = getsockopt(s, level, optname, optval, optlen);
 
 
--- a/src/windows/native/sun/nio/ch/Net.c	Thu Jul 10 12:13:26 2014 -0700
+++ b/src/windows/native/sun/nio/ch/Net.c	Thu Jul 10 12:40:48 2014 -0700
@@ -295,9 +295,9 @@
     /**
      * HACK: IP_TOS is deprecated on Windows and querying the option
      * returns a protocol error. NET_GetSockOpt handles this and uses
-     * a fallback mechanism.
+     * a fallback mechanism. Same applies to IPV6_TCLASS
      */
-    if (level == IPPROTO_IP && opt == IP_TOS) {
+    if ((level == IPPROTO_IP && opt == IP_TOS) || (level == IPPROTO_IPV6 && opt == IPV6_TCLASS)) {
         mayNeedConversion = JNI_TRUE;
     }
 
@@ -340,6 +340,11 @@
         arglen = sizeof(arg);
     }
 
+    if (level == IPPROTO_IPV6 && opt == IPV6_TCLASS) {
+        /* No op */
+        return;
+    }
+
     if (mayNeedConversion) {
         n = NET_SetSockOpt(fdval(env, fdo), level, opt, parg, arglen);
     } else {
--- a/test/TEST.groups	Thu Jul 10 12:13:26 2014 -0700
+++ b/test/TEST.groups	Thu Jul 10 12:40:48 2014 -0700
@@ -362,7 +362,8 @@
   sun/reflect/CallerSensitive/CallerSensitiveFinder.java \
   sun/reflect/CallerSensitive/MissingCallerSensitive.java \
   sun/security/util/Resources/NewNamesFormat.java \
-  vm/verifier/defaultMethods/DefaultMethodRegressionTestsRun.java
+  vm/verifier/defaultMethods/DefaultMethodRegressionTestsRun.java \
+  javax/xml/ws/clientjar/TestWsImport.java 
 
 # JRE adds further tests to compact3
 #
@@ -388,6 +389,7 @@
   java/security/Security/ClassLoaderDeadlock/Deadlock.sh \
   java/util/jar/Manifest/CreateManifest.java \
   java/util/logging/TestMainAppContext.java \
+  java/util/logging/TestLoggingWithMainAppContext.java \
   java/util/ResourceBundle/Control/Bug6530694.java \
   java/text/Bidi/BidiConformance.java \
   java/text/Bidi/BidiEmbeddingTest.java \
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/test/com/sun/crypto/provider/Cipher/PBE/PBESealedObject.java	Thu Jul 10 12:40:48 2014 -0700
@@ -0,0 +1,173 @@
+/*
+ * Copyright (c) 2012, 2014, Oracle and/or its affiliates. All rights reserved.
+ * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
+ *
+ * This code is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License version 2 only, as
+ * published by the Free Software Foundation.
+ *
+ * This code is distributed in the hope that it will be useful, but WITHOUT
+ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
+ * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
+ * version 2 for more details (a copy is included in the LICENSE file that
+ * accompanied this code).
+ *
+ * You should have received a copy of the GNU General Public License version
+ * 2 along with this work; if not, write to the Free Software Foundation,
+ * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+ *
+ * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
+ * or visit www.oracle.com if you need additional information or have any
+ * questions.
+ */
+
+import java.io.PrintStream;
+import java.security.AlgorithmParameters;
+import java.security.InvalidKeyException;
+import java.security.Provider;
+import java.security.Security;
+import java.security.spec.AlgorithmParameterSpec;
+import java.util.Arrays;
+import java.util.Random;
+import java.util.StringTokenizer;
+import javax.crypto.Cipher;
+import javax.crypto.SealedObject;
+import javax.crypto.SecretKey;
+import javax.crypto.SecretKeyFactory;
+import javax.crypto.spec.PBEKeySpec;
+import javax.crypto.spec.PBEParameterSpec;
+
+/**
+ * @test
+ * @bug 8041781
+ * @summary test if seal/unseal works correctly with PBE algorithms
+ * @author Yun Ke
+ * @author Bill Situ
+ * @author Alexander Fomin
+ * @run main PBESealedObject
+ */
+public class PBESealedObject {
+
+    private static final String[] PBEAlgorithms = {
+        "pbeWithMD5ANDdes",
+        "PBEWithMD5AndDES/CBC/PKCS5Padding",
+        "PBEWithMD5AndTripleDES",
+        "PBEWithMD5AndTripleDES/CBC/PKCS5Padding",
+        "PBEwithSHA1AndDESede",
+        "PBEwithSHA1AndDESede/CBC/PKCS5Padding",
+        "PBEwithSHA1AndRC2_40",
+        "PBEwithSHA1Andrc2_40/CBC/PKCS5Padding",
+        "PBEWithSHA1AndRC2_128",
+        "PBEWithSHA1andRC2_128/CBC/PKCS5Padding",
+        "PBEWithSHA1AndRC4_40",
+        "PBEWithsha1AndRC4_40/ECB/NoPadding",
+        "PBEWithSHA1AndRC4_128",
+        "pbeWithSHA1AndRC4_128/ECB/NoPadding",
+        "PBEWithHmacSHA1AndAES_128",
+        "PBEWithHmacSHA224AndAES_128",
+        "PBEWithHmacSHA256AndAES_128",
+        "PBEWithHmacSHA384AndAES_128",
+        "PBEWithHmacSHA512AndAES_128",
+        "PBEWithHmacSHA1AndAES_256",
+        "PBEWithHmacSHA224AndAES_256",
+        "PBEWithHmacSHA256AndAES_256",
+        "PBEWithHmacSHA384AndAES_256",
+        "PBEWithHmacSHA512AndAES_256"
+    };
+
+    public static void main(String[] args) {
+        PBESealedObject test = new PBESealedObject();
+        Provider sunjce = Security.getProvider("SunJCE");
+
+        if (!test.runAll(sunjce, System.out)) {
+            throw new RuntimeException("One or more tests have failed....");
+        }
+    }
+
+    public boolean runAll(Provider p, PrintStream out) {
+        boolean finalResult = true;
+
+        for (String algorithm : PBEAlgorithms) {
+            out.println("Running test with " + algorithm + ":");
+            try {
+                if (!runTest(p, algorithm, out)) {
+                    finalResult = false;
+                    out.println("STATUS: Failed");
+                } else {
+                    out.println("STATUS: Passed");
+                }
+            } catch (Exception ex) {
+                finalResult = false;
+                ex.printStackTrace(out);
+                out.println("STATUS:Failed");
+            }
+        }
+
+        return finalResult;
+    }
+
+    // Have a generic throws Exception as it can throw many different exceptions
+    public boolean runTest(Provider p, String algo, PrintStream out)
+            throws Exception {
+
+        byte[] salt = new byte[8];
+        int ITERATION_COUNT = 1000;
+        AlgorithmParameters pbeParams = null;
+
+        String baseAlgo
+                = new StringTokenizer(algo, "/").nextToken().toUpperCase();
+        boolean isAES = baseAlgo.contains("AES");
+
+        try {
+            // Initialization
+            Cipher ci = Cipher.getInstance(algo, p);
+            new Random().nextBytes(salt);
+            AlgorithmParameterSpec aps = new PBEParameterSpec(salt,
+                    ITERATION_COUNT);
+            SecretKeyFactory skf = SecretKeyFactory.getInstance(baseAlgo, p);
+            SecretKey key = skf.generateSecret(
+                    new PBEKeySpec("Secret Lover".toCharArray()));
+
+            // Seal
+            if (isAES) {
+                ci.init(Cipher.ENCRYPT_MODE, key);
+                pbeParams = ci.getParameters();
+            } else {
+                ci.init(Cipher.ENCRYPT_MODE, key, aps);
+            }
+
+            SealedObject so = new SealedObject(key, ci);
+
+            // Unseal and compare
+            if (isAES) {
+                ci.init(Cipher.DECRYPT_MODE, key, pbeParams);
+            } else {
+                ci.init(Cipher.DECRYPT_MODE, key, aps);
+            }
+
+            SecretKey unsealedKey;
+
+            unsealedKey = (SecretKey) so.getObject(ci);
+            if (!Arrays.equals(unsealedKey.getEncoded(), key.getEncoded())) {
+                return false;
+            }
+
+            unsealedKey = (SecretKey) so.getObject(key);
+            if (!Arrays.equals(unsealedKey.getEncoded(), key.getEncoded())) {
+                return false;
+            }
+
+            unsealedKey = (SecretKey) so.getObject(key, "SunJCE");
+            return Arrays.equals(unsealedKey.getEncoded(), key.getEncoded());
+        } catch (InvalidKeyException ex) {
+            if (baseAlgo.endsWith("TRIPLEDES") || baseAlgo.endsWith("AES_256")) {
+                out.println(
+                        "Expected exception , keyStrength > 128 within" + algo);
+                return true;
+            }
+
+            throw ex;
+        }
+    }
+
+}
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/test/com/sun/crypto/provider/Cipher/PBE/PBKDF2Translate.java	Thu Jul 10 12:40:48 2014 -0700
@@ -0,0 +1,311 @@
+/*
+ * Copyright (c) 2012, 2014, Oracle and/or its affiliates. All rights reserved.
+ * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
+ *
+ * This code is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License version 2 only, as
+ * published by the Free Software Foundation.
+ *
+ * This code is distributed in the hope that it will be useful, but WITHOUT
+ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
+ * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
+ * version 2 for more details (a copy is included in the LICENSE file that
+ * accompanied this code).
+ *
+ * You should have received a copy of the GNU General Public License version
+ * 2 along with this work; if not, write to the Free Software Foundation,
+ * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+ *
+ * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
+ * or visit www.oracle.com if you need additional information or have any
+ * questions.
+ */
+
+import java.security.InvalidKeyException;
+import java.security.NoSuchAlgorithmException;
+import java.security.spec.InvalidKeySpecException;
+import java.util.Arrays;
+import java.util.Random;
+import javax.crypto.SecretKey;
+import javax.crypto.SecretKeyFactory;
+import javax.crypto.interfaces.PBEKey;
+import javax.crypto.spec.PBEKeySpec;
+
+/**
+ * @test
+ * @bug 8041781
+ * @summary Verify if the SecretKeyFactory.translateKey() method works
+ * @author Alexander Fomin
+ * @run main PBKDF2Translate
+ */
+public class PBKDF2Translate {
+
+    private static final String[] ALGO_TO_TEST = {
+        "PBKDF2WithHmacSHA1",
+        "PBKDF2WithHmacSHA224",
+        "PBKDF2WithHmacSHA256",
+        "PBKDF2WithHmacSHA384",
+        "PBKDF2WithHmacSHA512"
+    };
+
+    private static final String PASS_PHRASE = "some hidden string";
+    private static final int ITERATION_COUNT = 1000;
+    private static final int KEY_SIZE = 128;
+
+    private final String algoToTest;
+    private final byte[] salt = new byte[8];
+
+    public static void main(String[] args) throws Exception {
+
+        boolean failed = false;
+
+        for (String algo : ALGO_TO_TEST) {
+
+            System.out.println("Testing " + algo + ":");
+            PBKDF2Translate theTest = new PBKDF2Translate(algo);
+
+            try {
+                if (!theTest.testMyOwnSecretKey()
+                        || !theTest.generateAndTranslateKey()
+                        || !theTest.translateSpoiledKey()) {
+                    // we don't want to set failed to false
+                    failed = true;
+                }
+            } catch (InvalidKeyException | NoSuchAlgorithmException |
+                    InvalidKeySpecException e) {
+                e.printStackTrace(System.err);
+                failed = true;
+            }
+        }
+
+        if (failed) {
+            throw new RuntimeException("One or more tests failed....");
+        }
+    }
+
+    public PBKDF2Translate(String algoToTest) {
+        this.algoToTest = algoToTest;
+        new Random().nextBytes(this.salt);
+    }
+
+    /**
+     * The test case scenario implemented in the method: - derive PBKDF2 key
+     * using the given algorithm; - translate the key - check if the translated
+     * and original keys have the same key value.
+     *
+     * @return true if the test case passed; false - otherwise.
+     * @throws NoSuchAlgorithmException
+     * @throws InvalidKeySpecException
+     * @throws InvalidKeyException
+     */
+    public boolean generateAndTranslateKey() throws NoSuchAlgorithmException,
+            InvalidKeySpecException, InvalidKeyException {
+        // derive PBKDF2 key
+        SecretKey key1 = getSecretKeyForPBKDF2(algoToTest);
+
+        // translate key
+        SecretKeyFactory skf = SecretKeyFactory.getInstance(algoToTest);
+        SecretKey key2 = skf.translateKey(key1);
+
+        // check if it still the same after translation
+        if (!Arrays.equals(key1.getEncoded(), key2.getEncoded())) {
+            System.err.println("generateAndTranslateKey test case failed: the "
+                    + "key1 and key2 values in its primary encoding format are "
+                    + "not the same for " + algoToTest + "algorithm.");
+            return false;
+        }
+
+        return true;
+    }
+
+    /**
+     * The test case scenario implemented in the method: - derive Key1 for the
+     * given PBKDF2 algorithm - create my own secret Key2 as an instance of a
+     * class implements PBEKey - translate Key2 - check if the key value of the
+     * translated key and Key1 are the same.
+     *
+     * @return true if the test case passed; false - otherwise.
+     * @throws NoSuchAlgorithmException
+     * @throws InvalidKeySpecException
+     * @throws InvalidKeyException
+     */
+    public boolean testMyOwnSecretKey()
+            throws NoSuchAlgorithmException, InvalidKeySpecException,
+            InvalidKeyException {
+        SecretKey key1 = getSecretKeyForPBKDF2(algoToTest);
+        SecretKey key2 = getMyOwnSecretKey();
+
+        // Is it actually the same?
+        if (!Arrays.equals(key1.getEncoded(), key2.getEncoded())) {
+            System.err.println("We shouldn't be here. The key1 and key2 values "
+                    + "in its primary encoding format have to be the same!");
+            return false;
+        }
+
+        // Translate key
+        SecretKeyFactory skf = SecretKeyFactory.getInstance(algoToTest);
+        SecretKey key3 = skf.translateKey(key2);
+
+        // Check if it still the same after translation
+        if (!Arrays.equals(key1.getEncoded(), key3.getEncoded())) {
+            System.err.println("testMyOwnSecretKey test case failed: the key1 "
+                    + "and key3 values in its primary encoding format are not "
+                    + "the same for " + algoToTest + "algorithm.");
+            return false;
+        }
+
+        return true;
+    }
+
+    /**
+     * The test case scenario implemented in the method: - create my own secret
+     * Key2 as an instance of a class implements PBEKey - spoil the key (set
+     * iteration count to 0, for example) - try to translate key -
+     * InvalidKeyException is expected.
+     *
+     * @return true if InvalidKeyException occurred; false - otherwise.
+     * @throws NoSuchAlgorithmException
+     * @throws InvalidKeySpecException
+     */
+    public boolean translateSpoiledKey() throws NoSuchAlgorithmException,
+            InvalidKeySpecException {
+        // derive the key
+        SecretKey key1 = getMyOwnSecretKey();
+
+        // spoil the key
+        ((MyPBKDF2SecretKey) key1).spoil();
+
+        // translate key
+        SecretKeyFactory skf = SecretKeyFactory.getInstance(algoToTest);
+        try {
+            SecretKey key2 = skf.translateKey(key1);
+        } catch (InvalidKeyException ike) {
+            // this is expected
+            return true;
+        }
+
+        return false;
+    }
+
+    /**
+     * Generate a PBKDF2 secret key using given algorithm.
+     *
+     * @param algoToDeriveKey PBKDF2 algorithm
+     * @return PBKDF2 secret key
+     * @throws NoSuchAlgorithmException
+     * @throws InvalidKeySpecException
+     */
+    private SecretKey getSecretKeyForPBKDF2(String algoToDeriveKey)
+            throws NoSuchAlgorithmException, InvalidKeySpecException {
+        SecretKeyFactory skf = SecretKeyFactory.getInstance(algoToDeriveKey);
+
+        PBEKeySpec spec = new PBEKeySpec(PASS_PHRASE.toCharArray(),
+                this.salt, ITERATION_COUNT, KEY_SIZE);
+
+        return skf.generateSecret(spec);
+    }
+
+    /**
+     * Generate a secrete key as an instance of a class implements PBEKey.
+     *
+     * @return secrete key
+     * @throws InvalidKeySpecException
+     * @throws NoSuchAlgorithmException
+     */
+    private SecretKey getMyOwnSecretKey() throws InvalidKeySpecException,
+            NoSuchAlgorithmException {
+        return new MyPBKDF2SecretKey(PASS_PHRASE, this.algoToTest, this.salt,
+                ITERATION_COUNT, KEY_SIZE);
+    }
+}
+
+/**
+ * An utility class to check the SecretKeyFactory.translateKey() method.
+ */
+class MyPBKDF2SecretKey implements PBEKey {
+
+    private final byte[] key;
+    private final byte[] salt;
+    private final String algorithm;
+    private final int keySize, keyLength;
+    private int itereationCount;
+    private final String pass;
+
+    @Override
+    public String getAlgorithm() {
+        return algorithm;
+    }
+
+    @Override
+    public String getFormat() {
+        return "RAW";
+    }
+
+    @Override
+    public byte[] getEncoded() {
+        byte[] copy = new byte[keyLength];
+        System.arraycopy(this.key, 0, copy, 0, keyLength);
+        return copy;
+    }
+
+    /**
+     * The key is generating by SecretKeyFactory and its value just copying in
+     * the key field of MySecretKey class. So, this is real key derived using
+     * the given algorithm.
+     *
+     * @param passPhrase some string intended to be a password
+     * @param algo PBKDF2 algorithm
+     * @param salt slat for PBKDF2
+     * @param iterationCount iteration count
+     * @param keySize key size in bits
+     * @throws InvalidKeySpecException
+     * @throws NoSuchAlgorithmException
+     */
+    public MyPBKDF2SecretKey(String passPhrase, String algo, byte[] salt,
+            int iterationCount, int keySize)
+            throws InvalidKeySpecException, NoSuchAlgorithmException {
+        this.algorithm = algo;
+        this.salt = salt;
+        this.itereationCount = iterationCount;
+        this.keySize = keySize;
+        this.pass = passPhrase;
+
+        PBEKeySpec spec = new PBEKeySpec(passPhrase.toCharArray(),
+                this.salt, iterationCount, this.keySize);
+
+        SecretKeyFactory keyFactory
+                = SecretKeyFactory.getInstance(algo);
+
+        SecretKey realKey = keyFactory.generateSecret(spec);
+
+        this.keyLength = realKey.getEncoded().length;
+
+        this.key = new byte[this.keyLength];
+        System.arraycopy(realKey.getEncoded(), 0, this.key, 0,
+                this.keyLength);
+    }
+
+    @Override
+    public int getIterationCount() {
+        return itereationCount;
+    }
+
+    @Override
+    public byte[] getSalt() {
+        return salt;
+    }
+
+    @Override
+    public char[] getPassword() {
+        return this.pass.toCharArray();
+    }
+
+    /**
+     * Spoil the generated key (before translation) to cause an
+     * InvalidKeyException
+     */
+    public void spoil() {
+        this.itereationCount = -1;
+    }
+
+}
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/test/com/sun/crypto/provider/Cipher/PBE/TestCipherKeyWrapperPBEKey.java	Thu Jul 10 12:40:48 2014 -0700
@@ -0,0 +1,168 @@
+/*
+ * Copyright (c) 2012, 2014, Oracle and/or its affiliates. All rights reserved.
+ * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
+ *
+ * This code is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License version 2 only, as
+ * published by the Free Software Foundation.
+ *
+ * This code is distributed in the hope that it will be useful, but WITHOUT
+ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
+ * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
+ * version 2 for more details (a copy is included in the LICENSE file that
+ * accompanied this code).
+ *
+ * You should have received a copy of the GNU General Public License version
+ * 2 along with this work; if not, write to the Free Software Foundation,
+ * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+ *
+ * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
+ * or visit www.oracle.com if you need additional information or have any
+ * questions.
+ */
+
+import java.io.PrintStream;
+import java.security.AlgorithmParameters;
+import java.security.InvalidKeyException;
+import java.security.Key;
+import java.security.Provider;
+import java.security.Security;
+import java.security.spec.AlgorithmParameterSpec;
+import java.util.Arrays;
+import java.util.Random;
+import java.util.StringTokenizer;
+import javax.crypto.Cipher;
+import javax.crypto.SecretKey;
+import javax.crypto.SecretKeyFactory;
+import javax.crypto.spec.PBEKeySpec;
+import javax.crypto.spec.PBEParameterSpec;
+
+/**
+ * @test
+ * @bug 8041781
+ * @summary Test to see if key wrapper works correctly with PBEKey
+ * @author Yu-Ching (Valerie) PENG
+ * @author Bill Situ
+ * @author Yun Ke
+ * @run main TestCipherKeyWrapperPBEKey
+ */
+public class TestCipherKeyWrapperPBEKey {
+
+    private static final String[] PBEAlgorithms = {
+        "pbeWithMD5ANDdes",
+        "PBEWithMD5AndDES/CBC/PKCS5Padding",
+        "PBEWithMD5AndTripleDES",
+        "PBEWithMD5AndTripleDES/CBC/PKCS5Padding",
+        "PBEwithSHA1AndDESede",
+        "PBEwithSHA1AndDESede/CBC/PKCS5Padding",
+        "PBEwithSHA1AndRC2_40",
+        "PBEwithSHA1Andrc2_40/CBC/PKCS5Padding",
+        "PBEWithSHA1AndRC2_128",
+        "PBEWithSHA1andRC2_128/CBC/PKCS5Padding",
+        "PBEWithSHA1AndRC4_40",
+        "PBEWithsha1AndRC4_40/ECB/NoPadding",
+        "PBEWithSHA1AndRC4_128",
+        "pbeWithSHA1AndRC4_128/ECB/NoPadding",
+        "PBEWithHmacSHA1AndAES_128",
+        "PBEWithHmacSHA224AndAES_128",
+        "PBEWithHmacSHA256AndAES_128",
+        "PBEWithHmacSHA384AndAES_128",
+        "PBEWithHmacSHA512AndAES_128",
+        "PBEWithHmacSHA1AndAES_256",
+        "PBEWithHmacSHA224AndAES_256",
+        "PBEWithHmacSHA256AndAES_256",
+        "PBEWithHmacSHA384AndAES_256",
+        "PBEWithHmacSHA512AndAES_256"
+    };
+
+    public static void main(String[] args) {
+
+        TestCipherKeyWrapperPBEKey test = new TestCipherKeyWrapperPBEKey();
+        Provider sunjce = Security.getProvider("SunJCE");
+
+        if (!test.runAll(sunjce, System.out)) {
+            throw new RuntimeException("One or more tests have failed....");
+        }
+    }
+
+    public boolean runAll(Provider p, PrintStream out) {
+        boolean finalResult = true;
+
+        for (String algorithm : PBEAlgorithms) {
+            out.println("Running test with " + algorithm + ":");
+            try {
+                if (!runTest(p, algorithm, out)) {
+                    finalResult = false;
+                    out.println("STATUS: Failed");
+                } else {
+                    out.println("STATUS: Passed");
+                }
+            } catch (Exception ex) {
+                finalResult = false;
+                ex.printStackTrace(out);
+                out.println("STATUS:Failed");
+            }
+        }
+
+        return finalResult;
+    }
+
+    // Have a generic throws Exception as it can throw many different exceptions
+    public boolean runTest(Provider p, String algo, PrintStream out)
+            throws Exception {
+
+        byte[] salt = new byte[8];
+        int ITERATION_COUNT = 1000;
+        AlgorithmParameters pbeParams = null;
+
+        String baseAlgo
+                = new StringTokenizer(algo, "/").nextToken().toUpperCase();
+        boolean isAES = baseAlgo.contains("AES");
+
+        try {
+            // Initialization
+            new Random().nextBytes(salt);
+            AlgorithmParameterSpec aps = new PBEParameterSpec(salt,
+                    ITERATION_COUNT);
+            SecretKeyFactory skf = SecretKeyFactory.getInstance(baseAlgo, p);
+            SecretKey key = skf.generateSecret(new PBEKeySpec(
+                    "Secret Key".toCharArray()));
+            Cipher ci = Cipher.getInstance(algo);
+
+            if (isAES) {
+                ci.init(Cipher.WRAP_MODE, key);
+                pbeParams = ci.getParameters();
+            } else {
+                ci.init(Cipher.WRAP_MODE, key, aps);
+            }
+
+            byte[] keyWrapper = ci.wrap(key);
+            if (isAES) {
+                ci.init(Cipher.UNWRAP_MODE, key, pbeParams);
+            } else {
+                ci.init(Cipher.UNWRAP_MODE, key, aps);
+            }
+
+            Key unwrappedKey = ci.unwrap(keyWrapper, algo, Cipher.SECRET_KEY);
+
+            if (baseAlgo.endsWith("TRIPLEDES")
+                    || baseAlgo.endsWith("AES_256")) {
+                out.print(
+                        "InvalidKeyException not thrown when keyStrength > 128");
+                return false;
+            }
+
+            return (Arrays.equals(key.getEncoded(), unwrappedKey.getEncoded()));
+
+        } catch (InvalidKeyException ex) {
+
+            if ((baseAlgo.endsWith("TRIPLEDES")
+                    || baseAlgo.endsWith("AES_256"))) {
+                out.println("Expected InvalidKeyException, keyStrength > 128");
+                return true;
+            } else {
+                throw ex;
+            }
+        }
+    }
+}
--- a/test/com/sun/jndi/ldap/LdapTimeoutTest.java	Thu Jul 10 12:13:26 2014 -0700
+++ b/test/com/sun/jndi/ldap/LdapTimeoutTest.java	Thu Jul 10 12:40:48 2014 -0700
@@ -27,6 +27,8 @@
  * @summary Timeout tests for ldap
  */
 
+import com.sun.jndi.ldap.Connection;
+
 import java.net.Socket;
 import java.net.ServerSocket;
 import java.net.SocketTimeoutException;
@@ -38,7 +40,9 @@
 import java.util.concurrent.Executors;
 import java.util.concurrent.ScheduledExecutorService;
 import java.util.concurrent.ScheduledFuture;
-import java.util.concurrent.TimeUnit;
+
+import static java.util.concurrent.TimeUnit.MILLISECONDS;
+import static java.util.concurrent.TimeUnit.NANOSECONDS;
 
 public class LdapTimeoutTest {
     private static final ScheduledExecutorService pool =
@@ -85,7 +89,7 @@
     void ldapReadTimeoutTest(Hashtable env, boolean ssl) {
         InitialContext ctx = null;
         if (ssl) env.put(Context.SECURITY_PROTOCOL, "ssl");
-        ScheduledFuture killer = killSwitch(5000);
+        ScheduledFuture killer = killSwitch(5_000);
         long start = System.nanoTime();
         try {
             ctx = new InitialDirContext(env);
@@ -113,7 +117,7 @@
 
     void simpleAuthConnectTest(Hashtable env) {
         InitialContext ctx = null;
-        ScheduledFuture killer = killSwitch(5000);
+        ScheduledFuture killer = killSwitch(5_000);
         long start = System.nanoTime();
         try {
             ctx = new InitialDirContext(env);
@@ -123,7 +127,7 @@
         } catch (NamingException e) {
             long end = System.nanoTime();
             if (e.getCause() instanceof SocketTimeoutException) {
-                if (TimeUnit.NANOSECONDS.toMillis(end - start) < 2900) {
+                if (NANOSECONDS.toMillis(end - start) < 2_900) {
                     pass();
                 } else {
                     System.err.println("Fail: Waited too long");
@@ -142,7 +146,7 @@
 
     void deadServerNoTimeout(Hashtable env) {
         InitialContext ctx = null;
-        ScheduledFuture killer = killSwitch(30000);
+        ScheduledFuture killer = killSwitch(30_000);
         long start = System.nanoTime();
         try {
             ctx = new InitialDirContext(env);
@@ -154,9 +158,13 @@
             fail();
         } catch (NamingException e) {
             long end = System.nanoTime();
-            if (TimeUnit.NANOSECONDS.toMillis(end - start) < 14000) {
-                System.err.println("fail: timeout should be at least 15 seconds, actual time: "
-                                   + TimeUnit.NANOSECONDS.toMillis(end - start));
+            long elapsed = NANOSECONDS.toMillis(end - start);
+            if (elapsed < Connection.DEFAULT_READ_TIMEOUT_MILLIS) {
+                System.err.printf(
+                        "fail: timeout should be at least %s ms, actual time is %s ms",
+                        Connection.DEFAULT_READ_TIMEOUT_MILLIS,
+                        elapsed);
+                e.printStackTrace();
                 fail();
             } else {
                 pass();
@@ -184,7 +192,7 @@
                 System.exit(0);
                 return null;
             }
-        }, ms, TimeUnit.MILLISECONDS);
+        }, ms, MILLISECONDS);
     }
 
     static class Server extends Thread {
--- a/test/com/sun/security/sasl/ntlm/NTLMTest.java	Thu Jul 10 12:13:26 2014 -0700
+++ b/test/com/sun/security/sasl/ntlm/NTLMTest.java	Thu Jul 10 12:40:48 2014 -0700
@@ -23,7 +23,7 @@
 
 /*
  * @test
- * @bug 6911951
+ * @bug 6911951 7150092
  * @summary NTLM should be a supported Java SASL mechanism
  */
 import java.io.IOException;
@@ -59,7 +59,6 @@
 
         checkAuthOnly();
         checkClientNameOverride();
-        checkServerDomainOverride();
         checkClientDomainOverride();
         checkVersions();
         checkClientHostname();
@@ -116,15 +115,12 @@
         Map<String,Object> ps = new HashMap<>();
         ps.put("com.sun.security.sasl.ntlm.version", vs);
         SaslClient clnt = Sasl.createSaslClient(
-                new String[]{MECH}, USER1, PROTOCOL, null, pc,
+                new String[]{MECH}, USER1, PROTOCOL, REALM, pc,
                 new CallbackHandler() {
                     public void handle(Callback[] callbacks)
                             throws IOException, UnsupportedCallbackException {
                         for (Callback cb: callbacks) {
-                            if (cb instanceof NameCallback) {
-                                NameCallback ncb = (NameCallback)cb;
-                                ncb.setName(ncb.getDefaultName());
-                            } else if (cb instanceof PasswordCallback) {
+                            if (cb instanceof PasswordCallback) {
                                 ((PasswordCallback)cb).setPassword(PASS1);
                             }
                         }
@@ -159,15 +155,12 @@
         Map<String,Object> pc = new HashMap<>();
         pc.put("com.sun.security.sasl.ntlm.hostname", "this.is.com");
         SaslClient clnt = Sasl.createSaslClient(
-                new String[]{MECH}, USER1, PROTOCOL, null, pc,
+                new String[]{MECH}, USER1, PROTOCOL, REALM, pc,
                 new CallbackHandler() {
                     public void handle(Callback[] callbacks)
                             throws IOException, UnsupportedCallbackException {
                         for (Callback cb: callbacks) {
-                            if (cb instanceof NameCallback) {
-                                NameCallback ncb = (NameCallback)cb;
-                                ncb.setName(ncb.getDefaultName());
-                            } else if (cb instanceof PasswordCallback) {
+                            if (cb instanceof PasswordCallback) {
                                 ((PasswordCallback)cb).setPassword(PASS1);
                             }
                         }
@@ -212,12 +205,8 @@
                     public void handle(Callback[] callbacks)
                             throws IOException, UnsupportedCallbackException {
                         for (Callback cb: callbacks) {
-                            if (cb instanceof NameCallback) {
-                                NameCallback ncb = (NameCallback)cb;
-                                ncb.setName(ncb.getDefaultName());
-                            } else if(cb instanceof RealmCallback) {
-                                RealmCallback dcb = (RealmCallback)cb;
-                                dcb.setText("THIRDDOMAIN");
+                            if (cb instanceof RealmCallback) {
+                                ((RealmCallback)cb).setText(REALM);
                             } else if (cb instanceof PasswordCallback) {
                                 ((PasswordCallback)cb).setPassword(PASS1);
                             }
@@ -255,13 +244,13 @@
      */
     private static void checkClientNameOverride() throws Exception {
         SaslClient clnt = Sasl.createSaslClient(
-                new String[]{MECH}, null, PROTOCOL, null, null,
+                new String[]{MECH}, "someone", PROTOCOL, REALM, null,
                 new CallbackHandler() {
                     public void handle(Callback[] callbacks)
                             throws IOException, UnsupportedCallbackException {
                         for (Callback cb: callbacks) {
                             if (cb instanceof NameCallback) {
-                                NameCallback ncb = (NameCallback)cb;
+                                NameCallback ncb = (NameCallback) cb;
                                 ncb.setName(USER1);
                             } else if (cb instanceof PasswordCallback) {
                                 ((PasswordCallback)cb).setPassword(PASS1);
@@ -270,54 +259,7 @@
                     }
                 });
 
-        SaslServer srv = Sasl.createSaslServer(MECH, PROTOCOL, REALM, null,
-                new CallbackHandler() {
-                    public void handle(Callback[] callbacks)
-                            throws IOException, UnsupportedCallbackException {
-                        String domain = null, name = null;
-                        PasswordCallback pcb = null;
-                        for (Callback cb: callbacks) {
-                            if (cb instanceof NameCallback) {
-                                name = ((NameCallback)cb).getDefaultName();
-                            } else if (cb instanceof RealmCallback) {
-                                domain = ((RealmCallback)cb).getDefaultText();
-                            } else if (cb instanceof PasswordCallback) {
-                                pcb = (PasswordCallback)cb;
-                            }
-                        }
-                        if (pcb != null) {
-                            pcb.setPassword(getPass(domain, name));
-                        }
-                    }
-                });
-
-        handshake(clnt, srv);
-    }
-
-    /**
-     * server side domain provided in props.
-     * @throws Exception
-     */
-    private static void checkServerDomainOverride() throws Exception {
-        SaslClient clnt = Sasl.createSaslClient(
-                new String[]{MECH}, USER1, PROTOCOL, null, null,
-                new CallbackHandler() {
-                    public void handle(Callback[] callbacks)
-                            throws IOException, UnsupportedCallbackException {
-                        for (Callback cb: callbacks) {
-                            if (cb instanceof NameCallback) {
-                                NameCallback ncb = (NameCallback)cb;
-                                ncb.setName(ncb.getDefaultName());
-                            } else if (cb instanceof PasswordCallback) {
-                                ((PasswordCallback)cb).setPassword(PASS1);
-                            }
-                        }
-                    }
-                });
-
-        Map<String,Object> ps = new HashMap<>();
-        ps.put("com.sun.security.sasl.ntlm.domain", REALM);
-        SaslServer srv = Sasl.createSaslServer(MECH, PROTOCOL, null, ps,
+        SaslServer srv = Sasl.createSaslServer(MECH, PROTOCOL, "FAKE", null,
                 new CallbackHandler() {
                     public void handle(Callback[] callbacks)
                             throws IOException, UnsupportedCallbackException {
--- a/test/java/lang/SecurityManager/CheckPackageAccess.java	Thu Jul 10 12:13:26 2014 -0700
+++ b/test/java/lang/SecurityManager/CheckPackageAccess.java	Thu Jul 10 12:40:48 2014 -0700
@@ -80,7 +80,6 @@
         "com.sun.org.glassfish.",
         "com.oracle.xmlns.internal.",
         "com.oracle.webservices.internal.",
-        "oracle.jrockit.jfr.",
         "org.jcp.xml.dsig.internal.",
         "jdk.internal.",
         "jdk.nashorn.internal.",
--- a/test/java/text/Bidi/Bug7051769.java	Thu Jul 10 12:13:26 2014 -0700
+++ b/test/java/text/Bidi/Bug7051769.java	Thu Jul 10 12:40:48 2014 -0700
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2011, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2011, 2014, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -23,8 +23,11 @@
 
 /*
  * @test
- * @bug 7051769
+ * @bug 7051769 8038092
  * @summary verify that Bidi.toString() returns the corect result.
+ *     The second run is intended to test lazy SharedSectets init for 8038092
+ * @run main Bug7051769
+ * @run main/othervm -DpreloadBidi=true Bug7051769
  */
 import java.awt.font.*;
 import java.text.*;
@@ -32,6 +35,18 @@
 
 public class Bug7051769 {
 
+    static {
+        if (System.getProperty("preloadBidi", "").equals("true")) {
+            // Make sure the SharedSecret is lazily initialized correctly
+            try {
+                Class.forName("sun.text.bidi.BidiBase");
+                System.out.println("BidiBase class has been pre-loaded.");
+            } catch (ClassNotFoundException e) {
+                System.out.println("BidiBase class could not be pre-loaded.");
+            }
+        }
+    }
+
     private static boolean err = false;
 
     public static void main(String[] args) {
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/test/java/util/logging/CheckZombieLockTest.java	Thu Jul 10 12:40:48 2014 -0700
@@ -0,0 +1,369 @@
+/*
+ * Copyright (c) 2014, Oracle and/or its affiliates. All rights reserved.
+ * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
+ *
+ * This code is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License version 2 only, as
+ * published by the Free Software Foundation.
+ *
+ * This code is distributed in the hope that it will be useful, but WITHOUT
+ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
+ * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
+ * version 2 for more details (a copy is included in the LICENSE file that
+ * accompanied this code).
+ *
+ * You should have received a copy of the GNU General Public License version
+ * 2 along with this work; if not, write to the Free Software Foundation,
+ * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+ *
+ * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
+ * or visit www.oracle.com if you need additional information or have any
+ * questions.
+ */
+
+/*
+ * @test
+ * @bug     8048020
+ * @author  Daniel Fuchs
+ * @summary Regression on java.util.logging.FileHandler.
+ *     The fix is to avoid filling up the file system with zombie lock files.
+ *
+ * @run  main/othervm CheckZombieLockTest WRITABLE CLOSE CLEANUP
+ * @run  main/othervm CheckZombieLockTest CLEANUP
+ * @run  main/othervm CheckZombieLockTest WRITABLE
+ * @run  main/othervm CheckZombieLockTest CREATE_FIRST
+ * @run  main/othervm CheckZombieLockTest CREATE_NEXT
+ * @run  main/othervm CheckZombieLockTest CREATE_NEXT
+ * @run  main/othervm CheckZombieLockTest CLEANUP
+ * @run  main/othervm CheckZombieLockTest REUSE
+ * @run  main/othervm CheckZombieLockTest CLEANUP
+ */
+import java.io.File;
+import java.io.IOException;
+import java.nio.channels.FileChannel;
+import java.nio.file.Paths;
+import java.nio.file.StandardOpenOption;
+import java.util.ArrayList;
+import java.util.List;
+import java.util.UUID;
+import java.util.logging.FileHandler;
+import java.util.logging.Level;
+import java.util.logging.LogRecord;
+public class CheckZombieLockTest {
+
+    private static final String WRITABLE_DIR = "writable-dir";
+    private static volatile boolean supportsLocking = true;
+
+    static enum TestCase {
+        WRITABLE,  // just verifies that we can create a file in our 'writable-dir'
+        CLOSE, // checks that closing a FileHandler removes its lock file
+        CREATE_FIRST, // verifies that 'writable-dir' contains no lock, then creates a first FileHandler.
+        CREATE_NEXT, // verifies that 'writable-dir' contains a single lock, then creates the next FileHandler
+        REUSE, // verifies that zombie lock files can be reused
+        CLEANUP // removes "writable-dir"
+    };
+
+    public static void main(String... args) throws IOException {
+        // we'll base all file creation attempts on the system temp directory,
+        // %t
+        File writableDir = setup();
+        System.out.println("Writable dir is: "+writableDir.getAbsolutePath());
+        // we now have one writable directory to work with:
+        //    writableDir
+        if (args == null || args.length == 0) {
+            args = new String[] { "WRITABLE", "CLOSE", "CLEANUP" };
+        }
+        try {
+            runTests(writableDir, args);
+        } catch (RuntimeException | IOException | Error x) {
+            // some error occured: cleanup
+            delete(writableDir);
+            throw x;
+        }
+    }
+
+    /**
+     * @param writableDir in which log and lock file are created
+     * @throws SecurityException
+     * @throws RuntimeException
+     * @throws IOException
+     */
+    private static void runTests(File writableDir, String... args) throws SecurityException,
+            RuntimeException, IOException {
+        for (String arg : args) {
+            switch(TestCase.valueOf(arg)) {
+                // Test 1: makes sure we can create FileHandler in writable directory
+                case WRITABLE: checkWritable(writableDir); break;
+                // Test 2: verifies that FileHandler.close() cleans up its lock file
+                case CLOSE: testFileHandlerClose(writableDir); break;
+                // Test 3: creates the first file handler
+                case CREATE_FIRST: testFileHandlerCreate(writableDir, true); break;
+                // Test 4, 5, ... creates the next file handler
+                case CREATE_NEXT: testFileHandlerCreate(writableDir, false); break;
+                // Checks that zombie lock files are reused appropriatly
+                case REUSE: testFileHandlerReuse(writableDir); break;
+                // Removes the writableDir
+                case CLEANUP: delete(writableDir); break;
+                default: throw new RuntimeException("No such test case: "+arg);
+            }
+        }
+    }
+
+    /**
+     * @param writableDir in which log and lock file are created
+     * @throws SecurityException
+     * @throws RuntimeException
+     * @throws IOException
+     */
+    private static void checkWritable(File writableDir) throws SecurityException,
+            RuntimeException, IOException {
+        // Test 1: make sure we can create/delete files in the writable dir.
+        final File file = new File(writableDir, "test.txt");
+        if (!createFile(file, false)) {
+            throw new IOException("Can't create "+file+"\n\tUnable to run test");
+        } else {
+            delete(file);
+        }
+    }
+
+
+    private static FileHandler createFileHandler(File writableDir) throws SecurityException,
+            RuntimeException, IOException {
+        // Test 1: make sure we can create FileHandler in writable directory
+        try {
+            FileHandler handler = new FileHandler("%t/" + WRITABLE_DIR + "/log.log");
+            handler.publish(new LogRecord(Level.INFO, handler.toString()));
+            handler.flush();
+            return handler;
+        } catch (IOException ex) {
+            throw new RuntimeException("Test failed: should have been able"
+                    + " to create FileHandler for " + "%t/" + WRITABLE_DIR
+                    + "/log.log in writable directory.", ex);
+        }
+    }
+
+    private static List<File> listLocks(File writableDir, boolean print)
+            throws IOException {
+        List<File> locks = new ArrayList<>();
+        for (File f : writableDir.listFiles()) {
+            if (print) {
+                System.out.println("Found file: " + f.getName());
+            }
+            if (f.getName().endsWith(".lck")) {
+                locks.add(f);
+            }
+        }
+        return locks;
+    }
+
+    private static void testFileHandlerClose(File writableDir) throws IOException {
+        File fakeLock = new File(writableDir, "log.log.lck");
+        if (!createFile(fakeLock, false)) {
+            throw new IOException("Can't create fake lock file: "+fakeLock);
+        }
+        try {
+            List<File> before = listLocks(writableDir, true);
+            System.out.println("before: " +before.size() + " locks found");
+            FileHandler handler = createFileHandler(writableDir);
+            System.out.println("handler created: "+handler);
+            List<File> after = listLocks(writableDir, true);
+            System.out.println("after creating handler: " + after.size() + " locks found");
+            handler.close();
+            System.out.println("handler closed: "+handler);
+            List<File> afterClose = listLocks(writableDir, true);
+            System.out.println("after closing handler: " + afterClose.size() + " locks found");
+            afterClose.removeAll(before);
+            if (!afterClose.isEmpty()) {
+                throw new RuntimeException("Zombie lock file detected: "+ afterClose);
+            }
+        } finally {
+            if (fakeLock.canRead()) delete(fakeLock);
+        }
+        List<File> finalLocks = listLocks(writableDir, false);
+        System.out.println("After cleanup: " + finalLocks.size() + " locks found");
+    }
+
+
+    private static void testFileHandlerReuse(File writableDir) throws IOException {
+        List<File> before = listLocks(writableDir, true);
+        System.out.println("before: " +before.size() + " locks found");
+        try {
+            if (!before.isEmpty()) {
+                throw new RuntimeException("Expected no lock file! Found: "+before);
+            }
+        } finally {
+            before.stream().forEach(CheckZombieLockTest::delete);
+        }
+
+        FileHandler handler1 = createFileHandler(writableDir);
+        System.out.println("handler created: "+handler1);
+        List<File> after = listLocks(writableDir, true);
+        System.out.println("after creating handler: " + after.size() + " locks found");
+        if (after.size() != 1) {
+            throw new RuntimeException("Unexpected number of lock files found for "+handler1+": "+after);
+        }
+        final File lock = after.get(0);
+        after.clear();
+        handler1.close();
+        after = listLocks(writableDir, true);
+        System.out.println("after closing handler: " + after.size() + " locks found");
+        if (!after.isEmpty()) {
+            throw new RuntimeException("Unexpected number of lock files found for "+handler1+": "+after);
+        }
+        if (!createFile(lock, false)) {
+            throw new IOException("Can't create fake lock file: "+lock);
+        }
+        try {
+            before = listLocks(writableDir, true);
+            System.out.println("before: " +before.size() + " locks found");
+            if (before.size() != 1) {
+                throw new RuntimeException("Unexpected number of lock files found: "+before+" expected ["
+                        +lock+"].");
+            }
+            FileHandler handler2 = createFileHandler(writableDir);
+            System.out.println("handler created: "+handler2);
+            after = listLocks(writableDir, true);
+            System.out.println("after creating handler: " + after.size() + " locks found");
+            after.removeAll(before);
+            if (!after.isEmpty()) {
+                throw new RuntimeException("Unexpected lock file found: "+after
+                        + "\n\t" + lock + " should have been reused");
+            }
+            handler2.close();
+            System.out.println("handler closed: "+handler2);
+            List<File> afterClose = listLocks(writableDir, true);
+            System.out.println("after closing handler: " + afterClose.size() + " locks found");
+            if (!afterClose.isEmpty()) {
+                throw new RuntimeException("Zombie lock file detected: "+ afterClose);
+            }
+
+            if (supportsLocking) {
+                FileChannel fc = FileChannel.open(Paths.get(lock.getAbsolutePath()),
+                    StandardOpenOption.CREATE_NEW, StandardOpenOption.APPEND,
+                    StandardOpenOption.WRITE);
+                try {
+                    if (fc.tryLock() != null) {
+                        System.out.println("locked: "+lock);
+                        handler2 = createFileHandler(writableDir);
+                        System.out.println("handler created: "+handler2);
+                        after = listLocks(writableDir, true);
+                        System.out.println("after creating handler: " + after.size() + " locks found");
+                        after.removeAll(before);
+                        if (after.size() != 1) {
+                            throw new RuntimeException("Unexpected lock files found: "+after
+                                + "\n\t" + lock + " should not have been reused");
+                        }
+                    } else {
+                        throw new RuntimeException("Failed to lock: "+lock);
+                    }
+                } finally {
+                    delete(lock);
+                }
+            }
+        } finally {
+            List<File> finalLocks = listLocks(writableDir, false);
+            System.out.println("end: " + finalLocks.size() + " locks found");
+            delete(writableDir);
+        }
+    }
+
+
+    private static void testFileHandlerCreate(File writableDir, boolean first)
+            throws IOException {
+        List<File> before = listLocks(writableDir, true);
+        System.out.println("before: " +before.size() + " locks found");
+        try {
+            if (first && !before.isEmpty()) {
+                throw new RuntimeException("Expected no lock file! Found: "+before);
+            } else if (!first && before.size() != 1) {
+                throw new RuntimeException("Expected a single lock file! Found: "+before);
+            }
+        } finally {
+            before.stream().forEach(CheckZombieLockTest::delete);
+        }
+        FileHandler handler = createFileHandler(writableDir);
+        System.out.println("handler created: "+handler);
+        List<File> after = listLocks(writableDir, true);
+        System.out.println("after creating handler: " + after.size() + " locks found");
+        if (after.size() != 1) {
+            throw new RuntimeException("Unexpected number of lock files found for "+handler+": "+after);
+        }
+    }
+
+
+    /**
+     * Setup all the files and directories needed for the tests
+     *
+     * @return writable directory created that needs to be deleted when done
+     * @throws RuntimeException
+     */
+    private static File setup() throws RuntimeException {
+        // First do some setup in the temporary directory (using same logic as
+        // FileHandler for %t pattern)
+        String tmpDir = System.getProperty("java.io.tmpdir"); // i.e. %t
+        if (tmpDir == null) {
+            tmpDir = System.getProperty("user.home");
+        }
+        File tmpOrHomeDir = new File(tmpDir);
+        // Create a writable directory here (%t/writable-dir)
+        File writableDir = new File(tmpOrHomeDir, WRITABLE_DIR);
+        if (!createFile(writableDir, true)) {
+            throw new RuntimeException("Test setup failed: unable to create"
+                    + " writable working directory "
+                    + writableDir.getAbsolutePath() );
+        }
+
+        // try to determine whether file locking is supported
+        try {
+            FileChannel fc = FileChannel.open(Paths.get(writableDir.getAbsolutePath(),
+                    UUID.randomUUID().toString()+".lck"),
+                    StandardOpenOption.CREATE_NEW, StandardOpenOption.APPEND,
+                    StandardOpenOption.DELETE_ON_CLOSE);
+            try {
+                fc.tryLock();
+            } catch(IOException x) {
+                supportsLocking = false;
+            } finally {
+                fc.close();
+            }
+        } catch(Throwable t) {
+            // should not happen
+            t.printStackTrace();
+        }
+        return writableDir;
+    }
+
+    /**
+     * @param newFile
+     * @return true if file already exists or creation succeeded
+     */
+    private static boolean createFile(File newFile, boolean makeDirectory) {
+        if (newFile.exists()) {
+            return true;
+        }
+        if (makeDirectory) {
+            return newFile.mkdir();
+        } else {
+            try {
+                return newFile.createNewFile();
+            } catch (IOException ioex) {
+                ioex.printStackTrace();
+                return false;
+            }
+        }
+    }
+
+    /*
+     * Recursively delete all files starting at specified file
+     */
+    private static void delete(File f) {
+        if (f != null && f.isDirectory()) {
+            for (File c : f.listFiles())
+                delete(c);
+        }
+        if (!f.delete())
+            System.err.println(
+                    "WARNING: unable to delete/cleanup writable test directory: "
+                    + f );
+        }
+}
--- a/test/java/util/logging/LoggingDeadlock2.java	Thu Jul 10 12:13:26 2014 -0700
+++ b/test/java/util/logging/LoggingDeadlock2.java	Thu Jul 10 12:40:48 2014 -0700
@@ -28,7 +28,7 @@
  * @author  Serguei Spitsyn / Hitachi / Martin Buchholz
  *
  * @build    LoggingDeadlock2
- * @run  main/timeout=15 LoggingDeadlock2
+ * @run  main LoggingDeadlock2
  *
  * There is a clear deadlock between LogManager.<clinit> and
  * Cleaner.run() methods.
--- a/test/sun/security/krb5/auto/SaslBasic.java	Thu Jul 10 12:13:26 2014 -0700
+++ b/test/sun/security/krb5/auto/SaslBasic.java	Thu Jul 10 12:40:48 2014 -0700
@@ -29,6 +29,8 @@
  * @run main/othervm SaslBasic bound
  * @run main/othervm SaslBasic unbound
  */
+import com.sun.security.jgss.InquireType;
+
 import java.io.IOException;
 import java.util.Arrays;
 import java.util.HashMap;
@@ -82,11 +84,17 @@
             }
         }
         if (!bound) {
-            String boundName = (String)ss.getNegotiatedProperty(Sasl.BOUND_SERVER_NAME);
+            String boundName = (String)ss.getNegotiatedProperty(
+                    Sasl.BOUND_SERVER_NAME);
             if (!boundName.equals(name)) {
                 throw new Exception("Wrong bound server name");
             }
         }
+        Object key = ss.getNegotiatedProperty(
+                "com.sun.security.jgss.inquiretype.krb5_get_session_key");
+        if (key == null) {
+            throw new Exception("Extended negotiated property not read");
+        }
         byte[] hello = "hello".getBytes();
         token = sc.wrap(hello, 0, hello.length);
         token = ss.unwrap(token, 0, token.length);