changeset 10409:82e7251af1d0

Merge
author prr
date Wed, 16 Jul 2014 15:12:24 -0700
parents 8e8502b4b2be 9c9237dcda7a
children c08675c5da7c
files make/CopyFiles.gmk make/profile-includes.txt src/share/classes/com/sun/jmx/remote/util/CacheMap.java src/share/classes/java/awt/Toolkit.java src/share/classes/javax/swing/filechooser/FileSystemView.java src/share/lib/security/BlacklistedCertsConverter.java src/share/lib/security/blacklisted.certs src/share/lib/security/blacklisted.certs.pem test/java/util/stream/test/org/openjdk/tests/java/util/stream/ExplodeOpTest.java test/java/util/stream/test/org/openjdk/tests/java/util/stream/SummaryStatisticsTest.java test/javax/management/remote/mandatory/util/CacheMapTest.java
diffstat 320 files changed, 4170 insertions(+), 2875 deletions(-) [+]
line wrap: on
line diff
--- a/.hgtags	Wed Jul 16 16:02:51 2014 +0400
+++ b/.hgtags	Wed Jul 16 15:12:24 2014 -0700
@@ -263,3 +263,5 @@
 6ad17b31f0d30593392b1e8695b9709dbbd7fb70 jdk9-b18
 27561aede285c25a3e9ed8bf8918234ad3bb81e3 jdk9-b19
 f87c5be90e01a7ffb47947108eb3e0b0b1920880 jdk9-b20
+2df45ac1bf491278f38c12e0dfbeebadb6c54c8c jdk9-b21
+85bcf0f99edc08873614afbe5a5563e13ce13c83 jdk9-b22
--- a/make/CopyFiles.gmk	Wed Jul 16 16:02:51 2014 +0400
+++ b/make/CopyFiles.gmk	Wed Jul 16 15:12:24 2014 -0700
@@ -402,16 +402,11 @@
 
 ##########################################################################################
 
-BLACKLISTED_CERTS_SRC := $(JDK_TOPDIR)/src/share/lib/security/blacklisted.certs
-BLACKLISTED_CERTS_DST := $(JDK_OUTPUTDIR)/lib/security/blacklisted.certs
-
 ifndef OPENJDK
 
   BLACKLIST_SRC := $(JDK_TOPDIR)/src/closed/share/lib/security/blacklist
   BLACKLIST_DST := $(JDK_OUTPUTDIR)/lib/security/blacklist
 
-  BLACKLISTED_CERTS_SRC += $(wildcard $(JDK_TOPDIR)/src/closed/share/lib/security/blacklisted.certs)
-
   TRUSTEDLIBS_SRC := $(JDK_TOPDIR)/src/closed/share/lib/security/trusted.libraries
   TRUSTEDLIBS_DST := $(JDK_OUTPUTDIR)/lib/security/trusted.libraries
 
@@ -427,20 +422,6 @@
 
 endif
 
-$(BLACKLISTED_CERTS_DST): $(BLACKLISTED_CERTS_SRC)
-	$(MKDIR) -p $(@D)
-	$(CAT) $^ | $(SED) '/^$$/d' | $(SORT) | $(UNIQ) > $@.tmp
-	$(GREP) -i Algorithm $@.tmp > $@
-	if [ `$(SED) -n -e "$$=" $@` != 1 ]; then \
-	   $(ECHO) "Different algorithms defined in $^"; \
-	   $(RM) $@ $@.tmp; \
-	   false; \
-	fi
-	$(GREP) -iv Algorithm $@.tmp >> $@
-	$(RM) $@.tmp
-
-COPY_FILES += $(BLACKLISTED_CERTS_DST)
-
 ##########################################################################################
 
 ifndef OPENJDK
--- a/make/GenerateData.gmk	Wed Jul 16 16:02:51 2014 +0400
+++ b/make/GenerateData.gmk	Wed Jul 16 15:12:24 2014 -0700
@@ -50,6 +50,9 @@
 include gendata/GendataHtml32dtd.gmk
 GENDATA += $(GENDATA_HTML32DTD)
 
+include gendata/GendataBlacklistedCerts.gmk
+GENDATA += $(GENDATA_BLACKLISTED_CERTS)
+
 ##########################################################################################
 
 GENDATA_UNINAME := $(JDK_OUTPUTDIR)/classes/java/lang/uniName.dat
--- a/make/Tools.gmk	Wed Jul 16 16:02:51 2014 +0400
+++ b/make/Tools.gmk	Wed Jul 16 15:12:24 2014 -0700
@@ -87,6 +87,9 @@
 TOOL_TZDB = $(JAVA_SMALL) -cp $(JDK_OUTPUTDIR)/btclasses \
     build.tools.tzdb.TzdbZoneRulesCompiler
 
+TOOL_BLACKLISTED_CERTS = $(JAVA_SMALL) -cp $(JDK_OUTPUTDIR)/btclasses \
+    build.tools.blacklistedcertsconverter.BlacklistedCertsConverter
+
 
 # TODO: There are references to the jdwpgen.jar in jdk/make/netbeans/jdwpgen/build.xml
 # and nbproject/project.properties in the same dir. Needs to be looked at.
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/make/data/blacklistedcertsconverter/blacklisted.certs.pem	Wed Jul 16 15:12:24 2014 -0700
@@ -0,0 +1,727 @@
+#! java BlacklistedCertsConverter SHA-256
+
+# The line above must be the first line of the blacklisted.certs.pem
+# file inside src/share/lib/security/. It will be ignored if added in
+# src/closed/share/lib/security/blacklisted.certs.pem.
+
+// Subject: CN=Digisign Server ID (Enrich),
+//          OU=457608-K,
+//          O=Digicert Sdn. Bhd.,
+//          C=MY
+// Issuer:  CN=GTE CyberTrust Global Root,
+//          OU=GTE CyberTrust Solutions, Inc.,
+//          O=GTE Corporation,
+//          C=US
+// Serial:  120001705 (07:27:14:a9)
+-----BEGIN CERTIFICATE-----
+MIIDyzCCAzSgAwIBAgIEBycUqTANBgkqhkiG9w0BAQUFADB1MQswCQYDVQQGEwJV
+UzEYMBYGA1UEChMPR1RFIENvcnBvcmF0aW9uMScwJQYDVQQLEx5HVEUgQ3liZXJU
+cnVzdCBTb2x1dGlvbnMsIEluYy4xIzAhBgNVBAMTGkdURSBDeWJlclRydXN0IEds
+b2JhbCBSb290MB4XDTA3MDcxNzE1MTc0OFoXDTEyMDcxNzE1MTY1NFowYzELMAkG
+A1UEBhMCTVkxGzAZBgNVBAoTEkRpZ2ljZXJ0IFNkbi4gQmhkLjERMA8GA1UECxMI
+NDU3NjA4LUsxJDAiBgNVBAMTG0RpZ2lzaWduIFNlcnZlciBJRCAoRW5yaWNoKTCB
+nzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEArahkS02Hx4RZufuQRqCmicDx/tXa
+VII3DZkrRSYK6Fawf8qo9I5HhAGCKeOzarWR8/uVhbxyqGToCkCcxfRxrnt7agfq
+kBRPjYmvlKuyBtQCanuYH1m5Os1U+iDfsioK6bjdaZDAKdNO0JftZszFGUkGf/pe
+LHx7hRsyQt97lSUCAwEAAaOCAXgwggF0MBIGA1UdEwEB/wQIMAYBAf8CAQAwXAYD
+VR0gBFUwUzBIBgkrBgEEAbE+AQAwOzA5BggrBgEFBQcCARYtaHR0cDovL2N5YmVy
+dHJ1c3Qub21uaXJvb3QuY29tL3JlcG9zaXRvcnkuY2ZtMAcGBWCDSgEBMA4GA1Ud
+DwEB/wQEAwIB5jCBiQYDVR0jBIGBMH+heaR3MHUxCzAJBgNVBAYTAlVTMRgwFgYD
+VQQKEw9HVEUgQ29ycG9yYXRpb24xJzAlBgNVBAsTHkdURSBDeWJlclRydXN0IFNv
+bHV0aW9ucywgSW5jLjEjMCEGA1UEAxMaR1RFIEN5YmVyVHJ1c3QgR2xvYmFsIFJv
+b3SCAgGlMEUGA1UdHwQ+MDwwOqA4oDaGNGh0dHA6Ly93d3cucHVibGljLXRydXN0
+LmNvbS9jZ2ktYmluL0NSTC8yMDE4L2NkcC5jcmwwHQYDVR0OBBYEFMYWk04WF+wW
+royUdvOGbcV0boR3MA0GCSqGSIb3DQEBBQUAA4GBAHYAe6Z4K2Ydjl42xqSOBfIj
+knyTZ9P0wAp9iy3Z6tVvGvPhSilaIoRNUC9LDPL/hcJ7VdREgr5trGeOvLQfkpxR
+gBoU9m6rYYgLrRx/90tQUdZlG6ZHcRVesHHzNRTyN71jyNXwk1o0X9g96F33xR7A
+5c8fhiSpPAdmzcHSNmNZ
+-----END CERTIFICATE-----
+
+// Subject: CN=Digisign Server ID - (Enrich),
+//          OU=457608-K,
+//          O=Digicert Sdn. Bhd.,
+//          C=MY
+// Issuer:  CN=Entrust.net Certification Authority (2048)
+//          OU=(c) 1999 Entrust.net Limited,
+//          OU=www.entrust.net/CPS_2048 incorp. by ref. (limits liab.),
+//          O=Entrust.net
+// Serial:  1184644297 (4c:0e:63:6a)
+-----BEGIN CERTIFICATE-----
+MIIEzjCCA7agAwIBAgIETA5jajANBgkqhkiG9w0BAQUFADCBtDEUMBIGA1UEChML
+RW50cnVzdC5uZXQxQDA+BgNVBAsUN3d3dy5lbnRydXN0Lm5ldC9DUFNfMjA0OCBp
+bmNvcnAuIGJ5IHJlZi4gKGxpbWl0cyBsaWFiLikxJTAjBgNVBAsTHChjKSAxOTk5
+IEVudHJ1c3QubmV0IExpbWl0ZWQxMzAxBgNVBAMTKkVudHJ1c3QubmV0IENlcnRp
+ZmljYXRpb24gQXV0aG9yaXR5ICgyMDQ4KTAeFw0xMDA3MTYxNzIzMzdaFw0xNTA3
+MTYxNzUzMzdaMGUxCzAJBgNVBAYTAk1ZMRswGQYDVQQKExJEaWdpY2VydCBTZG4u
+IEJoZC4xETAPBgNVBAsTCDQ1NzYwOC1LMSYwJAYDVQQDEx1EaWdpc2lnbiBTZXJ2
+ZXIgSUQgLSAoRW5yaWNoKTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEB
+AMWJ5PQNBkCSWccaszXRDkwqM/n4r8qef+65p21g9FTob9Wb8xtjMQRoctE0Foy0
+FyyX3nPF2JAVoBor9cuzSIZE8B2ITM5BQhrv9Qze/kDaOSD3BlU6ap1GwdJvpbLI
+Vz4po5zg6YV3ZuiYpyR+vsBZIOVEb7ZX2L7OwmV3WMZhQdF0BMh/SULFcqlyFu6M
+3RJdtErU0a9Qt9iqdXZorT5dqjBtYairEFs+E78z4K9EnTgiW+9ML6ZxJhUmyiiM
+2fqOjqmiFDXimySItPR/hZ2DTwehthSQNsQ0HI0mYW0Tb3i+6I8nx0uElqOGaAwj
+vgvsjJQAqQSKE5D334VsDLECAwEAAaOCATQwggEwMA4GA1UdDwEB/wQEAwIBBjAS
+BgNVHRMBAf8ECDAGAQH/AgEAMCcGA1UdJQQgMB4GCCsGAQUFBwMBBggrBgEFBQcD
+AgYIKwYBBQUHAwQwMwYIKwYBBQUHAQEEJzAlMCMGCCsGAQUFBzABhhdodHRwOi8v
+b2NzcC5lbnRydXN0Lm5ldDBEBgNVHSAEPTA7MDkGBWCDSgEBMDAwLgYIKwYBBQUH
+AgEWImh0dHA6Ly93d3cuZGlnaWNlcnQuY29tLm15L2Nwcy5odG0wMgYDVR0fBCsw
+KTAnoCWgI4YhaHR0cDovL2NybC5lbnRydXN0Lm5ldC8yMDQ4Y2EuY3JsMBEGA1Ud
+DgQKBAhMTswlKAMpgTAfBgNVHSMEGDAWgBRV5IHREYC+2Im5CKMx+aEkCRa5cDAN
+BgkqhkiG9w0BAQUFAAOCAQEAl0zvSjpJrHL8MCBrtClbp8WVBJD5MtXChWreA6E3
++YkAsFqsVX7bQzX/yQH4Ub7MJsrIaqTEVD4mHucMo82XZ5TdpkLrXM2POXlrM3kh
+Bnn6gkQVmczBtznTRmJ8snDrb84gqj4Zt+l0gpy0pUtNYQA35IfS8hQ6ZHy4qXth
+4JMi59WfPkfmNnagU9gAAzoPtTP+lsrT0oI6Lt3XSOHkp2nMHOmZSufKcEXXCwcO
+mnUb0C+Sb/akB8O9HEumhLZ9qJqp0qcp8QtXaR6XVybsK0Os1EWDBQDp4/BGQAf6
+6rFRc5Mcpd1TETfIKqcVJx20qsx/qjEw/LhFn0gJ7RDixQ==
+-----END CERTIFICATE-----
+
+// Subject: CN=Java Media APIs,
+//          OU=Java Signed Extensions,
+//          OU=Corporate Object Signing,
+//          O=Sun Microsystems Inc
+// Issuer:  CN=Object Signing CA,
+//          OU=Class 2 OnSite Subscriber CA,
+//          OU=VeriSign Trust Network,
+//          O=Sun Microsystems Inc
+// Serial:  6a:8b:99:91:37:59:4f:89:53:e2:97:18:9f:19:1e:4e
+-----BEGIN CERTIFICATE-----
+MIIFdzCCBF+gAwIBAgIQaouZkTdZT4lT4pcYnxkeTjANBgkqhkiG9w0BAQUFADCB
+gzEdMBsGA1UEChMUU3VuIE1pY3Jvc3lzdGVtcyBJbmMxHzAdBgNVBAsTFlZlcmlT
+aWduIFRydXN0IE5ldHdvcmsxJTAjBgNVBAsTHENsYXNzIDIgT25TaXRlIFN1YnNj
+cmliZXIgQ0ExGjAYBgNVBAMTEU9iamVjdCBTaWduaW5nIENBMB4XDTA5MDUxMjAw
+MDAwMFoXDTEyMDUxMTIzNTk1OVowfTEdMBsGA1UEChQUU3VuIE1pY3Jvc3lzdGVt
+cyBJbmMxITAfBgNVBAsUGENvcnBvcmF0ZSBPYmplY3QgU2lnbmluZzEfMB0GA1UE
+CxQWSmF2YSBTaWduZWQgRXh0ZW5zaW9uczEYMBYGA1UEAxQPSmF2YSBNZWRpYSBB
+UElzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl5blzoKTVE8y4Hpz
+q6E15RZz1bF5HnYEyYqgHkZXnAKedmYCoMzm1XK8s+gQWShLEvGEAvs5yqarx9gE
+nnC21N28aEZgIJMa2/arKxCUkS4pxdGPYGexL9UzSRkUpoBShCZKEGdmX7gfJE2K
+/sd9MFvGV5/yZtWXrADzvm0Kd/9mg1KRv1gfrZIq0TJbupoXPYYqb73AkI9eT2ZD
+q9MdwD4E5+oojsDFXt8GU/D00fUhtXpYwuplU7D667WHYdJhIah0ST6JywyqcLXG
+XSuFTXOgITT2idSHluZVmx3dqJ72u9kPkO4JdJTMDfaK8zgNLaRkiU8Qcj+qhLYH
+ytaqcwIDAQABo4IB6jCCAeYwCQYDVR0TBAIwADAOBgNVHQ8BAf8EBAMCB4AwfwYD
+VR0fBHgwdjB0oHKgcIZuaHR0cDovL29uc2l0ZWNybC52ZXJpc2lnbi5jb20vU3Vu
+TWljcm9zeXN0ZW1zSW5jQ29ycG9yYXRlT2JqZWN0U2lnbmluZ0phdmFTaWduZWRF
+eHRlbnNpb25zQ2xhc3NCL0xhdGVzdENSTC5jcmwwHwYDVR0jBBgwFoAUs0crgn5T
+tHPKuLsZt76BTQeVx+0wHQYDVR0OBBYEFKS32mVx0gNWTeS4ProHEaeSpvvIMDsG
+CCsGAQUFBwEBBC8wLTArBggrBgEFBQcwAYYfaHR0cDovL29uc2l0ZS1vY3NwLnZl
+cmlzaWduLmNvbTCBtQYDVR0gBIGtMIGqMDkGC2CGSAGG+EUBBxcCMCowKAYIKwYB
+BQUHAgEWHGh0dHBzOi8vd3d3LnZlcmlzaWduLmNvbS9ycGEwbQYLYIZIAYb3AIN9
+nD8wXjAnBggrBgEFBQcCARYbaHR0cHM6Ly93d3cuc3VuLmNvbS9wa2kvY3BzMDMG
+CCsGAQUFBwICMCcaJVZhbGlkYXRlZCBGb3IgU3VuIEJ1c2luZXNzIE9wZXJhdGlv
+bnMwEwYDVR0lBAwwCgYIKwYBBQUHAwMwDQYJKoZIhvcNAQEFBQADggEBAAe6BO4W
+3TSNWfezyelJs6kE3HfulT6Bdyz4UUoh9ykXcV8nRwT+kh25I5MdyG2GfkJoADPR
+VhC5DYo13UFpIsTNVjq+hGYe2hML93bN7ad9SxCCyjHUo3yMz2qgBbHZI3VA9ZHA
+aWM4Tx0saMwbcnVvlbuGh+PXvStfypJqYT6lzcdFfjNVX4FI/QQNGhBswMY51tC8
+GTBCL2qhJon0gSCU4zaawDOf7+XxJWirLamYL1Aal1/h2z2sFrvA/1ftxtU3kZ6I
+7De8DyoHeZg7pYGdrj7g+lPhCga/WvEhN152I+aP08YbFcJHYmK05ngl/Ye4c6Bd
+cdrdfbw6QzEUIYY=
+-----END CERTIFICATE-----
+
+// Subject: CN=JavaFX 1.0 Runtime,
+//          OU=Java Signed Extensions,
+//          OU=Corporate Object Signing,
+//          O=Sun Microsystems Inc
+// Issuer:  CN=Object Signing CA,
+//          OU=Class 2 OnSite Subscriber CA,
+//          OU=VeriSign Trust Network,
+//          O=Sun Microsystems Inc
+// Serial:  55:c0:e6:44:59:59:79:9e:d9:26:f1:b0:4a:1e:f0:27
+-----BEGIN CERTIFICATE-----
+MIIFezCCBGOgAwIBAgIQVcDmRFlZeZ7ZJvGwSh7wJzANBgkqhkiG9w0BAQUFADCB
+gzEdMBsGA1UEChMUU3VuIE1pY3Jvc3lzdGVtcyBJbmMxHzAdBgNVBAsTFlZlcmlT
+aWduIFRydXN0IE5ldHdvcmsxJTAjBgNVBAsTHENsYXNzIDIgT25TaXRlIFN1YnNj
+cmliZXIgQ0ExGjAYBgNVBAMTEU9iamVjdCBTaWduaW5nIENBMB4XDTA4MTAwOTAw
+MDAwMFoXDTExMTAwOTIzNTk1OVowgYAxHTAbBgNVBAoUFFN1biBNaWNyb3N5c3Rl
+bXMgSW5jMSEwHwYDVQQLFBhDb3Jwb3JhdGUgT2JqZWN0IFNpZ25pbmcxHzAdBgNV
+BAsUFkphdmEgU2lnbmVkIEV4dGVuc2lvbnMxGzAZBgNVBAMUEkphdmFGWCAxLjAg
+UnVudGltZTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAM+WDc6+bu+4
+tmAcS/lBtUc02WOt9QZpVsXg9cG2pu/8bUtmDELa8iiYBVFpIs8DU58HLrGQtCUY
+SIAGOVPsOJoN29UKCDWfY9j5JeVhfhMGqk9DwrWhzgsjy4cpZ1pIp+k/fJ8zT8Ul
+aYLpow1vg3UNddsmwz02tN7cOrMw9WYIG4CRYnY1OrtJSfe2pYzheC4zyvR+aiVl
+nang2OtqikSQsNFOFHsLOJFxngy9LrO8evDSu25VTKI6zlWU6/bMeqtztJPN0VOn
+NyUrJZvkxZ207Jg0T693BGSxNC1n+ihztXogql8950M/pEuUbDjylv5FFvlp6DSB
+dDT2MkutmyMCAwEAAaOCAeowggHmMAkGA1UdEwQCMAAwDgYDVR0PAQH/BAQDAgeA
+MH8GA1UdHwR4MHYwdKByoHCGbmh0dHA6Ly9vbnNpdGVjcmwudmVyaXNpZ24uY29t
+L1N1bk1pY3Jvc3lzdGVtc0luY0NvcnBvcmF0ZU9iamVjdFNpZ25pbmdKYXZhU2ln
+bmVkRXh0ZW5zaW9uc0NsYXNzQi9MYXRlc3RDUkwuY3JsMB8GA1UdIwQYMBaAFLNH
+K4J+U7Rzyri7Gbe+gU0HlcftMB0GA1UdDgQWBBTjgufVi3XJ3gx1ewsA6Rr7BR4Z
+zjA7BggrBgEFBQcBAQQvMC0wKwYIKwYBBQUHMAGGH2h0dHA6Ly9vbnNpdGUtb2Nz
+cC52ZXJpc2lnbi5jb20wgbUGA1UdIASBrTCBqjA5BgtghkgBhvhFAQcXAjAqMCgG
+CCsGAQUFBwIBFhxodHRwczovL3d3dy52ZXJpc2lnbi5jb20vcnBhMG0GC2CGSAGG
+9wCDfZw/MF4wJwYIKwYBBQUHAgEWG2h0dHBzOi8vd3d3LnN1bi5jb20vcGtpL2Nw
+czAzBggrBgEFBQcCAjAnGiVWYWxpZGF0ZWQgRm9yIFN1biBCdXNpbmVzcyBPcGVy
+YXRpb25zMBMGA1UdJQQMMAoGCCsGAQUFBwMDMA0GCSqGSIb3DQEBBQUAA4IBAQAB
+YVJTTVe7rzyTO4jc3zajErOT/COkdQTfNo0eIX1QbNynFieJvwY/jRzUZwjktIFR
+2p4JtbpHGAtKtjOAOTieQ8xdDOoC1djzpE7/AbMvuvlTavtUKT+F7tPdhfXgWXJV
+6Wbt8jryKyk3zZGiEhauIwZUkfjRkEtffEmZWLUd8c8rURJjfC/XHH2oyurscoxc
+CjX29c9ynxSiS/VvQp1an0HvErGh69N48wj7cj8mtZ1yHzd2XCzSSR1OfTPfk0Pt
+yg51p7yJaFiH21PTZegEL6zyVNOYBTKwwIi2OzpwYalD3uvK6e3OKDrfFCOxu17u
+4PveESbrdyrmvLe7IVez
+-----END CERTIFICATE-----
+
+// Subject: CN=JavaFX Runtime,
+//          OU=Java Signed Extensions,
+//          OU=Corporate Object Signing,
+//          O=Sun Microsystems Inc
+// Issuer:  CN=Object Signing CA,
+//          OU=Class 2 OnSite Subscriber CA,
+//          OU=VeriSign Trust Network,
+//          O=Sun Microsystems Inc
+// Serial:  47:f4:55:f1:da:4a:5e:f9:e3:f7:a8:03:62:17:c0:ff
+-----BEGIN CERTIFICATE-----
+MIIFdjCCBF6gAwIBAgIQR/RV8dpKXvnj96gDYhfA/zANBgkqhkiG9w0BAQUFADCB
+gzEdMBsGA1UEChMUU3VuIE1pY3Jvc3lzdGVtcyBJbmMxHzAdBgNVBAsTFlZlcmlT
+aWduIFRydXN0IE5ldHdvcmsxJTAjBgNVBAsTHENsYXNzIDIgT25TaXRlIFN1YnNj
+cmliZXIgQ0ExGjAYBgNVBAMTEU9iamVjdCBTaWduaW5nIENBMB4XDTA5MDEyOTAw
+MDAwMFoXDTEyMDEyOTIzNTk1OVowfDEdMBsGA1UEChQUU3VuIE1pY3Jvc3lzdGVt
+cyBJbmMxITAfBgNVBAsUGENvcnBvcmF0ZSBPYmplY3QgU2lnbmluZzEfMB0GA1UE
+CxQWSmF2YSBTaWduZWQgRXh0ZW5zaW9uczEXMBUGA1UEAxQOSmF2YUZYIFJ1bnRp
+bWUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCIzd0fAk8mI9ONc6RJ
+aGieioK2FLdXEwj8zL3vdGDVmBwyR1zwYkaOIFFgF9IW/8qc4iAYA5sGUY+0g8q3
+5DuYAxfTzBB5KdaYvbuq6GGnoHIWmTirXY+1friFp8lyXSvtuEaGB1VHaBoZchEg
+k+UgeVDA43dHwcT1Ov3DePczJRUes8T/QHzLX+BxUDG43vjyncCEO/AjqLZxXEz2
+xrNbKLcH3lGMJK7hdbfssUfF5BjC38Hn71HauYlA43b2no+2y0Sjulwzez2YPbDC
+0GLR3TnKtA8dqOrnl5t3DniDbfOBNtBE3VOydJO0XW57Ng1HRXD023nm9ECPY2xp
+0N/pAgMBAAGjggHqMIIB5jAJBgNVHRMEAjAAMA4GA1UdDwEB/wQEAwIHgDB/BgNV
+HR8EeDB2MHSgcqBwhm5odHRwOi8vb25zaXRlY3JsLnZlcmlzaWduLmNvbS9TdW5N
+aWNyb3N5c3RlbXNJbmNDb3Jwb3JhdGVPYmplY3RTaWduaW5nSmF2YVNpZ25lZEV4
+dGVuc2lvbnNDbGFzc0IvTGF0ZXN0Q1JMLmNybDAfBgNVHSMEGDAWgBSzRyuCflO0
+c8q4uxm3voFNB5XH7TAdBgNVHQ4EFgQUvOdd0cKPj+Yik/iOBwTdphh5A+gwOwYI
+KwYBBQUHAQEELzAtMCsGCCsGAQUFBzABhh9odHRwOi8vb25zaXRlLW9jc3AudmVy
+aXNpZ24uY29tMIG1BgNVHSAEga0wgaowOQYLYIZIAYb4RQEHFwIwKjAoBggrBgEF
+BQcCARYcaHR0cHM6Ly93d3cudmVyaXNpZ24uY29tL3JwYTBtBgtghkgBhvcAg32c
+PzBeMCcGCCsGAQUFBwIBFhtodHRwczovL3d3dy5zdW4uY29tL3BraS9jcHMwMwYI
+KwYBBQUHAgIwJxolVmFsaWRhdGVkIEZvciBTdW4gQnVzaW5lc3MgT3BlcmF0aW9u
+czATBgNVHSUEDDAKBggrBgEFBQcDAzANBgkqhkiG9w0BAQUFAAOCAQEAbGcf2NjL
+AI93HG6ny2BbepaZA1a8xa/R6uUc7xV+Qw6MgLwFD4Q4i6LWUztQDvg9l68MM2/i
+Y9LEi1KM4lcNbK5+D+t9x98wXBiuojXhVdp5ZmC03EyEBbriopdBsmXVLDSu/Y3+
+zowOO5xwpMK3dbgsSDs2Vt0UosD3FTcRaD3GNfOhXMp+o1grHNiXF9YgkmdQbPPZ
+DQ2KBhFPCRJXBGvyKOqno/DTg0sQ3crGH/C4/4t7mnQXWldZotmJUZ0ONc9oD+Q1
+JAaguUKqIwn9yZ093ie+JWHbYNid9IIIPXYgtRxmf9a376WBhqhu56uJftBJ7x9g
+eQ7Lot6CSWCiFw==
+-----END CERTIFICATE-----
+
+// Subject: CN=Solaris INTERNAL DEVELOPMENT USE ONLY,
+//          OU=Solaris Cryptographic Framework,
+//          OU=Corporate Object Signing,
+//          O=Sun Microsystems Inc
+// Issuer:  CN=Object Signing CA,
+//          OU=Class 2 OnSite Subscriber CA,
+//          OU=VeriSign Trust Network,
+//          O=Sun Microsystems Inc
+// Serial:  77:29:77:52:6a:19:7b:9a:a6:a2:c7:99:a0:e1:cd:8c
+-----BEGIN CERTIFICATE-----
+MIIFHjCCBAagAwIBAgIQdyl3UmoZe5qmoseZoOHNjDANBgkqhkiG9w0BAQUFADCB
+gzEdMBsGA1UEChMUU3VuIE1pY3Jvc3lzdGVtcyBJbmMxHzAdBgNVBAsTFlZlcmlT
+aWduIFRydXN0IE5ldHdvcmsxJTAjBgNVBAsTHENsYXNzIDIgT25TaXRlIFN1YnNj
+cmliZXIgQ0ExGjAYBgNVBAMTEU9iamVjdCBTaWduaW5nIENBMB4XDTA3MDEwNDAw
+MDAwMFoXDTEwMDEwMzIzNTk1OVowgZwxHTAbBgNVBAoUFFN1biBNaWNyb3N5c3Rl
+bXMgSW5jMSEwHwYDVQQLFBhDb3Jwb3JhdGUgT2JqZWN0IFNpZ25pbmcxKDAmBgNV
+BAsUH1NvbGFyaXMgQ3J5cHRvZ3JhcGhpYyBGcmFtZXdvcmsxLjAsBgNVBAMUJVNv
+bGFyaXMgSU5URVJOQUwgREVWRUxPUE1FTlQgVVNFIE9OTFkwgZ8wDQYJKoZIhvcN
+AQEBBQADgY0AMIGJAoGBALbNU4hf3mD5ArDI9pjgioAyvV3bjMPRQdCZniIeGJBp
+odFlSEH+Mh64W1DsY8coeZ7FvvGJkx9IpTMJW9k8w1oJK9UNqHyAQfaYjQyXi3xQ
+LJp62EvYdGfDlwOZejEcR/MbzZG+GOPMMvQj5+xyFDvLXNGfQNTnxw2qnBgCJXjj
+AgMBAAGjggH1MIIB8TAJBgNVHRMEAjAAMA4GA1UdDwEB/wQEAwIHgDCBiQYDVR0f
+BIGBMH8wfaB7oHmGd2h0dHA6Ly9vbnNpdGVjcmwudmVyaXNpZ24uY29tL1N1bk1p
+Y3Jvc3lzdGVtc0luY0NvcnBvcmF0ZU9iamVjdFNpZ25pbmdTb2xhcmlzQ3J5cHRv
+Z3JhcGhpY0ZyYW1ld29ya0NsYXNzQi9MYXRlc3RDUkwuY3JsMB8GA1UdIwQYMBaA
+FLNHK4J+U7Rzyri7Gbe+gU0HlcftMB0GA1UdDgQWBBRpfiGYkehTnsIzuN2H6AFb
+VCZG8jA7BggrBgEFBQcBAQQvMC0wKwYIKwYBBQUHMAGGH2h0dHA6Ly9vbnNpdGUt
+b2NzcC52ZXJpc2lnbi5jb20wgbUGA1UdIASBrTCBqjA5BgtghkgBhvhFAQcXAjAq
+MCgGCCsGAQUFBwIBFhxodHRwczovL3d3dy52ZXJpc2lnbi5jb20vcnBhMG0GC2CG
+SAGG9wCDfZw/MF4wJwYIKwYBBQUHAgEWG2h0dHBzOi8vd3d3LnN1bi5jb20vcGtp
+L2NwczAzBggrBgEFBQcCAjAnFiVWYWxpZGF0ZWQgRm9yIFN1biBCdXNpbmVzcyBP
+cGVyYXRpb25zMBMGA1UdJQQMMAoGCCsGAQUFBwMDMA0GCSqGSIb3DQEBBQUAA4IB
+AQCG5soy3LFHTFbA8/5SzDRhQoJkHUnOP0t3b6nvX6vZYRp649fje7TQOPRm1pFd
+CZ17J+tggdZwgzTqY4aYpJ00jZaK6pV37q/vgFC/ia6jDs8Q+ly9cEcadBZ5loYg
+cmxp9p57W2MNWx8VA8oFdNtKfF0jUNXbLNtvwGHmgR6YcwLrGN1b6/9Lt9bO3ODl
+FO+ZDwkfQz5ClUVrTx2dGBvKRYFqSG5S8JAfsgYhPvcacUQkA7ExyKvfRXLWVrce
+ZiPpcElbx+819H2sAPvVvparVeAruZGMAtejHZp9NFoowKen5drJp9VxePS4eM49
+3DepB6lKRrNRw66LNQol4ZBz
+-----END CERTIFICATE-----
+
+// Subject: EMAILADDRESS=info@diginotar.nl, CN=DigiNotar Cyber CA,
+//          O=DigiNotar, C=NL
+// Issuer:  CN=GTE CyberTrust Global Root,
+//          OU=GTE CyberTrust Solutions, Inc.,
+//          O=GTE Corporation,
+//          C=US
+// Serial:  120000525 (07:27:10:0D)
+-----BEGIN CERTIFICATE-----
+MIIFWjCCBMOgAwIBAgIEBycQDTANBgkqhkiG9w0BAQUFADB1MQswCQYDVQQGEwJV
+UzEYMBYGA1UEChMPR1RFIENvcnBvcmF0aW9uMScwJQYDVQQLEx5HVEUgQ3liZXJU
+cnVzdCBTb2x1dGlvbnMsIEluYy4xIzAhBgNVBAMTGkdURSBDeWJlclRydXN0IEds
+b2JhbCBSb290MB4XDTA2MTAwNDEwNTQxMVoXDTExMTAwNDEwNTMxMVowYDELMAkG
+A1UEBhMCTkwxEjAQBgNVBAoTCURpZ2lOb3RhcjEbMBkGA1UEAxMSRGlnaU5vdGFy
+IEN5YmVyIENBMSAwHgYJKoZIhvcNAQkBFhFpbmZvQGRpZ2lub3Rhci5ubDCCAiIw
+DQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIBANLOFQotqF6EZ639vu9Gx8i5z3P8
+9DS5+SxD52ATPXrjss87Z2yQrcC5P4RS8DVC3HTcKDu9UrSnrHJFF8bwieu0qiXy
+XUte0dmHutZ9fPXOMp8QM8WxSrtekTHC0OlBwpFkfglBO9uLCDdqqspS3rU5HsCI
+A6U/i5kTYUO1m4Kz7iBvz6FEouova0CfjytXraFTwoUiaZ2gP1HfC0GRDaXhqKpc
+SQhdvd5wQbEPyWNr0380dAIvNFp4dRxoeoFnivPaQPBgY/SSINcDpj2jHmfEhBtB
+pcmM5r3qSLYFFgizNxJa92E89zhvLpfgb1Y4VNMota0Ubi5LZLUnZbd1JQm2Bz2V
+VgIKgmCyc0XgMyZRdJq51FAc9k1bW1JSE1qmf6cO4ehBVGeYjIfVydNsy9NUkgYJ
+NEH3gW8/nsl8dVWw58Gzd+jDxAA1lUBwEEoF3iW7n1mlZLxHYL9g43aLE1Xd4XR6
+uc8kpmp/3mQiRFhogmoQ+T3lPhu5vfwi9GAEibtVbShV+t6OjRshFNc3izR7Tfay
+shDPM7F9HGKZSMsrbHaWVb8ZDR0fu2WqG46ZtcYokOWCLXhQIJr9eS8kf/CJKWn0
+fc1zvrPtTsHR7VJej/e4142HrbLZG1ES/1az4a80fVykeIgQnp0DxqWqoiRR90kU
+xbHuWUOV36toKDA/AgMBAAGjggGGMIIBgjASBgNVHRMBAf8ECDAGAQH/AgEBMFMG
+A1UdIARMMEowSAYJKwYBBAGxPgEAMDswOQYIKwYBBQUHAgEWLWh0dHA6Ly93d3cu
+cHVibGljLXRydXN0LmNvbS9DUFMvT21uaVJvb3QuaHRtbDAOBgNVHQ8BAf8EBAMC
+AQYwgaAGA1UdIwSBmDCBlYAUpgwdn2H/Bxe1vzhG20Mw1Y6wUgaheaR3MHUxCzAJ
+BgNVBAYTAlVTMRgwFgYDVQQKEw9HVEUgQ29ycG9yYXRpb24xJzAlBgNVBAsTHkdU
+RSBDeWJlclRydXN0IFNvbHV0aW9ucywgSW5jLjEjMCEGA1UEAxMaR1RFIEN5YmVy
+VHJ1c3QgR2xvYmFsIFJvb3SCAgGlMEUGA1UdHwQ+MDwwOqA4oDaGNGh0dHA6Ly93
+d3cucHVibGljLXRydXN0LmNvbS9jZ2ktYmluL0NSTC8yMDE4L2NkcC5jcmwwHQYD
+VR0OBBYEFKv5aN/PSjfXe0WMX3LeQETDZbvCMA0GCSqGSIb3DQEBBQUAA4GBAI9o
+a6VbB7pEZg4cqFwwezPkCiYE/O+eGjjWLqEf0JlHwnVkJP2eOyh2uSYoYZEMbSz4
+BJ98UAHV42mv7xXSRZskCSpmBU8lgcpdvqrBWSeuM46C9990sFWzjvjnN8huqlZE
+9r1TgSOWPbT6MopTZkQloiXGpjwljPDgKAYityZB
+-----END CERTIFICATE-----
+
+// Subject: CN=DigiNotar Cyber CA, O=DigiNotar, C=NL
+// Issuer:  CN=GTE CyberTrust Global Root,
+//          OU=GTE CyberTrust Solutions, Inc.,
+//          O=GTE Corporation,
+//          C=US
+// Serial:  120000505 (07:27:0F:F9)
+-----BEGIN CERTIFICATE-----
+MIIFODCCBKGgAwIBAgIEBycP+TANBgkqhkiG9w0BAQUFADB1MQswCQYDVQQGEwJV
+UzEYMBYGA1UEChMPR1RFIENvcnBvcmF0aW9uMScwJQYDVQQLEx5HVEUgQ3liZXJU
+cnVzdCBTb2x1dGlvbnMsIEluYy4xIzAhBgNVBAMTGkdURSBDeWJlclRydXN0IEds
+b2JhbCBSb290MB4XDTA2MDkyMDA5NDUzMloXDTEzMDkyMDA5NDQwNlowPjELMAkG
+A1UEBhMCTkwxEjAQBgNVBAoTCURpZ2lOb3RhcjEbMBkGA1UEAxMSRGlnaU5vdGFy
+IEN5YmVyIENBMIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEA0s4VCi2o
+XoRnrf2+70bHyLnPc/z0NLn5LEPnYBM9euOyzztnbJCtwLk/hFLwNULcdNwoO71S
+tKesckUXxvCJ67SqJfJdS17R2Ye61n189c4ynxAzxbFKu16RMcLQ6UHCkWR+CUE7
+24sIN2qqylLetTkewIgDpT+LmRNhQ7WbgrPuIG/PoUSi6i9rQJ+PK1etoVPChSJp
+naA/Ud8LQZENpeGoqlxJCF293nBBsQ/JY2vTfzR0Ai80Wnh1HGh6gWeK89pA8GBj
+9JIg1wOmPaMeZ8SEG0GlyYzmvepItgUWCLM3Elr3YTz3OG8ul+BvVjhU0yi1rRRu
+LktktSdlt3UlCbYHPZVWAgqCYLJzReAzJlF0mrnUUBz2TVtbUlITWqZ/pw7h6EFU
+Z5iMh9XJ02zL01SSBgk0QfeBbz+eyXx1VbDnwbN36MPEADWVQHAQSgXeJbufWaVk
+vEdgv2DjdosTVd3hdHq5zySman/eZCJEWGiCahD5PeU+G7m9/CL0YASJu1VtKFX6
+3o6NGyEU1zeLNHtN9rKyEM8zsX0cYplIyytsdpZVvxkNHR+7Zaobjpm1xiiQ5YIt
+eFAgmv15LyR/8IkpafR9zXO+s+1OwdHtUl6P97jXjYetstkbURL/VrPhrzR9XKR4
+iBCenQPGpaqiJFH3SRTFse5ZQ5Xfq2goMD8CAwEAAaOCAYYwggGCMBIGA1UdEwEB
+/wQIMAYBAf8CAQEwUwYDVR0gBEwwSjBIBgkrBgEEAbE+AQAwOzA5BggrBgEFBQcC
+ARYtaHR0cDovL3d3dy5wdWJsaWMtdHJ1c3QuY29tL0NQUy9PbW5pUm9vdC5odG1s
+MA4GA1UdDwEB/wQEAwIBBjCBoAYDVR0jBIGYMIGVgBSmDB2fYf8HF7W/OEbbQzDV
+jrBSBqF5pHcwdTELMAkGA1UEBhMCVVMxGDAWBgNVBAoTD0dURSBDb3Jwb3JhdGlv
+bjEnMCUGA1UECxMeR1RFIEN5YmVyVHJ1c3QgU29sdXRpb25zLCBJbmMuMSMwIQYD
+VQQDExpHVEUgQ3liZXJUcnVzdCBHbG9iYWwgUm9vdIICAaUwRQYDVR0fBD4wPDA6
+oDigNoY0aHR0cDovL3d3dy5wdWJsaWMtdHJ1c3QuY29tL2NnaS1iaW4vQ1JMLzIw
+MTgvY2RwLmNybDAdBgNVHQ4EFgQUq/lo389KN9d7RYxfct5ARMNlu8IwDQYJKoZI
+hvcNAQEFBQADgYEACcpiD427SuDUejUrBi3RKGG2rAH7g0m8rtQvLYauGYOl1h0T
+4he+/jJ06XoUOMqUXvcpAWlxG5Ea/aO7qh3Ke+IW/aGjDvMMX7LhIDGUK16Sdu36
+6bUjpr8KOwOpb1JgVM1f6bcvfKIn/UGDdbYN+3gm87FF6TKVKho1IZXFonU=
+-----END CERTIFICATE-----
+
+// Subject: CN=DigiNotar Cyber CA, O=DigiNotar, C=NL
+// Issuer:  CN=GTE CyberTrust Global Root,
+//          OU=GTE CyberTrust Solutions, Inc.,
+//          O=GTE Corporation,
+//          C=US
+// Serial:  120000515 (07:27:10:03)
+-----BEGIN CERTIFICATE-----
+MIIFODCCBKGgAwIBAgIEBycQAzANBgkqhkiG9w0BAQUFADB1MQswCQYDVQQGEwJV
+UzEYMBYGA1UEChMPR1RFIENvcnBvcmF0aW9uMScwJQYDVQQLEx5HVEUgQ3liZXJU
+cnVzdCBTb2x1dGlvbnMsIEluYy4xIzAhBgNVBAMTGkdURSBDeWJlclRydXN0IEds
+b2JhbCBSb290MB4XDTA2MDkyNzEwNTMzMloXDTExMDkyNzEwNTIzMFowPjELMAkG
+A1UEBhMCTkwxEjAQBgNVBAoTCURpZ2lOb3RhcjEbMBkGA1UEAxMSRGlnaU5vdGFy
+IEN5YmVyIENBMIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEA0s4VCi2o
+XoRnrf2+70bHyLnPc/z0NLn5LEPnYBM9euOyzztnbJCtwLk/hFLwNULcdNwoO71S
+tKesckUXxvCJ67SqJfJdS17R2Ye61n189c4ynxAzxbFKu16RMcLQ6UHCkWR+CUE7
+24sIN2qqylLetTkewIgDpT+LmRNhQ7WbgrPuIG/PoUSi6i9rQJ+PK1etoVPChSJp
+naA/Ud8LQZENpeGoqlxJCF293nBBsQ/JY2vTfzR0Ai80Wnh1HGh6gWeK89pA8GBj
+9JIg1wOmPaMeZ8SEG0GlyYzmvepItgUWCLM3Elr3YTz3OG8ul+BvVjhU0yi1rRRu
+LktktSdlt3UlCbYHPZVWAgqCYLJzReAzJlF0mrnUUBz2TVtbUlITWqZ/pw7h6EFU
+Z5iMh9XJ02zL01SSBgk0QfeBbz+eyXx1VbDnwbN36MPEADWVQHAQSgXeJbufWaVk
+vEdgv2DjdosTVd3hdHq5zySman/eZCJEWGiCahD5PeU+G7m9/CL0YASJu1VtKFX6
+3o6NGyEU1zeLNHtN9rKyEM8zsX0cYplIyytsdpZVvxkNHR+7Zaobjpm1xiiQ5YIt
+eFAgmv15LyR/8IkpafR9zXO+s+1OwdHtUl6P97jXjYetstkbURL/VrPhrzR9XKR4
+iBCenQPGpaqiJFH3SRTFse5ZQ5Xfq2goMD8CAwEAAaOCAYYwggGCMBIGA1UdEwEB
+/wQIMAYBAf8CAQEwUwYDVR0gBEwwSjBIBgkrBgEEAbE+AQAwOzA5BggrBgEFBQcC
+ARYtaHR0cDovL3d3dy5wdWJsaWMtdHJ1c3QuY29tL0NQUy9PbW5pUm9vdC5odG1s
+MA4GA1UdDwEB/wQEAwIBBjCBoAYDVR0jBIGYMIGVgBSmDB2fYf8HF7W/OEbbQzDV
+jrBSBqF5pHcwdTELMAkGA1UEBhMCVVMxGDAWBgNVBAoTD0dURSBDb3Jwb3JhdGlv
+bjEnMCUGA1UECxMeR1RFIEN5YmVyVHJ1c3QgU29sdXRpb25zLCBJbmMuMSMwIQYD
+VQQDExpHVEUgQ3liZXJUcnVzdCBHbG9iYWwgUm9vdIICAaUwRQYDVR0fBD4wPDA6
+oDigNoY0aHR0cDovL3d3dy5wdWJsaWMtdHJ1c3QuY29tL2NnaS1iaW4vQ1JMLzIw
+MTgvY2RwLmNybDAdBgNVHQ4EFgQUq/lo389KN9d7RYxfct5ARMNlu8IwDQYJKoZI
+hvcNAQEFBQADgYEAWcyGZhizJlRP1jjNupZey+yZG6oMDW4Z11boriMHbYPCndBE
+bVh07zmPbZsihOw9w/vm5KbVX5CgxUv4Rhzh/20Faixf3P3bpWg0qgzHVVusNVR/
+P50aKkpdK3hp+QLl56e+lWOddSAINIpmcuyDI1hyuzB+GJEASm9tNU/6rs8=
+-----END CERTIFICATE-----
+
+// Subject: EMAILADDRESS=info@diginotar.nl,
+//          CN=DigiNotar Root CA,
+//          O=DigiNotar, C=NL
+// Issuer:  CN=Entrust.net Secure Server Certification Authority
+//          OU=(c) 1999 Entrust.net Limited,
+//          OU=www.entrust.net/CPS incorp. by ref. (limits liab.),
+//          O=Entrust.net,
+//          C=US,
+// Serial:  1184644297 (46:9C:3C:C9)
+-----BEGIN CERTIFICATE-----
+MIIFSDCCBLGgAwIBAgIERpw8yTANBgkqhkiG9w0BAQUFADCBwzELMAkGA1UEBhMC
+VVMxFDASBgNVBAoTC0VudHJ1c3QubmV0MTswOQYDVQQLEzJ3d3cuZW50cnVzdC5u
+ZXQvQ1BTIGluY29ycC4gYnkgcmVmLiAobGltaXRzIGxpYWIuKTElMCMGA1UECxMc
+KGMpIDE5OTkgRW50cnVzdC5uZXQgTGltaXRlZDE6MDgGA1UEAxMxRW50cnVzdC5u
+ZXQgU2VjdXJlIFNlcnZlciBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eTAeFw0wNzA0
+MjYwNTAwMDBaFw0xMzA4MTQyMDEyMzZaMF8xCzAJBgNVBAYTAk5MMRIwEAYDVQQK
+EwlEaWdpTm90YXIxGjAYBgNVBAMTEURpZ2lOb3RhciBSb290IENBMSAwHgYJKoZI
+hvcNAQkBFhFpbmZvQGRpZ2lub3Rhci5ubDCCAiIwDQYJKoZIhvcNAQEBBQADggIP
+ADCCAgoCggIBAKywWMEAvdghCAsrmv5uVjAFnxt3kBBBXMMNhxF3joHxynzpjGrt
+OHQ1u9rf+bvACTe0lnOBfTMamDn3k2+Vfz25sXWHulFI6ItwPpUExdi2wxbZiLCx
+hx1w2oa0DxSLes8Q0XQ2ohJ7d4ZKeeZ73wIRaKVOhq40WJskE3hWIiUeAYtLUXH7
+gsxZlmmIWmhTxbkNAjfLS7xmSpB+KgsFB+0WX1WQddhGyRuD4gi+8SPMmR3WKg+D
+IBVYJ4Iu+uIiwkmxuQGBap1tnUB3aHZOISpthECFTnaZfILz87cCWdQmARuO361T
+BtGuGN3isjrL14g4jqxbKbkZ05j5GAPPSIKGZgsbaQ/J6ziIeiYaBUyS1yTUlvKs
+Ui2jR9VS9j/+zoQGcKaqPqLytlY0GFei5IFt58rwatPHkWsCg0F8Fe9rmmRe49A8
+5bHre12G+8vmd0nNo2Xc97mcuOQLX5PPzDAaMhzOHGOVpfnq4XSLnukrqTB7oBgf
+DhgL5Vup09FsHgdnj5FLqYq80maqkwGIspH6MVzVpsFSCAnNCmOi0yKm6KHZOQaX
+9W6NApCMFHs/gM0bnLrEWHIjr7ZWn8Z6QjMpBz+CyeYfBQ3NTCg2i9PIPhzGiO9e
+7olk6R3r2ol+MqZp0d3MiJ/R0MlmIdwGZ8WUepptYkx9zOBkgLKeR46jAgMBAAGj
+ggEmMIIBIjASBgNVHRMBAf8ECDAGAQH/AgEBMCcGA1UdJQQgMB4GCCsGAQUFBwMB
+BggrBgEFBQcDAgYIKwYBBQUHAwQwEQYDVR0gBAowCDAGBgRVHSAAMDMGCCsGAQUF
+BwEBBCcwJTAjBggrBgEFBQcwAYYXaHR0cDovL29jc3AuZW50cnVzdC5uZXQwMwYD
+VR0fBCwwKjAooCagJIYiaHR0cDovL2NybC5lbnRydXN0Lm5ldC9zZXJ2ZXIxLmNy
+bDAdBgNVHQ4EFgQUiGi/4I41xDs4a2L3KDuEgcgM100wCwYDVR0PBAQDAgEGMB8G
+A1UdIwQYMBaAFPAXYhNVPbP/CgBr+1CEl/PtYtAaMBkGCSqGSIb2fQdBAAQMMAob
+BFY3LjEDAgCBMA0GCSqGSIb3DQEBBQUAA4GBAI979rBep8tu3TeLunapgsZ0jtXp
+GDFjKWSk87dj1jCyYi+q/GyDyZ6ZQZNRP0sF+6twscq05lClWNy3TROMp7QeuoLO
+G7Utw3OJaswUtp4YglANMRTHEe3g9ltifUXRH5tSuy7u6yi4LD4WTm5ULP6r/g6l
+0CnjXYb0+b1Fmz6U
+-----END CERTIFICATE-----
+
+// Subject: EMAILADDRESS=info@diginotar.nl,
+//          CN=DigiNotar Root CA,
+//          O=DigiNotar, C=NL
+// Issuer:  CN=Entrust.net Secure Server Certification Authority
+//          OU=(c) 1999 Entrust.net Limited,
+//          OU=www.entrust.net/CPS incorp. by ref. (limits liab.),
+//          O=Entrust.net,
+//          C=US,
+// Serial:  1184640175 (46:9C:2C:AF)
+-----BEGIN CERTIFICATE-----
+MIIFSDCCBLGgAwIBAgIERpwsrzANBgkqhkiG9w0BAQUFADCBwzELMAkGA1UEBhMC
+VVMxFDASBgNVBAoTC0VudHJ1c3QubmV0MTswOQYDVQQLEzJ3d3cuZW50cnVzdC5u
+ZXQvQ1BTIGluY29ycC4gYnkgcmVmLiAobGltaXRzIGxpYWIuKTElMCMGA1UECxMc
+KGMpIDE5OTkgRW50cnVzdC5uZXQgTGltaXRlZDE6MDgGA1UEAxMxRW50cnVzdC5u
+ZXQgU2VjdXJlIFNlcnZlciBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eTAeFw0wNzA3
+MjYxNTU3MzlaFw0xMzA4MjYxNjI3MzlaMF8xCzAJBgNVBAYTAk5MMRIwEAYDVQQK
+EwlEaWdpTm90YXIxGjAYBgNVBAMTEURpZ2lOb3RhciBSb290IENBMSAwHgYJKoZI
+hvcNAQkBFhFpbmZvQGRpZ2lub3Rhci5ubDCCAiIwDQYJKoZIhvcNAQEBBQADggIP
+ADCCAgoCggIBAKywWMEAvdghCAsrmv5uVjAFnxt3kBBBXMMNhxF3joHxynzpjGrt
+OHQ1u9rf+bvACTe0lnOBfTMamDn3k2+Vfz25sXWHulFI6ItwPpUExdi2wxbZiLCx
+hx1w2oa0DxSLes8Q0XQ2ohJ7d4ZKeeZ73wIRaKVOhq40WJskE3hWIiUeAYtLUXH7
+gsxZlmmIWmhTxbkNAjfLS7xmSpB+KgsFB+0WX1WQddhGyRuD4gi+8SPMmR3WKg+D
+IBVYJ4Iu+uIiwkmxuQGBap1tnUB3aHZOISpthECFTnaZfILz87cCWdQmARuO361T
+BtGuGN3isjrL14g4jqxbKbkZ05j5GAPPSIKGZgsbaQ/J6ziIeiYaBUyS1yTUlvKs
+Ui2jR9VS9j/+zoQGcKaqPqLytlY0GFei5IFt58rwatPHkWsCg0F8Fe9rmmRe49A8
+5bHre12G+8vmd0nNo2Xc97mcuOQLX5PPzDAaMhzOHGOVpfnq4XSLnukrqTB7oBgf
+DhgL5Vup09FsHgdnj5FLqYq80maqkwGIspH6MVzVpsFSCAnNCmOi0yKm6KHZOQaX
+9W6NApCMFHs/gM0bnLrEWHIjr7ZWn8Z6QjMpBz+CyeYfBQ3NTCg2i9PIPhzGiO9e
+7olk6R3r2ol+MqZp0d3MiJ/R0MlmIdwGZ8WUepptYkx9zOBkgLKeR46jAgMBAAGj
+ggEmMIIBIjASBgNVHRMBAf8ECDAGAQH/AgEBMCcGA1UdJQQgMB4GCCsGAQUFBwMB
+BggrBgEFBQcDAgYIKwYBBQUHAwQwEQYDVR0gBAowCDAGBgRVHSAAMDMGCCsGAQUF
+BwEBBCcwJTAjBggrBgEFBQcwAYYXaHR0cDovL29jc3AuZW50cnVzdC5uZXQwMwYD
+VR0fBCwwKjAooCagJIYiaHR0cDovL2NybC5lbnRydXN0Lm5ldC9zZXJ2ZXIxLmNy
+bDAdBgNVHQ4EFgQUiGi/4I41xDs4a2L3KDuEgcgM100wCwYDVR0PBAQDAgEGMB8G
+A1UdIwQYMBaAFPAXYhNVPbP/CgBr+1CEl/PtYtAaMBkGCSqGSIb2fQdBAAQMMAob
+BFY3LjEDAgCBMA0GCSqGSIb3DQEBBQUAA4GBAEa6RcDNcEIGUlkDJUY/pWTds4zh
+xbVkp3wSmpwPFhx5fxTyF4HD2L60jl3aqjTB7gPpsL2Pk5QZlNsi3t4UkCV70UOd
+ueJRN3o/LOtk4+bjXY2lC0qTHbN80VMLqPjmaf9ghSA9hwhskdtMgRsgfd90q5QP
+ZFdYf+hthc3m6IcJ
+-----END CERTIFICATE-----
+
+// Subject: CN=DigiNotar PKIoverheid CA Organisatie - G2,
+//          O=DigiNotar B.V.,
+//          C=NL
+// Issuer:  CN=Staat der Nederlanden Organisatie CA - G2,
+//          O=Staat der Nederlanden,
+//          C=NL
+// Serial:  20001983 (01:31:34:bf)
+-----BEGIN CERTIFICATE-----
+MIIGnDCCBISgAwIBAgIEATE0vzANBgkqhkiG9w0BAQsFADBhMQswCQYDVQQGEwJO
+TDEeMBwGA1UECgwVU3RhYXQgZGVyIE5lZGVybGFuZGVuMTIwMAYDVQQDDClTdGFh
+dCBkZXIgTmVkZXJsYW5kZW4gT3JnYW5pc2F0aWUgQ0EgLSBHMjAeFw0xMDA1MTIw
+ODUxMzhaFw0yMDAzMjMwOTUwMDRaMFoxCzAJBgNVBAYTAk5MMRcwFQYDVQQKDA5E
+aWdpTm90YXIgQi5WLjEyMDAGA1UEAwwpRGlnaU5vdGFyIFBLSW92ZXJoZWlkIENB
+IE9yZ2FuaXNhdGllIC0gRzIwggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoIC
+AQCxExkPJ+Zs1FWGS9DsiYpFkXisR71HK+T8RetPtCZzWzfTw3/2497Xo/gtaMUI
+PkuU1uSHJTZrhLUYdPMoWHMvm2rPvAQe9t7dr/xLqvXbZmIlASWC3vKXWhBu3V2p
+IrEEqSNzOvhxrR3PhETrR9Gvbch8KKvH8jd6dF9fxQIUiqNa4xtsAeNdjtlo1vQJ
+GzLckbUs9SDrjANtJkm4k8SFXdjSm69WaswFM8ygQp40VUSca6DUEtArVM23iQ3l
+9uvo+4UBM096a/GdcjOWDveyhKWlJ8Qn8VFzKXe6Z27+TNy04qGhgS85SY1DOBPO
+0KVcwoc6AGdlQiPxNlkKHaNRyLyjlCox3+M88p0aPASw77EKMBNzttfzo0wBdRSF
+eMDXijlYhVD6LubFvs+LP6+PNtQlCS3SD6xyk/K/i9RQs/kVUJuZ9RTZ+4uRozIm
+JqD43ztggYaDeVsr6xM9KTrBbd29no6H1kquNJcF7hSm9tw4fkrpJFQHPZdoN0Zr
+DceoIa8TVOQJavFNRgrJXfubT73e+7dUy7g4nKc5+2otwHuNq6WnV+xKkoozxeEg
+XHPYkJIrgNUPhhhpfDlPhIa890xb89W0yqDC8DciynlSH1PmqvOQsDvd8ij9rOvF
+BiSgydQvD1j9tZ7sD8+yWdCiBHo4aq5y+73wJWKUCacFCwIDAQABo4IBYTCCAV0w
+SAYDVR0gBEEwPzA9BgRVHSAAMDUwMwYIKwYBBQUHAgEWJ2h0dHA6Ly93d3cuZGln
+aW5vdGFyLm5sL2Nwcy9wa2lvdmVyaGVpZDAPBgNVHRMBAf8EBTADAQH/MA4GA1Ud
+DwEB/wQEAwIBBjCBhQYDVR0jBH4wfIAUORCLSZJc22ESIM1JnRqO2pxnQLmhXqRc
+MFoxCzAJBgNVBAYTAk5MMR4wHAYDVQQKDBVTdGFhdCBkZXIgTmVkZXJsYW5kZW4x
+KzApBgNVBAMMIlN0YWF0IGRlciBOZWRlcmxhbmRlbiBSb290IENBIC0gRzKCBACY
+lvQwSQYDVR0fBEIwQDA+oDygOoY4aHR0cDovL2NybC5wa2lvdmVyaGVpZC5ubC9E
+b21PcmdhbmlzYXRpZUxhdGVzdENSTC1HMi5jcmwwHQYDVR0OBBYEFLxdlDvZq3sD
+JXNhwtst7vyrj2WhMA0GCSqGSIb3DQEBCwUAA4ICAQCP/C1Mt9kt1R+978v0t2gX
+dZ1O1ffdnPEqJu2forYcA9VTs+wIzzTi48P0tRYvyMO+19NzqwA2+RpKftZj6V5G
+uqW2jhW3oyrYQx3vXcgfgYWzi/f/PPTZ9EYIP5y8HaDZqEzNJVJOCrEg9x/pQ9lU
+RoETmsBedGwqmDLq/He7DaWiMZgifnx859qkrey3LhoZcfhIUNpDjyyE3cFAJ+O1
+8BVOltT4XOOGKUYr1zsH6zh/yIZXl9PvKjPEF1DVZGlrK2tFXl0vF8paTs/D1zk8
+9TufRrmb5w5Jl53W1eMbD+qPAU6aE5RZCgIHSEsaYKt/T+0L2FUNaG9VnGllFULs
+wNzdbKzDFs4LHVabpMTE0i7gD+JEJytQaaTcYuiKISlCbMwAOpZ2m+9AwKRed4Qy
+bCYqOWauXeO5ubIsaB8empADOfCqs6TMSYsYNOk3yXspx4R8b0QVL+xhWQTJRcui
+1lKifH8pktZKxYtCqNT+6tjHhyMY5J16fXNAUpigrm7jBT8FD+Clxm1N7YM3iJzH
+89xCmmq21yFJNnfy7xhPxXDZnunetyuL9Lx+KN8NQMmFXK6dxTH/0FwOtah+8Okv
+uq+IruW10Vilr5xxpykBkINpN4IFuvwJwQhujHg7wzMCgD9EhQgd31VWCK0shS1d
+sQPhrqp0xaTzTro3mHuCuQ==
+-----END CERTIFICATE-----
+
+// Subject: CN=DigiNotar PKIoverheid CA Overheid en Bedrijven,
+//          O=DigiNotar B.V.,
+//          C=NL
+// Issuer:  CN=Staat der Nederlanden Overheid CA
+//          O=Staat der Nederlanden,
+//          C=NL
+// Serial:  20015536 (01:31:69:b0)
+-----BEGIN CERTIFICATE-----
+MIIEiDCCA3CgAwIBAgIEATFpsDANBgkqhkiG9w0BAQUFADBZMQswCQYDVQQGEwJO
+TDEeMBwGA1UEChMVU3RhYXQgZGVyIE5lZGVybGFuZGVuMSowKAYDVQQDEyFTdGFh
+dCBkZXIgTmVkZXJsYW5kZW4gT3ZlcmhlaWQgQ0EwHhcNMDcwNzA1MDg0MjA3WhcN
+MTUwNzI3MDgzOTQ2WjBfMQswCQYDVQQGEwJOTDEXMBUGA1UEChMORGlnaU5vdGFy
+IEIuVi4xNzA1BgNVBAMTLkRpZ2lOb3RhciBQS0lvdmVyaGVpZCBDQSBPdmVyaGVp
+ZCBlbiBCZWRyaWp2ZW4wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDc
+vdKnTmoKuzuiheF/AK2+tDBomAfNoHrElM9x+Yo35FPrV3bMi+Zs/u6HVcg+uwQ5
+AKeAeKxbT370vbhUuHE7BzFJOZNUfCA7eSuPu2GQfbGs5h+QLp1FAalkLU3DL7nn
+UNVOKlyrdnY3Rtd57EKZ96LspIlw3Dgrh6aqJOadkiQbvvb91C8ZF3rmMgeUVAVT
+Q+lsvK9Hy7zL/b07RBKB8WtLu+20z6slTxjSzAL8o0+1QjPLWc0J3NNQ/aB2jKx+
+ZopC9q0ckvO2+xRG603XLzDgbe5bNr5EdLcgBVeFTegAGaL2DOauocBC36esgl3H
+aLcY5olLmmv6znn58yynAgMBAAGjggFQMIIBTDBIBgNVHSAEQTA/MD0GBFUdIAAw
+NTAzBggrBgEFBQcCARYnaHR0cDovL3d3dy5kaWdpbm90YXIubmwvY3BzL3BraW92
+ZXJoZWlkMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0PAQH/BAQDAgEGMIGABgNVHSME
+eTB3gBQLhtYPd6NosftkCcOIblwEHFfpPaFZpFcwVTELMAkGA1UEBhMCTkwxHjAc
+BgNVBAoTFVN0YWF0IGRlciBOZWRlcmxhbmRlbjEmMCQGA1UEAxMdU3RhYXQgZGVy
+IE5lZGVybGFuZGVuIFJvb3QgQ0GCBACYmnkwPQYDVR0fBDYwNDAyoDCgLoYsaHR0
+cDovL2NybC5wa2lvdmVyaGVpZC5ubC9Eb21PdkxhdGVzdENSTC5jcmwwHQYDVR0O
+BBYEFEwIyY128ZjHPt881y91DbF2eZfMMA0GCSqGSIb3DQEBBQUAA4IBAQAMlIca
+v03jheLu19hjeQ5Q38aEW9K72fUxCho1l3TfFPoqDz7toOMI9tVOW6+mriXiRWsi
+D7dUKH6S3o0UbNEc5W50BJy37zRERd/Jgx0ZH8Apad+J1T/CsFNt5U4X5HNhIxMm
+cUP9TFnLw98iqiEr2b+VERqKpOKrp11Lbyn1UtHk0hWxi/7wA8+nfemZhzizDXMU
+5HIs4c71rQZIZPrTKbmi2Lv01QulQERDjqC/zlqlUkxk0xcxYczopIro5Ij76eUv
+BjMzm5RmZrGrUDqhCYF0U1onuabSJc/Tw6f/ltAv6uAejVLpGBwgCkegllYOQJBR
+RKwa/fHuhR/3Qlpl
+-----END CERTIFICATE-----
+
+// Subject: CN=DigiNotar PKIoverheid CA Overheid
+//          O=DigiNotar B.V.,
+//          C=NL
+// Issuer:  CN=Staat der Nederlanden Overheid CA
+//          O=Staat der Nederlanden,
+//          C=NL
+// Serial:  20006006 (01:31:44:76)
+-----BEGIN CERTIFICATE-----
+MIIEezCCA2OgAwIBAgIEATFEdjANBgkqhkiG9w0BAQUFADBZMQswCQYDVQQGEwJO
+TDEeMBwGA1UEChMVU3RhYXQgZGVyIE5lZGVybGFuZGVuMSowKAYDVQQDEyFTdGFh
+dCBkZXIgTmVkZXJsYW5kZW4gT3ZlcmhlaWQgQ0EwHhcNMDQwNjI0MDgxOTMyWhcN
+MTAwNjIzMDgxNzM2WjBSMQswCQYDVQQGEwJOTDEXMBUGA1UEChMORGlnaU5vdGFy
+IEIuVi4xKjAoBgNVBAMTIURpZ2lOb3RhciBQS0lvdmVyaGVpZCBDQSBPdmVyaGVp
+ZDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBANSlrubta5tlOjVCi/gb
+yLCvRqfBjxG8H594VcKHu0WAYc99SPZF9cycj5mw2GyfQvy/WIrGrL4iyNq1gSqR
+0QA/mTXKZIaPqzpDhdm+VvrKkmjrbZfaQxgMSs3ChtBsjcP9Lc0X1zXZ4Q8nBe3k
+BTp+zehINfmbjoEgXLxsMR5RQ6GxzKjuC04PQpbJQgTIakglKaqYcDDZbEscWgPV
+Hgj/2aoHlj6leW/ThHZ+O41jUguEmBLZA3mu3HrCfrHntb5dPt0ihzSx7GtD/SaX
+5HBLxnP189YuqMk5iRA95CtiSdKauvon/xRKRLNgG6XAz0ctSoY7xLDdiBVU5kJd
+FScCAwEAAaOCAVAwggFMMEgGA1UdIARBMD8wPQYEVR0gADA1MDMGCCsGAQUFBwIB
+FidodHRwOi8vd3d3LmRpZ2lub3Rhci5ubC9jcHMvcGtpb3ZlcmhlaWQwDwYDVR0T
+AQH/BAUwAwEB/zAOBgNVHQ8BAf8EBAMCAQYwgYAGA1UdIwR5MHeAFAuG1g93o2ix
++2QJw4huXAQcV+k9oVmkVzBVMQswCQYDVQQGEwJOTDEeMBwGA1UEChMVU3RhYXQg
+ZGVyIE5lZGVybGFuZGVuMSYwJAYDVQQDEx1TdGFhdCBkZXIgTmVkZXJsYW5kZW4g
+Um9vdCBDQYIEAJiaeTA9BgNVHR8ENjA0MDKgMKAuhixodHRwOi8vY3JsLnBraW92
+ZXJoZWlkLm5sL0RvbU92TGF0ZXN0Q1JMLmNybDAdBgNVHQ4EFgQUvRaYQh2+kdE9
+wpcl4CjXWOC1f+IwDQYJKoZIhvcNAQEFBQADggEBAGhQsCWLiaN2EOhPAW+JQP6o
+XBOrLv5w6joahzBFVn1BiefzmlMKjibqKYxURRvMAsMkh82/MfL8V0w6ugxl81lu
+i42dcxl9cKSVXKMw4bbBzJ2VQI5HTIABwefeNuy/eX6idVwYdt3ajAH7fUA8Q9Cq
+vr6H8B+8mwoEqTVTEVlCSsC/EXsokYEUr06PPzRudKjDmijgj7zFaIioZNc8hk7g
+ufEgrs/tmcNGylrwRHgCXjCRBt2NHlZ08l7A1AGU8HcHlSbG9Un/2q9kVHUkps0D
+gtUaEK+x6jpAu/R8Ojezu/+ZEcwwjI/KOhG+84+ejFmtyEkrUdsAdEdLf/2dKsw=
+-----END CERTIFICATE-----
+
+// Subject: EMAILADDRESS=info@diginotar.nl,
+//          CN=DigiNotar Services 1024 CA
+//          O=DigiNotar, C=NL
+// Issuer:  CN=Entrust.net Secure Server Certification Authority,
+//          OU=(c) 1999 Entrust.net Limited,
+//          OU=www.entrust.net/CPS incorp. by ref. (limits liab.),
+//          O=Entrust.net,
+//          C=US
+// Serial:  1184640176 (46:9c:2c:b0)
+-----BEGIN CERTIFICATE-----
+MIIDzTCCAzagAwIBAgIERpwssDANBgkqhkiG9w0BAQUFADCBwzELMAkGA1UEBhMC
+VVMxFDASBgNVBAoTC0VudHJ1c3QubmV0MTswOQYDVQQLEzJ3d3cuZW50cnVzdC5u
+ZXQvQ1BTIGluY29ycC4gYnkgcmVmLiAobGltaXRzIGxpYWIuKTElMCMGA1UECxMc
+KGMpIDE5OTkgRW50cnVzdC5uZXQgTGltaXRlZDE6MDgGA1UEAxMxRW50cnVzdC5u
+ZXQgU2VjdXJlIFNlcnZlciBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eTAeFw0wNzA3
+MjYxNTU5MDBaFw0xMzA4MjYxNjI5MDBaMGgxCzAJBgNVBAYTAk5MMRIwEAYDVQQK
+EwlEaWdpTm90YXIxIzAhBgNVBAMTGkRpZ2lOb3RhciBTZXJ2aWNlcyAxMDI0IENB
+MSAwHgYJKoZIhvcNAQkBFhFpbmZvQGRpZ2lub3Rhci5ubDCBnzANBgkqhkiG9w0B
+AQEFAAOBjQAwgYkCgYEA2ptNXTz50eKLxsYIIMXZHkjsZlhneWIrQWP0iY1o2q+4
+lDaLGSSkoJPSmQ+yrS01Tc0vauH5mxkrvAQafi09UmTN8T5nD4ku6PJPrqYIoYX+
+oakJ5sarPkP8r3oDkdqmOaZh7phPGKjTs69mgumfvN1y+QYEvRLZGCTnq5NTi1kC
+AwEAAaOCASYwggEiMBIGA1UdEwEB/wQIMAYBAf8CAQAwJwYDVR0lBCAwHgYIKwYB
+BQUHAwEGCCsGAQUFBwMCBggrBgEFBQcDBDARBgNVHSAECjAIMAYGBFUdIAAwMwYI
+KwYBBQUHAQEEJzAlMCMGCCsGAQUFBzABhhdodHRwOi8vb2NzcC5lbnRydXN0Lm5l
+dDAzBgNVHR8ELDAqMCigJqAkhiJodHRwOi8vY3JsLmVudHJ1c3QubmV0L3NlcnZl
+cjEuY3JsMB0GA1UdDgQWBBT+3JRJDG/vXH/G8RKZTxZJrfuCZTALBgNVHQ8EBAMC
+AQYwHwYDVR0jBBgwFoAU8BdiE1U9s/8KAGv7UISX8+1i0BowGQYJKoZIhvZ9B0EA
+BAwwChsEVjcuMQMCAIEwDQYJKoZIhvcNAQEFBQADgYEAY3RqN6k/lpxmyFisCcnv
+9WWUf6MCxDgxvV0jh+zUVrLJsm7kBQb87PX6iHBZ1O7m3bV6oKNgLwIMq94SXa/w
+NUuqikeRGvWFLELHHe+VQ7NeuJWTpdrFKKqtci0xrZlrbP+MISevrZqRK8fdWMNu
+B8WfedLHjFW/TMcnXlEWKz4=
+-----END CERTIFICATE-----
+
+// Subject: CN=Buster Paper Comercial Ltda,
+//          O=Buster Paper Comercial Ltda,
+//          L=S?o Jos? Dos Campos,
+//          ST=S?o Paulo,
+//          C=BR
+// Issuer:  CN=DigiCert Assured ID Code Signing CA-1,
+//          OU=www.digicert.com,
+//          O=DigiCert Inc,
+//          C=US
+// Serial:  07:b4:4c:db:ff:fb:78:de:05:f4:26:16:72:a6:73:12
+-----BEGIN CERTIFICATE-----
+MIIGwzCCBaugAwIBAgIQB7RM2//7eN4F9CYWcqZzEjANBgkqhkiG9w0BAQUFADBv
+MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3
+d3cuZGlnaWNlcnQuY29tMS4wLAYDVQQDEyVEaWdpQ2VydCBBc3N1cmVkIElEIENv
+ZGUgU2lnbmluZyBDQS0xMB4XDTEzMDExNzAwMDAwMFoXDTE0MDEyMjEyMDAwMFow
+gY4xCzAJBgNVBAYTAkJSMRMwEQYDVQQIDApTw6NvIFBhdWxvMR4wHAYDVQQHDBVT
+w6NvIEpvc8OpIERvcyBDYW1wb3MxJDAiBgNVBAoTG0J1c3RlciBQYXBlciBDb21l
+cmNpYWwgTHRkYTEkMCIGA1UEAxMbQnVzdGVyIFBhcGVyIENvbWVyY2lhbCBMdGRh
+MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzO0l6jWIpEfO2oUpVHpL
+HETj5lzivNb0S9jKHgGJax917czh81PnGTxwxFXd6gLJuy/XFHvmiSi8g8jzlymn
+2Ji5zQ3CPaz7nomJokSUDlMVJ2qYWtctw4jrdjuI4qtn+koXXUFkWjkf8h8251I4
+tUs7S49HE2Go5owCYP3byajj7fsFAYR/Xb7TdVtndkZsUB/YgOjHovyACjouaNCi
+mDiRyQ6zLLjZGiyeD65Yiseuhp5b8/BL5h1p7w76QYMYMVQNAdtDKut2R8MBpuWf
+Ny7Eoi0x/gm1p9X5Rcl5aN7K0G4UtTAJKbkuUfXddsyFoM0Nx8uo8SgNQ8Y/X5Jx
+BwIDAQABo4IDOTCCAzUwHwYDVR0jBBgwFoAUe2jOKarAF75JeuHlP9an90WPNTIw
+HQYDVR0OBBYEFFLZ3n5nt/Eer7n1bvtOqMb1qKO5MA4GA1UdDwEB/wQEAwIHgDAT
+BgNVHSUEDDAKBggrBgEFBQcDAzBzBgNVHR8EbDBqMDOgMaAvhi1odHRwOi8vY3Js
+My5kaWdpY2VydC5jb20vYXNzdXJlZC1jcy0yMDExYS5jcmwwM6AxoC+GLWh0dHA6
+Ly9jcmw0LmRpZ2ljZXJ0LmNvbS9hc3N1cmVkLWNzLTIwMTFhLmNybDCCAcQGA1Ud
+IASCAbswggG3MIIBswYJYIZIAYb9bAMBMIIBpDA6BggrBgEFBQcCARYuaHR0cDov
+L3d3dy5kaWdpY2VydC5jb20vc3NsLWNwcy1yZXBvc2l0b3J5Lmh0bTCCAWQGCCsG
+AQUFBwICMIIBVh6CAVIAQQBuAHkAIAB1AHMAZQAgAG8AZgAgAHQAaABpAHMAIABD
+AGUAcgB0AGkAZgBpAGMAYQB0AGUAIABjAG8AbgBzAHQAaQB0AHUAdABlAHMAIABh
+AGMAYwBlAHAAdABhAG4AYwBlACAAbwBmACAAdABoAGUAIABEAGkAZwBpAEMAZQBy
+AHQAIABDAFAALwBDAFAAUwAgAGEAbgBkACAAdABoAGUAIABSAGUAbAB5AGkAbgBn
+ACAAUABhAHIAdAB5ACAAQQBnAHIAZQBlAG0AZQBuAHQAIAB3AGgAaQBjAGgAIABs
+AGkAbQBpAHQAIABsAGkAYQBiAGkAbABpAHQAeQAgAGEAbgBkACAAYQByAGUAIABp
+AG4AYwBvAHIAcABvAHIAYQB0AGUAZAAgAGgAZQByAGUAaQBuACAAYgB5ACAAcgBl
+AGYAZQByAGUAbgBjAGUALjCBggYIKwYBBQUHAQEEdjB0MCQGCCsGAQUFBzABhhho
+dHRwOi8vb2NzcC5kaWdpY2VydC5jb20wTAYIKwYBBQUHMAKGQGh0dHA6Ly9jYWNl
+cnRzLmRpZ2ljZXJ0LmNvbS9EaWdpQ2VydEFzc3VyZWRJRENvZGVTaWduaW5nQ0Et
+MS5jcnQwDAYDVR0TAQH/BAIwADANBgkqhkiG9w0BAQUFAAOCAQEAPTTQvpOIikXI
+hTLnNbajaFRR5GhQpTzUNgBfF9VYSlNw/wMjpGsrh5RxaJCip52jbehmTgjMRhft
+jRYyml44PAVsCcR9uEoDpCZYpI1fHI1R+F8jd1C9rqprbSwwOG4xlg4SmvTHYs6e
+gBItQ/1p9XY+Sf4Wv1qOuOFL1qvV/5VyR2zdlOQCmKCeMgxt6a/tHLBDiAA67D44
+/vfdoNJl0CU2It0PO60jdCPFNWIRcxL+OSDqAoePeUC7xQ+JsTEIxuUE8+d6w6fc
+BV2mYb1flh22t46GLjh4gyo7xw3aL6L0L0jzlTT6IcEw6NIbaPbIKj/npQnHobYj
+XMuKLxbh7g==
+-----END CERTIFICATE-----
+
+// Subject: CN=BUSTER ASSISTENCIA TECNICA ELETRONICA LTDA - ME,
+//          O=BUSTER ASSISTENCIA TECNICA ELETRONICA LTDA - ME,
+//          L=S?o Paulo,
+//          ST=S?o Paulo,
+//          C=BR
+// Issuer:  CN=DigiCert Assured ID Code Signing CA-1,
+//          OU=www.digicert.com,
+//          O=DigiCert Inc,
+//          C=US
+// Serial:  0a:38:9b:95:ee:73:6d:d1:3b:c0:ed:74:3f:d7:4d:2f
+-----BEGIN CERTIFICATE-----
+MIIG4DCCBcigAwIBAgIQCjible5zbdE7wO10P9dNLzANBgkqhkiG9w0BAQUFADBv
+MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3
+d3cuZGlnaWNlcnQuY29tMS4wLAYDVQQDEyVEaWdpQ2VydCBBc3N1cmVkIElEIENv
+ZGUgU2lnbmluZyBDQS0xMB4XDTEyMTEwOTAwMDAwMFoXDTEzMTExNDEyMDAwMFow
+gasxCzAJBgNVBAYTAkJSMRMwEQYDVQQIDApTw6NvIFBhdWxvMRMwEQYDVQQHDApT
+w6NvIFBhdWxvMTgwNgYDVQQKEy9CVVNURVIgQVNTSVNURU5DSUEgVEVDTklDQSBF
+TEVUUk9OSUNBIExUREEgLSBNRTE4MDYGA1UEAxMvQlVTVEVSIEFTU0lTVEVOQ0lB
+IFRFQ05JQ0EgRUxFVFJPTklDQSBMVERBIC0gTUUwggEiMA0GCSqGSIb3DQEBAQUA
+A4IBDwAwggEKAoIBAQDAqNeEs5/B2CTXGjTOkUIdu6jV6qulOZwdw4sefHWYj1UR
+4z6zPk9kjpUgbnb402RFq88QtfInwddZ/wXn9OxMtDd/3TnC7HrhNS7ga79ZFL2V
+JnmzKHum2Yvh0q82QEJ9tHBR2X9VdKpUIH08Zs3k6cWWM1H0YX0cxA/HohhesQJW
+kwJ3urOIJiH/HeByDk8a1NS8safcCxk5vxvW4WvCg43iT09LeHY5Aa8abKw8lqVb
+0tD5ZSIjdmdj3TT1U37iAHLLRM2DXbxfdbhouUX1c5U1ZHAMA67HwjKiseOiDaHj
+NUGbC37C+cgbc9VVM/cURD8WvS0Kj6fQv7F2QtJDAgMBAAGjggM5MIIDNTAfBgNV
+HSMEGDAWgBR7aM4pqsAXvkl64eU/1qf3RY81MjAdBgNVHQ4EFgQU88EXKAyDsh30
+o9+Gu9a4xUy+FSMwDgYDVR0PAQH/BAQDAgeAMBMGA1UdJQQMMAoGCCsGAQUFBwMD
+MHMGA1UdHwRsMGowM6AxoC+GLWh0dHA6Ly9jcmwzLmRpZ2ljZXJ0LmNvbS9hc3N1
+cmVkLWNzLTIwMTFhLmNybDAzoDGgL4YtaHR0cDovL2NybDQuZGlnaWNlcnQuY29t
+L2Fzc3VyZWQtY3MtMjAxMWEuY3JsMIIBxAYDVR0gBIIBuzCCAbcwggGzBglghkgB
+hv1sAwEwggGkMDoGCCsGAQUFBwIBFi5odHRwOi8vd3d3LmRpZ2ljZXJ0LmNvbS9z
+c2wtY3BzLXJlcG9zaXRvcnkuaHRtMIIBZAYIKwYBBQUHAgIwggFWHoIBUgBBAG4A
+eQAgAHUAcwBlACAAbwBmACAAdABoAGkAcwAgAEMAZQByAHQAaQBmAGkAYwBhAHQA
+ZQAgAGMAbwBuAHMAdABpAHQAdQB0AGUAcwAgAGEAYwBjAGUAcAB0AGEAbgBjAGUA
+IABvAGYAIAB0AGgAZQAgAEQAaQBnAGkAQwBlAHIAdAAgAEMAUAAvAEMAUABTACAA
+YQBuAGQAIAB0AGgAZQAgAFIAZQBsAHkAaQBuAGcAIABQAGEAcgB0AHkAIABBAGcA
+cgBlAGUAbQBlAG4AdAAgAHcAaABpAGMAaAAgAGwAaQBtAGkAdAAgAGwAaQBhAGIA
+aQBsAGkAdAB5ACAAYQBuAGQAIABhAHIAZQAgAGkAbgBjAG8AcgBwAG8AcgBhAHQA
+ZQBkACAAaABlAHIAZQBpAG4AIABiAHkAIAByAGUAZgBlAHIAZQBuAGMAZQAuMIGC
+BggrBgEFBQcBAQR2MHQwJAYIKwYBBQUHMAGGGGh0dHA6Ly9vY3NwLmRpZ2ljZXJ0
+LmNvbTBMBggrBgEFBQcwAoZAaHR0cDovL2NhY2VydHMuZGlnaWNlcnQuY29tL0Rp
+Z2lDZXJ0QXNzdXJlZElEQ29kZVNpZ25pbmdDQS0xLmNydDAMBgNVHRMBAf8EAjAA
+MA0GCSqGSIb3DQEBBQUAA4IBAQAei1QmiXepje8OIfo/WonD4MIXgpPr2dfRaquQ
+A8q63OpTRSveyqdQDCSPpDRF/nvO1Y30yksZvIH1tNBsW5LBdxAKN3lFdBlqBwtE
+Q3jHc0KVVYRJ0FBaGE/PJHmRajscdAhYIcMPhTga0u0tDK+wOHEq3993dfl6yHjA
+XHU2iW5pnk75ZoE39zALD5eKXT8ZXrET5c3XUFJKWA+XuGmdmyzqo0Au49PanBv9
+UlZnabYfqoMArqMS0tGSX4cGgi9/2E+pHG9BX4sFW+ZDumroOA2pxyMWEKjxePEL
+zCOfhbsRWdMLYepauaNZOIMZXmFwcrIl0TGMkTAtATz+XmZc
+-----END CERTIFICATE-----
+
+// Subject: CN=CLEARESULT CONSULTING INC., OU=Corporate IT,
+//          O=CLEARESULT CONSULTING INC., L=Austin, ST=TX, C=US
+// Issuer:  SERIALNUMBER=07969287,
+//          CN=Go Daddy Secure Certification Authority,
+//          OU=http://certificates.godaddy.com/repository,
+//          O="GoDaddy.com, Inc.",
+//          L=Scottsdale,
+//          ST=Arizona,
+//          C=US
+// Serial:  2b:73:43:2a:a8:4f:44
+-----BEGIN CERTIFICATE-----
+MIIFYjCCBEqgAwIBAgIHK3NDKqhPRDANBgkqhkiG9w0BAQUFADCByjELMAkGA1UE
+BhMCVVMxEDAOBgNVBAgTB0FyaXpvbmExEzARBgNVBAcTClNjb3R0c2RhbGUxGjAY
+BgNVBAoTEUdvRGFkZHkuY29tLCBJbmMuMTMwMQYDVQQLEypodHRwOi8vY2VydGlm
+aWNhdGVzLmdvZGFkZHkuY29tL3JlcG9zaXRvcnkxMDAuBgNVBAMTJ0dvIERhZGR5
+IFNlY3VyZSBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eTERMA8GA1UEBRMIMDc5Njky
+ODcwHhcNMTIwMjE1MjEwOTA2WhcNMTQwMjE1MjEwOTA2WjCBjDELMAkGA1UEBgwC
+VVMxCzAJBgNVBAgMAlRYMQ8wDQYDVQQHDAZBdXN0aW4xIzAhBgNVBAoMGkNMRUFS
+RVNVTFQgQ09OU1VMVElORyBJTkMuMRUwEwYDVQQLDAxDb3Jwb3JhdGUgSVQxIzAh
+BgNVBAMMGkNMRUFSRVNVTFQgQ09OU1VMVElORyBJTkMuMIIBIjANBgkqhkiG9w0B
+AQEFAAOCAQ8AMIIBCgKCAQEAtIOjCKeAicull+7ZIzt0/4ya3IeXUFlfypqKMLkU
+IbKjn0P5uMj6VE3rlbZr44RCegxvdnR6umBh1c0ZXoN3o+yc0JKcKcLiApmJJ277
+p7IbLwYDhBXRQNoIJm187IOMRPIxsKN4hL91txn9jGBmW+9zKlJlNhR5R7vjwU2E
+jrH/6oqsc9EM2yYpfjlNv6+3jSwAYZCkSWr+27PQOV+YHKmIxtJjX0upFz5FdIrV
+9CCX+L2Kji1THOkSgG4QTbYxmEcHqGViWz8hXLeNXjcbEsPuIiAu3hknxRHfUTE/
+U0Lh0Ug1e3LrJu+WnxM2SmUY4krsZ22c0yWUW9hzWITIjQIDAQABo4IBhzCCAYMw
+DwYDVR0TAQH/BAUwAwEBADATBgNVHSUEDDAKBggrBgEFBQcDAzAOBgNVHQ8BAf8E
+BAMCB4AwMwYDVR0fBCwwKjAooCagJIYiaHR0cDovL2NybC5nb2RhZGR5LmNvbS9n
+ZHM1LTE2LmNybDBTBgNVHSAETDBKMEgGC2CGSAGG/W0BBxcCMDkwNwYIKwYBBQUH
+AgEWK2h0dHA6Ly9jZXJ0aWZpY2F0ZXMuZ29kYWRkeS5jb20vcmVwb3NpdG9yeS8w
+gYAGCCsGAQUFBwEBBHQwcjAkBggrBgEFBQcwAYYYaHR0cDovL29jc3AuZ29kYWRk
+eS5jb20vMEoGCCsGAQUFBzAChj5odHRwOi8vY2VydGlmaWNhdGVzLmdvZGFkZHku
+Y29tL3JlcG9zaXRvcnkvZ2RfaW50ZXJtZWRpYXRlLmNydDAfBgNVHSMEGDAWgBT9
+rGEyk2xF1uLuhV+auud2mWjM5zAdBgNVHQ4EFgQUDtdeKqeN2QkcbEp1HovFieNB
+XiowDQYJKoZIhvcNAQEFBQADggEBAD74Agw5tvi2aBl4/f/s7/VE/BClzDsKMb9K
+v9qpeC45ZA/jelxV11HKbQnVF194gDb7D2H9OsAsRUy8HVKbXEcc/8dKvwOqb+BC
+2i/EmfjLgmCfezNFtLq8xcPxF3zIRc44vPrK0z4YZsaHdH+yTEJ51p5EMdTqaLaP
+4n5m8LX3RfqlQB9dYFe6dUoYZjKm9d/pIRww3VqfOzjl42Edi1w6dWmBVMx1NZuR
+DBabJH1vJ9Gd+KwxMCmBZ6pQPl28JDimhJhI2LNqU349uADQVV0HJosddN/ARyyI
+LSIQO7BnNVKVG9Iujf33bvPNeg0qNz5qw+rKKq97Pqeum+L5oKU=
+-----END CERTIFICATE-----
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/make/gendata/GendataBlacklistedCerts.gmk	Wed Jul 16 15:12:24 2014 -0700
@@ -0,0 +1,36 @@
+#
+# Copyright (c) 2014, Oracle and/or its affiliates. All rights reserved.
+# DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
+#
+# This code is free software; you can redistribute it and/or modify it
+# under the terms of the GNU General Public License version 2 only, as
+# published by the Free Software Foundation.  Oracle designates this
+# particular file as subject to the "Classpath" exception as provided
+# by Oracle in the LICENSE file that accompanied this code.
+#
+# This code is distributed in the hope that it will be useful, but WITHOUT
+# ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
+# FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
+# version 2 for more details (a copy is included in the LICENSE file that
+# accompanied this code).
+#
+# You should have received a copy of the GNU General Public License version
+# 2 along with this work; if not, write to the Free Software Foundation,
+# Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+#
+# Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
+# or visit www.oracle.com if you need additional information or have any
+# questions.
+#
+
+GENDATA_BLACKLISTED_CERTS_SRC := $(JDK_TOPDIR)/make/data/blacklistedcertsconverter/blacklisted.certs.pem
+GENDATA_BLACKLISTED_CERTS := $(JDK_OUTPUTDIR)/lib/security/blacklisted.certs
+
+ifndef OPENJDK
+	GENDATA_BLACKLISTED_CERTS_SRC += $(wildcard $(JDK_TOPDIR)/make/closed/data/blacklistedcertsconverter/blacklisted.certs.pem)
+endif
+ 
+$(GENDATA_BLACKLISTED_CERTS): $(BUILD_TOOLS) $(GENDATA_BLACKLISTED_CERTS_SRC)
+	$(ECHO) "Generating blacklisted certs"
+	$(MKDIR) -p $(@D)
+	($(CAT) $(GENDATA_BLACKLISTED_CERTS_SRC) | $(TOOL_BLACKLISTED_CERTS) > $@) || exit 1
--- a/make/mapfiles/libsunec/mapfile-vers	Wed Jul 16 16:02:51 2014 +0400
+++ b/make/mapfiles/libsunec/mapfile-vers	Wed Jul 16 15:12:24 2014 -0700
@@ -28,10 +28,9 @@
 SUNWprivate_1.1 {
         global:
                 Java_sun_security_ec_ECKeyPairGenerator_generateECKeyPair;
-                Java_sun_security_ec_ECKeyPairGenerator_getEncodedBytes;
-		Java_sun_security_ec_ECDSASignature_signDigest;
-		Java_sun_security_ec_ECDSASignature_verifySignedDigest;
-		Java_sun_security_ec_ECDHKeyAgreement_deriveKey;
+                Java_sun_security_ec_ECDSASignature_signDigest;
+                Java_sun_security_ec_ECDSASignature_verifySignedDigest;
+                Java_sun_security_ec_ECDHKeyAgreement_deriveKey;
         local:
                 *;
 };
--- a/make/profile-includes.txt	Wed Jul 16 16:02:51 2014 +0400
+++ b/make/profile-includes.txt	Wed Jul 16 15:12:24 2014 -0700
@@ -71,6 +71,7 @@
     rt.jar \
     security/US_export_policy.jar \
     security/blacklist \
+    security/blacklisted.certs \
     security/cacerts \
     security/java.policy \
     security/java.security \
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/make/src/classes/build/tools/blacklistedcertsconverter/BlacklistedCertsConverter.java	Wed Jul 16 15:12:24 2014 -0700
@@ -0,0 +1,111 @@
+/*
+ * Copyright (c) 2013, Oracle and/or its affiliates. All rights reserved.
+ * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
+ *
+ * This code is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License version 2 only, as
+ * published by the Free Software Foundation.
+ *
+ * This code is distributed in the hope that it will be useful, but WITHOUT
+ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
+ * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
+ * version 2 for more details (a copy is included in the LICENSE file that
+ * accompanied this code).
+ *
+ * You should have received a copy of the GNU General Public License version
+ * 2 along with this work; if not, write to the Free Software Foundation,
+ * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+ *
+ * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
+ * or visit www.oracle.com if you need additional information or have any
+ * questions.
+ */
+
+package build.tools.blacklistedcertsconverter;
+
+import java.security.MessageDigest;
+import java.security.cert.Certificate;
+import java.security.cert.CertificateFactory;
+import java.security.cert.X509Certificate;
+import java.util.Collection;
+import java.util.Set;
+import java.util.TreeSet;
+
+
+/**
+ * Converts blacklisted.certs.pem from System.in to blacklisted.certs in
+ * System.out. The input must start with a #! line including the fingerprint
+ * algorithm. The output is sorted and unique.
+ */
+public class BlacklistedCertsConverter {
+
+    public static void main(String[] args) throws Exception {
+
+        byte[] pattern = "#! java BlacklistedCertsConverter ".getBytes();
+        String mdAlg = "";
+
+        for (int i=0; ; i++) {
+            int n = System.in.read();
+            if (n < 0) {
+                throw new Exception("Unexpected EOF");
+            }
+            if (i < pattern.length) {
+                if (n != pattern[i]) {
+                    throw new Exception("The first line must start with \""
+                            + new String(pattern) + "\"");
+                }
+            } else if (i < pattern.length + 100) {
+                if (n < 32) {
+                    break;
+                } else {
+                    mdAlg = mdAlg + String.format("%c", n);
+                }
+            }
+        }
+
+        mdAlg = mdAlg.trim();
+        System.out.println("Algorithm=" + mdAlg);
+
+        CertificateFactory cf = CertificateFactory.getInstance("X.509");
+        Collection<? extends Certificate> certs
+                = cf.generateCertificates(System.in);
+
+        // Output sorted so that it's easy to locate an entry.
+        Set<String> fingerprints = new TreeSet<>();
+        for (Certificate cert: certs) {
+            fingerprints.add(
+                    getCertificateFingerPrint(mdAlg, (X509Certificate)cert));
+        }
+
+        for (String s: fingerprints) {
+            System.out.println(s);
+        }
+    }
+
+    /**
+     * Converts a byte to hex digit and writes to the supplied buffer
+     */
+    private static void byte2hex(byte b, StringBuffer buf) {
+        char[] hexChars = { '0', '1', '2', '3', '4', '5', '6', '7', '8',
+                '9', 'A', 'B', 'C', 'D', 'E', 'F' };
+        int high = ((b & 0xf0) >> 4);
+        int low = (b & 0x0f);
+        buf.append(hexChars[high]);
+        buf.append(hexChars[low]);
+    }
+
+    /**
+     * Gets the requested finger print of the certificate.
+     */
+    private static String getCertificateFingerPrint(
+            String mdAlg, X509Certificate cert) throws Exception {
+        byte[] encCertInfo = cert.getEncoded();
+        MessageDigest md = MessageDigest.getInstance(mdAlg);
+        byte[] digest = md.digest(encCertInfo);
+        StringBuffer buf = new StringBuffer();
+        for (int i = 0; i < digest.length; i++) {
+            byte2hex(digest[i], buf);
+        }
+        return buf.toString();
+    }
+}
--- a/src/share/classes/com/sun/crypto/provider/JceKeyStore.java	Wed Jul 16 16:02:51 2014 +0400
+++ b/src/share/classes/com/sun/crypto/provider/JceKeyStore.java	Wed Jul 16 15:12:24 2014 -0700
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 1998, 2011, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 1998, 2014, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -107,7 +107,7 @@
     {
         Key key = null;
 
-        Object entry = entries.get(alias.toLowerCase());
+        Object entry = entries.get(alias.toLowerCase(Locale.ENGLISH));
 
         if (!((entry instanceof PrivateKeyEntry) ||
               (entry instanceof SecretKeyEntry))) {
@@ -150,7 +150,7 @@
     {
         Certificate[] chain = null;
 
-        Object entry = entries.get(alias.toLowerCase());
+        Object entry = entries.get(alias.toLowerCase(Locale.ENGLISH));
 
         if ((entry instanceof PrivateKeyEntry)
             && (((PrivateKeyEntry)entry).chain != null)) {
@@ -178,7 +178,7 @@
     public Certificate engineGetCertificate(String alias) {
         Certificate cert = null;
 
-        Object entry = entries.get(alias.toLowerCase());
+        Object entry = entries.get(alias.toLowerCase(Locale.ENGLISH));
 
         if (entry != null) {
             if (entry instanceof TrustedCertEntry) {
@@ -203,7 +203,7 @@
     public Date engineGetCreationDate(String alias) {
         Date date = null;
 
-        Object entry = entries.get(alias.toLowerCase());
+        Object entry = entries.get(alias.toLowerCase(Locale.ENGLISH));
 
         if (entry != null) {
             // We have to create a new instance of java.util.Date because
@@ -266,7 +266,7 @@
                     }
 
                     // store the entry
-                    entries.put(alias.toLowerCase(), entry);
+                    entries.put(alias.toLowerCase(Locale.ENGLISH), entry);
 
                 } else {
                     SecretKeyEntry entry = new SecretKeyEntry();
@@ -274,7 +274,7 @@
 
                     // seal and store the key
                     entry.sealedKey = keyProtector.seal(key);
-                    entries.put(alias.toLowerCase(), entry);
+                    entries.put(alias.toLowerCase(Locale.ENGLISH), entry);
                 }
 
             } catch (Exception e) {
@@ -322,7 +322,7 @@
                 entry.chain = null;
             }
 
-            entries.put(alias.toLowerCase(), entry);
+            entries.put(alias.toLowerCase(Locale.ENGLISH), entry);
         }
     }
 
@@ -345,7 +345,7 @@
     {
         synchronized(entries) {
 
-            Object entry = entries.get(alias.toLowerCase());
+            Object entry = entries.get(alias.toLowerCase(Locale.ENGLISH));
             if (entry != null) {
                 if (entry instanceof PrivateKeyEntry) {
                     throw new KeyStoreException("Cannot overwrite own "
@@ -358,7 +358,7 @@
             TrustedCertEntry trustedCertEntry = new TrustedCertEntry();
             trustedCertEntry.cert = cert;
             trustedCertEntry.date = new Date();
-            entries.put(alias.toLowerCase(), trustedCertEntry);
+            entries.put(alias.toLowerCase(Locale.ENGLISH), trustedCertEntry);
         }
     }
 
@@ -373,7 +373,7 @@
         throws KeyStoreException
     {
         synchronized(entries) {
-            entries.remove(alias.toLowerCase());
+            entries.remove(alias.toLowerCase(Locale.ENGLISH));
         }
     }
 
@@ -394,7 +394,7 @@
      * @return true if the alias exists, false otherwise
      */
     public boolean engineContainsAlias(String alias) {
-        return entries.containsKey(alias.toLowerCase());
+        return entries.containsKey(alias.toLowerCase(Locale.ENGLISH));
     }
 
     /**
@@ -416,7 +416,7 @@
     public boolean engineIsKeyEntry(String alias) {
         boolean isKey = false;
 
-        Object entry = entries.get(alias.toLowerCase());
+        Object entry = entries.get(alias.toLowerCase(Locale.ENGLISH));
         if ((entry instanceof PrivateKeyEntry)
             || (entry instanceof SecretKeyEntry)) {
             isKey = true;
@@ -434,7 +434,7 @@
      */
     public boolean engineIsCertificateEntry(String alias) {
         boolean isCert = false;
-        Object entry = entries.get(alias.toLowerCase());
+        Object entry = entries.get(alias.toLowerCase(Locale.ENGLISH));
         if (entry instanceof TrustedCertEntry) {
             isCert = true;
         }
--- a/src/share/classes/com/sun/crypto/provider/PBEKey.java	Wed Jul 16 16:02:51 2014 +0400
+++ b/src/share/classes/com/sun/crypto/provider/PBEKey.java	Wed Jul 16 15:12:24 2014 -0700
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 1997, 2012, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 1997, 2014, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -27,6 +27,7 @@
 
 import java.security.KeyRep;
 import java.security.spec.InvalidKeySpecException;
+import java.util.Locale;
 import javax.crypto.SecretKey;
 import javax.crypto.spec.PBEKeySpec;
 
@@ -91,7 +92,7 @@
         for (int i = 1; i < this.key.length; i++) {
             retval += this.key[i] * i;
         }
-        return(retval ^= getAlgorithm().toLowerCase().hashCode());
+        return(retval ^= getAlgorithm().toLowerCase(Locale.ENGLISH).hashCode());
     }
 
     public boolean equals(Object obj) {
--- a/src/share/classes/com/sun/crypto/provider/PBEKeyFactory.java	Wed Jul 16 16:02:51 2014 +0400
+++ b/src/share/classes/com/sun/crypto/provider/PBEKeyFactory.java	Wed Jul 16 15:12:24 2014 -0700
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 1997, 2012, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 1997, 2014, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -32,6 +32,7 @@
 import javax.crypto.SecretKeyFactorySpi;
 import javax.crypto.spec.PBEKeySpec;
 import java.util.HashSet;
+import java.util.Locale;
 
 /**
  * This class implements a key factory for PBE keys according to PKCS#5,
@@ -56,24 +57,24 @@
 
     static {
         validTypes = new HashSet<String>(17);
-        validTypes.add("PBEWithMD5AndDES".toUpperCase());
-        validTypes.add("PBEWithSHA1AndDESede".toUpperCase());
-        validTypes.add("PBEWithSHA1AndRC2_40".toUpperCase());
-        validTypes.add("PBEWithSHA1AndRC2_128".toUpperCase());
-        validTypes.add("PBEWithSHA1AndRC4_40".toUpperCase());
-        validTypes.add("PBEWithSHA1AndRC4_128".toUpperCase());
+        validTypes.add("PBEWithMD5AndDES".toUpperCase(Locale.ENGLISH));
+        validTypes.add("PBEWithSHA1AndDESede".toUpperCase(Locale.ENGLISH));
+        validTypes.add("PBEWithSHA1AndRC2_40".toUpperCase(Locale.ENGLISH));
+        validTypes.add("PBEWithSHA1AndRC2_128".toUpperCase(Locale.ENGLISH));
+        validTypes.add("PBEWithSHA1AndRC4_40".toUpperCase(Locale.ENGLISH));
+        validTypes.add("PBEWithSHA1AndRC4_128".toUpperCase(Locale.ENGLISH));
         // Proprietary algorithm.
-        validTypes.add("PBEWithMD5AndTripleDES".toUpperCase());
-        validTypes.add("PBEWithHmacSHA1AndAES_128".toUpperCase());
-        validTypes.add("PBEWithHmacSHA224AndAES_128".toUpperCase());
-        validTypes.add("PBEWithHmacSHA256AndAES_128".toUpperCase());
-        validTypes.add("PBEWithHmacSHA384AndAES_128".toUpperCase());
-        validTypes.add("PBEWithHmacSHA512AndAES_128".toUpperCase());
-        validTypes.add("PBEWithHmacSHA1AndAES_256".toUpperCase());
-        validTypes.add("PBEWithHmacSHA224AndAES_256".toUpperCase());
-        validTypes.add("PBEWithHmacSHA256AndAES_256".toUpperCase());
-        validTypes.add("PBEWithHmacSHA384AndAES_256".toUpperCase());
-        validTypes.add("PBEWithHmacSHA512AndAES_256".toUpperCase());
+        validTypes.add("PBEWithMD5AndTripleDES".toUpperCase(Locale.ENGLISH));
+        validTypes.add("PBEWithHmacSHA1AndAES_128".toUpperCase(Locale.ENGLISH));
+        validTypes.add("PBEWithHmacSHA224AndAES_128".toUpperCase(Locale.ENGLISH));
+        validTypes.add("PBEWithHmacSHA256AndAES_128".toUpperCase(Locale.ENGLISH));
+        validTypes.add("PBEWithHmacSHA384AndAES_128".toUpperCase(Locale.ENGLISH));
+        validTypes.add("PBEWithHmacSHA512AndAES_128".toUpperCase(Locale.ENGLISH));
+        validTypes.add("PBEWithHmacSHA1AndAES_256".toUpperCase(Locale.ENGLISH));
+        validTypes.add("PBEWithHmacSHA224AndAES_256".toUpperCase(Locale.ENGLISH));
+        validTypes.add("PBEWithHmacSHA256AndAES_256".toUpperCase(Locale.ENGLISH));
+        validTypes.add("PBEWithHmacSHA384AndAES_256".toUpperCase(Locale.ENGLISH));
+        validTypes.add("PBEWithHmacSHA512AndAES_256".toUpperCase(Locale.ENGLISH));
     }
 
     public static final class PBEWithMD5AndDES
@@ -237,7 +238,7 @@
     protected KeySpec engineGetKeySpec(SecretKey key, Class<?> keySpecCl)
         throws InvalidKeySpecException {
         if ((key instanceof SecretKey)
-            && (validTypes.contains(key.getAlgorithm().toUpperCase()))
+            && (validTypes.contains(key.getAlgorithm().toUpperCase(Locale.ENGLISH)))
             && (key.getFormat().equalsIgnoreCase("RAW"))) {
 
             // Check if requested key spec is amongst the valid ones
@@ -279,7 +280,7 @@
     {
         try {
             if ((key != null) &&
-                (validTypes.contains(key.getAlgorithm().toUpperCase())) &&
+                (validTypes.contains(key.getAlgorithm().toUpperCase(Locale.ENGLISH))) &&
                 (key.getFormat().equalsIgnoreCase("RAW"))) {
 
                 // Check if key originates from this factory
--- a/src/share/classes/com/sun/crypto/provider/PBKDF2KeyImpl.java	Wed Jul 16 16:02:51 2014 +0400
+++ b/src/share/classes/com/sun/crypto/provider/PBKDF2KeyImpl.java	Wed Jul 16 15:12:24 2014 -0700
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2005, 2013, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2005, 2014, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -30,6 +30,7 @@
 import java.nio.CharBuffer;
 import java.nio.charset.Charset;
 import java.util.Arrays;
+import java.util.Locale;
 import java.security.KeyRep;
 import java.security.GeneralSecurityException;
 import java.security.NoSuchAlgorithmException;
@@ -143,7 +144,7 @@
                 @Override
                 public int hashCode() {
                     return Arrays.hashCode(password) * 41 +
-                            prf.getAlgorithm().toLowerCase().hashCode();
+                      prf.getAlgorithm().toLowerCase(Locale.ENGLISH).hashCode();
                 }
                 @Override
                 public boolean equals(Object obj) {
@@ -221,7 +222,7 @@
         for (int i = 1; i < this.key.length; i++) {
             retval += this.key[i] * i;
         }
-        return(retval ^= getAlgorithm().toLowerCase().hashCode());
+        return(retval ^= getAlgorithm().toLowerCase(Locale.ENGLISH).hashCode());
     }
 
     public boolean equals(Object obj) {
--- a/src/share/classes/com/sun/jmx/remote/security/SubjectDelegator.java	Wed Jul 16 16:02:51 2014 +0400
+++ b/src/share/classes/com/sun/jmx/remote/security/SubjectDelegator.java	Wed Jul 16 15:12:24 2014 -0700
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2003, 2006, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2003, 2014, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -34,22 +34,14 @@
 
 import javax.management.remote.SubjectDelegationPermission;
 
-import com.sun.jmx.remote.util.CacheMap;
-import java.util.ArrayList;
-import java.util.Collection;
+import java.util.*;
 
 public class SubjectDelegator {
-    private static final int PRINCIPALS_CACHE_SIZE = 10;
-    private static final int ACC_CACHE_SIZE = 10;
-
-    private CacheMap<Subject, Principal[]> principalsCache;
-    private CacheMap<Subject, AccessControlContext> accCache;
-
     /* Return the AccessControlContext appropriate to execute an
        operation on behalf of the delegatedSubject.  If the
        authenticatedAccessControlContext does not have permission to
        delegate to that subject, throw SecurityException.  */
-    public synchronized AccessControlContext
+    public AccessControlContext
         delegatedContext(AccessControlContext authenticatedACC,
                          Subject delegatedSubject,
                          boolean removeCallerContext)
@@ -58,56 +50,14 @@
         if (System.getSecurityManager() != null && authenticatedACC == null) {
             throw new SecurityException("Illegal AccessControlContext: null");
         }
-        if (principalsCache == null || accCache == null) {
-            principalsCache =
-                    new CacheMap<>(PRINCIPALS_CACHE_SIZE);
-            accCache =
-                    new CacheMap<>(ACC_CACHE_SIZE);
-        }
-
-        // Retrieve the principals for the given
-        // delegated subject from the cache
-        //
-        Principal[] delegatedPrincipals = principalsCache.get(delegatedSubject);
-
-        // Convert the set of principals stored in the
-        // delegated subject into an array of principals
-        // and store it in the cache
-        //
-        if (delegatedPrincipals == null) {
-            delegatedPrincipals =
-                delegatedSubject.getPrincipals().toArray(new Principal[0]);
-            principalsCache.put(delegatedSubject, delegatedPrincipals);
-        }
-
-        // Retrieve the access control context for the
-        // given delegated subject from the cache
-        //
-        AccessControlContext delegatedACC = accCache.get(delegatedSubject);
-
-        // Build the access control context to be used
-        // when executing code as the delegated subject
-        // and store it in the cache
-        //
-        if (delegatedACC == null) {
-            if (removeCallerContext) {
-                delegatedACC =
-                    JMXSubjectDomainCombiner.getDomainCombinerContext(
-                                                              delegatedSubject);
-            } else {
-                delegatedACC =
-                    JMXSubjectDomainCombiner.getContext(delegatedSubject);
-            }
-            accCache.put(delegatedSubject, delegatedACC);
-        }
 
         // Check if the subject delegation permission allows the
         // authenticated subject to assume the identity of each
         // principal in the delegated subject
         //
-        final Principal[] dp = delegatedPrincipals;
-        final Collection<Permission> permissions = new ArrayList<>(dp.length);
-        for(Principal p : dp) {
+        Collection<Principal> ps = getSubjectPrincipals(delegatedSubject);
+        final Collection<Permission> permissions = new ArrayList<>(ps.size());
+        for(Principal p : ps) {
             final String pname = p.getClass().getName() + "." + p.getName();
             permissions.add(new SubjectDelegationPermission(pname));
         }
@@ -122,7 +72,15 @@
             };
         AccessController.doPrivileged(action, authenticatedACC);
 
-        return delegatedACC;
+        return getDelegatedAcc(delegatedSubject, removeCallerContext);
+    }
+
+    private AccessControlContext getDelegatedAcc(Subject delegatedSubject, boolean removeCallerContext) {
+        if (removeCallerContext) {
+            return JMXSubjectDomainCombiner.getDomainCombinerContext(delegatedSubject);
+        } else {
+            return JMXSubjectDomainCombiner.getContext(delegatedSubject);
+        }
     }
 
     /**
@@ -137,11 +95,9 @@
     public static synchronized boolean
         checkRemoveCallerContext(Subject subject) {
         try {
-            final Principal[] dp =
-                subject.getPrincipals().toArray(new Principal[0]);
-            for (int i = 0 ; i < dp.length ; i++) {
+            for (Principal p : getSubjectPrincipals(subject)) {
                 final String pname =
-                    dp[i].getClass().getName() + "." + dp[i].getName();
+                    p.getClass().getName() + "." + p.getName();
                 final Permission sdp =
                     new SubjectDelegationPermission(pname);
                 AccessController.checkPermission(sdp);
@@ -151,4 +107,19 @@
         }
         return true;
     }
+
+    /**
+     * Retrieves the {@linkplain Subject} principals
+     * @param subject The subject
+     * @return If the {@code Subject} is immutable it will return the principals directly.
+     *         If the {@code Subject} is mutable it will create an unmodifiable copy.
+     */
+    private static Collection<Principal> getSubjectPrincipals(Subject subject) {
+        if (subject.isReadOnly()) {
+            return subject.getPrincipals();
+        }
+
+        List<Principal> principals = Arrays.asList(subject.getPrincipals().toArray(new Principal[0]));
+        return Collections.unmodifiableList(principals);
+    }
 }
--- a/src/share/classes/com/sun/jmx/remote/util/CacheMap.java	Wed Jul 16 16:02:51 2014 +0400
+++ /dev/null	Thu Jan 01 00:00:00 1970 +0000
@@ -1,121 +0,0 @@
-/*
- * Copyright (c) 2003, 2006, Oracle and/or its affiliates. All rights reserved.
- * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
- *
- * This code is free software; you can redistribute it and/or modify it
- * under the terms of the GNU General Public License version 2 only, as
- * published by the Free Software Foundation.  Oracle designates this
- * particular file as subject to the "Classpath" exception as provided
- * by Oracle in the LICENSE file that accompanied this code.
- *
- * This code is distributed in the hope that it will be useful, but WITHOUT
- * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
- * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
- * version 2 for more details (a copy is included in the LICENSE file that
- * accompanied this code).
- *
- * You should have received a copy of the GNU General Public License version
- * 2 along with this work; if not, write to the Free Software Foundation,
- * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
- *
- * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
- * or visit www.oracle.com if you need additional information or have any
- * questions.
- */
-
-package com.sun.jmx.remote.util;
-
-import java.lang.ref.SoftReference;
-import java.util.Iterator;
-import java.util.LinkedList;
-import java.util.List;
-import java.util.WeakHashMap;
-
-import com.sun.jmx.mbeanserver.Util;
-
-/**
- * <p>Like WeakHashMap, except that the keys of the <em>n</em> most
- * recently-accessed entries are kept as {@link SoftReference soft
- * references}.  Accessing an element means creating it, or retrieving
- * it with {@link #get(Object) get}.  Because these entries are kept
- * with soft references, they will tend to remain even if their keys
- * are not referenced elsewhere.  But if memory is short, they will
- * be removed.</p>
- */
-public class CacheMap<K, V> extends WeakHashMap<K, V> {
-    /**
-     * <p>Create a <code>CacheMap</code> that can keep up to
-     * <code>nSoftReferences</code> as soft references.</p>
-     *
-     * @param nSoftReferences Maximum number of keys to keep as soft
-     * references.  Access times for {@link #get(Object) get} and
-     * {@link #put(Object, Object) put} have a component that scales
-     * linearly with <code>nSoftReferences</code>, so this value
-     * should not be too great.
-     *
-     * @throws IllegalArgumentException if
-     * <code>nSoftReferences</code> is negative.
-     */
-    public CacheMap(int nSoftReferences) {
-        if (nSoftReferences < 0) {
-            throw new IllegalArgumentException("nSoftReferences = " +
-                                               nSoftReferences);
-        }
-        this.nSoftReferences = nSoftReferences;
-    }
-
-    public V put(K key, V value) {
-        cache(key);
-        return super.put(key, value);
-    }
-
-    public V get(Object key) {
-        cache(Util.<K>cast(key));
-        return super.get(key);
-    }
-
-    /* We don't override remove(Object) or try to do something with
-       the map's iterators to detect removal.  So we may keep useless
-       entries in the soft reference list for keys that have since
-       been removed.  The assumption is that entries are added to the
-       cache but never removed.  But the behavior is not wrong if
-       they are in fact removed -- the caching is just less
-       performant.  */
-
-    private void cache(K key) {
-        Iterator<SoftReference<K>> it = cache.iterator();
-        while (it.hasNext()) {
-            SoftReference<K> sref = it.next();
-            K key1 = sref.get();
-            if (key1 == null)
-                it.remove();
-            else if (key.equals(key1)) {
-                // Move this element to the head of the LRU list
-                it.remove();
-                cache.add(0, sref);
-                return;
-            }
-        }
-
-        int size = cache.size();
-        if (size == nSoftReferences) {
-            if (size == 0)
-                return;  // degenerate case, equivalent to WeakHashMap
-            it.remove();
-        }
-
-        cache.add(0, new SoftReference<K>(key));
-    }
-
-    /* List of soft references for the most-recently referenced keys.
-       The list is in most-recently-used order, i.e. the first element
-       is the most-recently referenced key.  There are never more than
-       nSoftReferences elements of this list.
-
-       If we didn't care about J2SE 1.3 compatibility, we could use
-       LinkedHashSet in conjunction with a subclass of SoftReference
-       whose equals and hashCode reflect the referent.  */
-    private final LinkedList<SoftReference<K>> cache =
-            new LinkedList<SoftReference<K>>();
-    private final int nSoftReferences;
-}
--- a/src/share/classes/com/sun/jmx/snmp/EnumRowStatus.java	Wed Jul 16 16:02:51 2014 +0400
+++ b/src/share/classes/com/sun/jmx/snmp/EnumRowStatus.java	Wed Jul 16 15:12:24 2014 -0700
@@ -284,20 +284,20 @@
     final static Hashtable<Integer, String> intTable = new Hashtable<>();
     final static Hashtable<String, Integer> stringTable = new Hashtable<>();
     static  {
-        intTable.put(new Integer(0), "unspecified");
-        intTable.put(new Integer(3), "notReady");
-        intTable.put(new Integer(6), "destroy");
-        intTable.put(new Integer(2), "notInService");
-        intTable.put(new Integer(5), "createAndWait");
-        intTable.put(new Integer(1), "active");
-        intTable.put(new Integer(4), "createAndGo");
-        stringTable.put("unspecified", new Integer(0));
-        stringTable.put("notReady", new Integer(3));
-        stringTable.put("destroy", new Integer(6));
-        stringTable.put("notInService", new Integer(2));
-        stringTable.put("createAndWait", new Integer(5));
-        stringTable.put("active", new Integer(1));
-        stringTable.put("createAndGo", new Integer(4));
+        intTable.put(0, "unspecified");
+        intTable.put(3, "notReady");
+        intTable.put(6, "destroy");
+        intTable.put(2, "notInService");
+        intTable.put(5, "createAndWait");
+        intTable.put(1, "active");
+        intTable.put(4, "createAndGo");
+        stringTable.put("unspecified", 0);
+        stringTable.put("notReady", 3);
+        stringTable.put("destroy", 6);
+        stringTable.put("notInService", 2);
+        stringTable.put("createAndWait", 5);
+        stringTable.put("active", 1);
+        stringTable.put("createAndGo", 4);
     }
 
 
--- a/src/share/classes/com/sun/jmx/snmp/Enumerated.java	Wed Jul 16 16:02:51 2014 +0400
+++ b/src/share/classes/com/sun/jmx/snmp/Enumerated.java	Wed Jul 16 15:12:24 2014 -0700
@@ -71,7 +71,7 @@
    *            the method is illegal or inappropriate.
    */
   public Enumerated(int valueIndex) throws IllegalArgumentException {
-    if (getIntTable().get(new Integer(valueIndex)) == null) {
+    if (getIntTable().get(valueIndex) == null) {
       throw new IllegalArgumentException() ;
     }
     value = valueIndex ;
@@ -181,7 +181,7 @@
    */
   @Override
   public String toString() {
-    return getIntTable().get(new Integer(value)) ;
+    return getIntTable().get(value);
   }
 
 
--- a/src/share/classes/com/sun/jmx/snmp/IPAcl/JJTParserState.java	Wed Jul 16 16:02:51 2014 +0400
+++ b/src/share/classes/com/sun/jmx/snmp/IPAcl/JJTParserState.java	Wed Jul 16 15:12:24 2014 -0700
@@ -100,7 +100,7 @@
 
 
   void openNodeScope(Node n) {
-    marks.push(new Integer(mk));
+    marks.push(mk);
     mk = sp;
     n.jjtOpen();
   }
--- a/src/share/classes/com/sun/jmx/snmp/SnmpCounter64.java	Wed Jul 16 16:02:51 2014 +0400
+++ b/src/share/classes/com/sun/jmx/snmp/SnmpCounter64.java	Wed Jul 16 15:12:24 2014 -0700
@@ -100,7 +100,7 @@
      * @return The <CODE>Integer</CODE> representation of the value.
      */
     public Integer toInteger() {
-        return new Integer((int)value) ;
+        return (int)value;
     }
 
     /**
--- a/src/share/classes/com/sun/jmx/snmp/SnmpInt.java	Wed Jul 16 16:02:51 2014 +0400
+++ b/src/share/classes/com/sun/jmx/snmp/SnmpInt.java	Wed Jul 16 15:12:24 2014 -0700
@@ -146,7 +146,7 @@
      * @return The <CODE>Integer</CODE> representation of the value.
      */
     public Integer toInteger() {
-        return new Integer((int)value) ;
+        return (int)value;
     }
 
     /**
--- a/src/share/classes/com/sun/jmx/snmp/daemon/CommunicatorServer.java	Wed Jul 16 16:02:51 2014 +0400
+++ b/src/share/classes/com/sun/jmx/snmp/daemon/CommunicatorServer.java	Wed Jul 16 15:12:24 2014 -0700
@@ -1272,8 +1272,8 @@
                          message,                    // message
                          "State",                    // attribute name
                          "int",                      // attribute type
-                         new Integer(oldState),      // old value
-                         new Integer(newState) );    // new value
+                         oldState,                   // old value
+                         newState );                 // new value
         if (SNMP_ADAPTOR_LOGGER.isLoggable(Level.FINEST)) {
             SNMP_ADAPTOR_LOGGER.logp(Level.FINEST, dbgTag,
                 "sendStateChangeNotification","Sending AttributeChangeNotification #"
--- a/src/share/classes/com/sun/jmx/snmp/daemon/SnmpAdaptorServer.java	Wed Jul 16 16:02:51 2014 +0400
+++ b/src/share/classes/com/sun/jmx/snmp/daemon/SnmpAdaptorServer.java	Wed Jul 16 15:12:24 2014 -0700
@@ -569,7 +569,7 @@
      */
     @Override
     public Integer getTrapPort() {
-        return new Integer(trapPort) ;
+        return trapPort;
     }
 
     /**
@@ -639,7 +639,7 @@
      */
     @Override
     public Integer getBufferSize() {
-        return new Integer(bufferSize) ;
+        return bufferSize;
     }
 
     /**
--- a/src/share/classes/com/sun/jmx/snmp/internal/SnmpLcd.java	Wed Jul 16 16:02:51 2014 +0400
+++ b/src/share/classes/com/sun/jmx/snmp/internal/SnmpLcd.java	Wed Jul 16 15:12:24 2014 -0700
@@ -43,15 +43,15 @@
 
         public void addModelLcd(int id,
                                 SnmpModelLcd usmlcd) {
-            models.put(new Integer(id), usmlcd);
+            models.put(id, usmlcd);
         }
 
         public SnmpModelLcd getModelLcd(int id) {
-            return models.get(new Integer(id));
+            return models.get(id);
         }
 
         public SnmpModelLcd removeModelLcd(int id) {
-            return models.remove(new Integer(id));
+            return models.remove(id);
         }
     }
 
--- a/src/share/classes/com/sun/jndi/cosnaming/RemoteToCorba.java	Wed Jul 16 16:02:51 2014 +0400
+++ b/src/share/classes/com/sun/jndi/cosnaming/RemoteToCorba.java	Wed Jul 16 15:12:24 2014 -0700
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 1999, 2004, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 1999, 2014, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -71,17 +71,10 @@
 
         if (orig instanceof Remote) {
             // Turn remote object into org.omg.CORBA.Object
-            try {
-                // Returns null if JRMP; let next factory try
-                // CNCtx will eventually throw IllegalArgumentException if
-                // no CORBA object gotten
-                return
-                    CorbaUtils.remoteToCorba((Remote)orig, ((CNCtx)ctx)._orb);
-            } catch (ClassNotFoundException e) {
-                // RMI-IIOP library not available
-                throw new ConfigurationException(
-                    "javax.rmi packages not available");
-            }
+            // Returns null if JRMP; let next factory try
+            // CNCtx will eventually throw IllegalArgumentException if
+            // no CORBA object gotten
+            return CorbaUtils.remoteToCorba((Remote)orig, ((CNCtx)ctx)._orb);
         }
         return null; // pass and let next state factory try
     }
--- a/src/share/classes/com/sun/jndi/ldap/ClientId.java	Wed Jul 16 16:02:51 2014 +0400
+++ b/src/share/classes/com/sun/jndi/ldap/ClientId.java	Wed Jul 16 15:12:24 2014 -0700
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2002, 2011, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2002, 2014, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -86,9 +86,8 @@
             try {
                 Class<?> socketFactoryClass =
                         Obj.helper.loadClass(socketFactory);
-                Class<?> objClass = Class.forName("java.lang.Object");
                 this.sockComparator = socketFactoryClass.getMethod(
-                                "compare", new Class<?>[]{objClass, objClass});
+                                "compare", new Class<?>[]{Object.class, Object.class});
                 Method getDefault = socketFactoryClass.getMethod(
                                             "getDefault", new Class<?>[]{});
                 this.factory =
--- a/src/share/classes/com/sun/jndi/ldap/Connection.java	Wed Jul 16 16:02:51 2014 +0400
+++ b/src/share/classes/com/sun/jndi/ldap/Connection.java	Wed Jul 16 15:12:24 2014 -0700
@@ -31,6 +31,7 @@
 import java.io.IOException;
 import java.io.OutputStream;
 import java.io.InputStream;
+import java.net.InetSocketAddress;
 import java.net.Socket;
 import javax.net.ssl.SSLSocket;
 
@@ -42,11 +43,10 @@
 import javax.naming.ldap.Control;
 
 import java.lang.reflect.Method;
-import java.lang.reflect.Constructor;
 import java.lang.reflect.InvocationTargetException;
 import java.util.Arrays;
 import sun.misc.IOUtils;
-//import javax.net.SocketFactory;
+import javax.net.SocketFactory;
 
 /**
   * A thread that creates a connection to an LDAP server.
@@ -111,6 +111,7 @@
 
     private static final boolean debug = false;
     private static final int dump = 0; // > 0 r, > 1 rw
+    public static final long DEFAULT_READ_TIMEOUT_MILLIS = 15 * 1000; // 15 second timeout;
 
 
     final private Thread worker;    // Initialized in constructor
@@ -218,9 +219,7 @@
             ce.setRootCause(realException);
             throw ce;
         } catch (Exception e) {
-            // Class.forName() seems to do more error checking
-            // and will throw IllegalArgumentException and such.
-            // That's why we need to have a catch all here and
+            // We need to have a catch all here and
             // ignore generic exceptions.
             // Also catches all IO errors generated by socket creation.
             CommunicationException ce =
@@ -237,27 +236,8 @@
     /*
      * Create an InetSocketAddress using the specified hostname and port number.
      */
-    private Object createInetSocketAddress(String host, int port)
-            throws NoSuchMethodException {
-
-        try {
-            Class<?> inetSocketAddressClass =
-                Class.forName("java.net.InetSocketAddress");
-
-            Constructor<?> inetSocketAddressCons =
-                inetSocketAddressClass.getConstructor(new Class<?>[]{
-                String.class, int.class});
-
-            return inetSocketAddressCons.newInstance(new Object[]{
-                host, new Integer(port)});
-
-        } catch (ClassNotFoundException |
-                 InstantiationException |
-                 InvocationTargetException |
-                 IllegalAccessException e) {
-            throw new NoSuchMethodException();
-
-        }
+    private InetSocketAddress createInetSocketAddress(String host, int port) {
+            return new InetSocketAddress(host, port);
     }
 
     /*
@@ -278,82 +258,57 @@
 
             // create the factory
 
-            Class<?> socketFactoryClass = Obj.helper.loadClass(socketFactory);
+            Class<? extends SocketFactory> socketFactoryClass =
+                    (Class<? extends SocketFactory>) Obj.helper.loadClass
+                    (socketFactory);
             Method getDefault =
                 socketFactoryClass.getMethod("getDefault", new Class<?>[]{});
-            Object factory = getDefault.invoke(null, new Object[]{});
+            SocketFactory factory = (SocketFactory) getDefault.invoke(null, new Object[]{});
 
             // create the socket
 
-            Method createSocket = null;
-
             if (connectTimeout > 0) {
 
-                try {
-                    createSocket = socketFactoryClass.getMethod("createSocket",
-                        new Class<?>[]{});
+                InetSocketAddress endpoint =
+                        createInetSocketAddress(host, port);
 
-                    Method connect = Socket.class.getMethod("connect",
-                        new Class<?>[]{Class.forName("java.net.SocketAddress"),
-                        int.class});
-                    Object endpoint = createInetSocketAddress(host, port);
+                // unconnected socket
+                socket = factory.createSocket();
 
-                    // unconnected socket
-                    socket =
-                        (Socket)createSocket.invoke(factory, new Object[]{});
+                if (debug) {
+                    System.err.println("Connection: creating socket with " +
+                            "a timeout using supplied socket factory");
+                }
 
-                    if (debug) {
-                        System.err.println("Connection: creating socket with " +
-                            "a timeout using supplied socket factory");
-                    }
-
-                    // connected socket
-                    connect.invoke(socket, new Object[]{
-                        endpoint, new Integer(connectTimeout)});
-
-                } catch (NoSuchMethodException e) {
-                    // continue (but ignore connectTimeout)
-                }
+                // connected socket
+                socket.connect(endpoint, connectTimeout);
             }
 
+            // continue (but ignore connectTimeout)
             if (socket == null) {
-                createSocket = socketFactoryClass.getMethod("createSocket",
-                    new Class<?>[]{String.class, int.class});
-
                 if (debug) {
                     System.err.println("Connection: creating socket using " +
                         "supplied socket factory");
                 }
                 // connected socket
-                socket = (Socket) createSocket.invoke(factory,
-                    new Object[]{host, new Integer(port)});
+                socket = factory.createSocket(host, port);
             }
         } else {
 
             if (connectTimeout > 0) {
 
-                try {
-                    Constructor<Socket> socketCons =
-                        Socket.class.getConstructor(new Class<?>[]{});
+                    InetSocketAddress endpoint = createInetSocketAddress(host, port);
 
-                    Method connect = Socket.class.getMethod("connect",
-                        new Class<?>[]{Class.forName("java.net.SocketAddress"),
-                        int.class});
-                    Object endpoint = createInetSocketAddress(host, port);
-
-                    socket = socketCons.newInstance(new Object[]{});
+                    socket = new Socket();
 
                     if (debug) {
                         System.err.println("Connection: creating socket with " +
                             "a timeout");
                     }
-                    connect.invoke(socket, new Object[]{
-                        endpoint, new Integer(connectTimeout)});
+                    socket.connect(endpoint, connectTimeout);
+            }
 
-                } catch (NoSuchMethodException e) {
-                    // continue (but ignore connectTimeout)
-                }
-            }
+            // continue (but ignore connectTimeout)
 
             if (socket == null) {
                 if (debug) {
@@ -460,7 +415,7 @@
                             // available
                             ldr.wait(readTimeout);
                         } else {
-                            ldr.wait(15 * 1000); // 15 second timeout
+                            ldr.wait(DEFAULT_READ_TIMEOUT_MILLIS);
                         }
                         waited = true;
                     } else {
--- a/src/share/classes/com/sun/jndi/ldap/LdapPoolManager.java	Wed Jul 16 16:02:51 2014 +0400
+++ b/src/share/classes/com/sun/jndi/ldap/LdapPoolManager.java	Wed Jul 16 15:12:24 2014 -0700
@@ -406,7 +406,7 @@
                 try {
                     return Integer.getInteger(propName, defVal);
                 } catch (SecurityException e) {
-                    return new Integer(defVal);
+                    return defVal;
                 }
             }
         });
--- a/src/share/classes/com/sun/jndi/ldap/VersionHelper.java	Wed Jul 16 16:02:51 2014 +0400
+++ b/src/share/classes/com/sun/jndi/ldap/VersionHelper.java	Wed Jul 16 15:12:24 2014 -0700
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 1999, 2011, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 1999, 2014, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -30,32 +30,10 @@
 
 abstract class VersionHelper {
 
-    private static VersionHelper helper = null;
+    private static final VersionHelper helper = new VersionHelper12();
 
     VersionHelper() {} // Disallow anyone from creating one of these.
 
-    static {
-        try {
-            Class.forName("java.net.URLClassLoader"); // 1.2 test
-            Class.forName("java.security.PrivilegedAction"); // 1.2 test
-            helper = (VersionHelper)
-                Class.forName(
-                    "com.sun.jndi.ldap.VersionHelper12").newInstance();
-        } catch (Exception e) {
-        }
-
-        // Use 1.1 helper if 1.2 test fails, or if we cannot create 1.2 helper
-        if (helper == null) {
-            try {
-                helper = (VersionHelper)
-                    Class.forName(
-                        "com.sun.jndi.ldap.VersionHelper11").newInstance();
-            } catch (Exception e) {
-                // should never happen
-            }
-        }
-    }
-
     static VersionHelper getVersionHelper() {
         return helper;
     }
--- a/src/share/classes/com/sun/jndi/toolkit/corba/CorbaUtils.java	Wed Jul 16 16:02:51 2014 +0400
+++ b/src/share/classes/com/sun/jndi/toolkit/corba/CorbaUtils.java	Wed Jul 16 15:12:24 2014 -0700
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 1999, 2011, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 1999, 2014, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -28,16 +28,18 @@
 // Needed for RMI/IIOP
 import java.rmi.Remote;
 
-import java.lang.reflect.Method;
-import java.lang.reflect.InvocationTargetException;
+import java.rmi.RemoteException;
 import java.util.Hashtable;
 import java.util.Properties;
 import java.util.Enumeration;
+import java.applet.Applet;
 
 import org.omg.CORBA.ORB;
 
 import javax.naming.Context;
 import javax.naming.ConfigurationException;
+import javax.rmi.CORBA.Stub;
+import javax.rmi.PortableRemoteObject;
 
 /**
   * Contains utilities for performing CORBA-related tasks:
@@ -76,71 +78,43 @@
       * @param orb       The non-null ORB to connect the remote object to
       * @return The CORBA Object for remoteObj; null if <tt>remoteObj</tt>
       *                 is a JRMP implementation or JRMP stub.
-      * @exception ClassNotFoundException The RMI-IIOP package is not available
       * @exception ConfigurationException The CORBA Object cannot be obtained
       *         because of configuration problems.
       */
     public static org.omg.CORBA.Object remoteToCorba(Remote remoteObj, ORB orb)
-        throws ClassNotFoundException, ConfigurationException {
-            synchronized (CorbaUtils.class) {
-                if (toStubMethod == null) {
-                    initMethodHandles();
-                }
-            }
+        throws ConfigurationException {
 
 // First, get remoteObj's stub
 
             // javax.rmi.CORBA.Stub stub = PortableRemoteObject.toStub(remoteObj);
 
-            java.lang.Object stub;
+            Remote stub;
 
             try {
-                stub = toStubMethod.invoke(null, new java.lang.Object[]{remoteObj});
-
-            } catch (InvocationTargetException e) {
-                Throwable realException = e.getTargetException();
-                // realException.printStackTrace();
-
+                stub = PortableRemoteObject.toStub(remoteObj);
+            } catch (Throwable t) {
                 ConfigurationException ce = new ConfigurationException(
     "Problem with PortableRemoteObject.toStub(); object not exported or stub not found");
-                ce.setRootCause(realException);
-                throw ce;
-
-            } catch (IllegalAccessException e) {
-                ConfigurationException ce = new ConfigurationException(
-    "Cannot invoke javax.rmi.PortableRemoteObject.toStub(java.rmi.Remote)");
-
-                ce.setRootCause(e);
+                ce.setRootCause(t);
                 throw ce;
             }
 
 // Next, make sure that the stub is javax.rmi.CORBA.Stub
 
-            if (!corbaStubClass.isInstance(stub)) {
+            if (!(stub instanceof Stub)) {
                 return null;  // JRMP implementation or JRMP stub
             }
 
 // Next, make sure that the stub is connected
-            // Invoke stub.connect(orb)
             try {
-                connectMethod.invoke(stub, new java.lang.Object[]{orb});
-
-            } catch (InvocationTargetException e) {
-                Throwable realException = e.getTargetException();
-                // realException.printStackTrace();
-
-                if (!(realException instanceof java.rmi.RemoteException)) {
-                    ConfigurationException ce = new ConfigurationException(
-                        "Problem invoking javax.rmi.CORBA.Stub.connect()");
-                    ce.setRootCause(realException);
-                    throw ce;
-                }
+                ((Stub) stub).connect(orb);
+            } catch (RemoteException e) {
                 // ignore RemoteException because stub might have already
                 // been connected
-            } catch (IllegalAccessException e) {
+            } catch (Throwable t) {
                 ConfigurationException ce = new ConfigurationException(
-                    "Cannot invoke javax.rmi.CORBA.Stub.connect()");
-                ce.setRootCause(e);
+                        "Problem invoking javax.rmi.CORBA.Stub.connect()");
+                ce.setRootCause(t);
                 throw ce;
             }
 // Finally, return stub
@@ -192,83 +166,13 @@
 
         // Get Applet from environment
         if (env != null) {
-            Object applet = env.get(Context.APPLET);
+            Applet applet = (Applet) env.get(Context.APPLET);
             if (applet != null) {
-                // Create ORBs for an applet
-                return initAppletORB(applet, orbProp);
+            // Create ORBs using applet and orbProp
+                return ORB.init(applet, orbProp);
             }
         }
 
-        // Create ORBs using orbProp for a standalone application
         return ORB.init(new String[0], orbProp);
     }
-
-    /**
-     * This method returns a new ORB instance for the given applet
-     * without creating a static dependency on java.applet.
-     */
-    private static ORB initAppletORB(Object applet, Properties orbProp) {
-        try {
-            Class<?> appletClass  = Class.forName("java.applet.Applet", true, null);
-            if (!appletClass.isInstance(applet)) {
-                throw new ClassCastException(applet.getClass().getName());
-            }
-
-            // invoke the static method ORB.init(applet, orbProp);
-            Method method = ORB.class.getMethod("init", appletClass, Properties.class);
-            return (ORB) method.invoke(null, applet, orbProp);
-        } catch (ClassNotFoundException e) {
-            // java.applet.Applet doesn't exist and the applet parameter is
-            // non-null; so throw CCE
-            throw new ClassCastException(applet.getClass().getName());
-        } catch (NoSuchMethodException e) {
-            throw new AssertionError(e);
-        } catch (InvocationTargetException e) {
-            Throwable cause = e.getCause();
-            if (cause instanceof RuntimeException) {
-                throw (RuntimeException) cause;
-            } else if (cause instanceof Error) {
-                throw (Error) cause;
-            }
-            throw new AssertionError(e);
-        } catch (IllegalAccessException iae) {
-            throw new AssertionError(iae);
-        }
-    }
-
-    // Fields used for reflection of RMI-IIOP
-    private static Method toStubMethod = null;
-    private static Method connectMethod = null;
-    private static Class<?> corbaStubClass = null;
-    /**
-     * Initializes reflection method handles for RMI-IIOP.
-     * @exception ClassNotFoundException javax.rmi.CORBA.* not available
-     */
-    private static void initMethodHandles() throws ClassNotFoundException {
-        // Get javax.rmi.CORBA.Stub class
-        corbaStubClass = Class.forName("javax.rmi.CORBA.Stub");
-
-        // Get javax.rmi.CORBA.Stub.connect(org.omg.CORBA.ORB) method
-
-        try {
-            connectMethod = corbaStubClass.getMethod("connect",
-                new Class<?>[] {org.omg.CORBA.ORB.class});
-        } catch (NoSuchMethodException e) {
-            throw new IllegalStateException(
-        "No method definition for javax.rmi.CORBA.Stub.connect(org.omg.CORBA.ORB)");
-        }
-
-        // Get javax.rmi.PortableRemoteObject class
-        Class<?> proClass = Class.forName("javax.rmi.PortableRemoteObject");
-
-        // Get javax.rmi.PortableRemoteObject.toStub(java.rmi.Remote) method
-        try {
-            toStubMethod = proClass.getMethod("toStub",
-                new Class<?>[] {java.rmi.Remote.class});
-
-        } catch (NoSuchMethodException e) {
-            throw new IllegalStateException(
-"No method definition for javax.rmi.PortableRemoteObject.toStub(java.rmi.Remote)");
-        }
-    }
 }
--- a/src/share/classes/com/sun/security/ntlm/Client.java	Wed Jul 16 16:02:51 2014 +0400
+++ b/src/share/classes/com/sun/security/ntlm/Client.java	Wed Jul 16 15:12:24 2014 -0700
@@ -46,7 +46,7 @@
     final private String hostname;
     final private String username;
 
-    private String domain;    // might be updated by Type 2 msg
+    private String domain;
     private byte[] pw1, pw2;
 
     /**
@@ -82,7 +82,7 @@
         }
         this.hostname = hostname;
         this.username = username;
-        this.domain = domain;
+        this.domain = domain == null ? "" : domain;
         this.pw1 = getP1(password);
         this.pw2 = getP2(password);
         debug("NTLM Client: (h,u,t,version(v)) = (%s,%s,%s,%s(%s))\n",
@@ -95,19 +95,13 @@
      */
     public byte[] type1() {
         Writer p = new Writer(1, 32);
-        int flags = 0x8203;
-        if (hostname != null) {
-            flags |= 0x2000;
-        }
-        if (domain != null) {
-            flags |= 0x1000;
-        }
+        // Negotiate always sign, Negotiate NTLM,
+        // Request Target, Negotiate OEM, Negotiate unicode
+        int flags = 0x8207;
         if (v != Version.NTLM) {
             flags |= 0x80000;
         }
         p.writeInt(12, flags);
-        p.writeSecurityBuffer(24, hostname, false);
-        p.writeSecurityBuffer(16, domain, false);
         debug("NTLM Client: Type 1 created\n");
         debug(p.getBytes());
         return p.getBytes();
@@ -133,13 +127,10 @@
         byte[] challenge = r.readBytes(24, 8);
         int inputFlags = r.readInt(20);
         boolean unicode = (inputFlags & 1) == 1;
-        String domainFromServer = r.readSecurityBuffer(12, unicode);
-        if (domainFromServer != null) {
-            domain = domainFromServer;
-        }
-        if (domain == null) {
-            domain = "";
-        }
+
+        // IE uses domainFromServer to generate an alist if server has not
+        // provided one. Firefox/WebKit do not. Neither do we.
+        //String domainFromServer = r.readSecurityBuffer(12, unicode);
 
         int flags = 0x88200 | (inputFlags & 3);
         Writer p = new Writer(3, 64);
@@ -163,7 +154,9 @@
             if (writeLM) lm = calcV2(nthash,
                     username.toUpperCase(Locale.US)+domain, nonce, challenge);
             if (writeNTLM) {
-                byte[] alist = type2.length > 48 ?
+                // Some client create a alist even if server does not send
+                // one: (i16)2 (i16)len target_in_unicode (i16)0 (i16) 0
+                byte[] alist = ((inputFlags & 0x800000) != 0) ?
                     r.readSecurityBuffer(40) : new byte[0];
                 byte[] blob = new byte[32+alist.length];
                 System.arraycopy(new byte[]{1,1,0,0,0,0,0,0}, 0, blob, 0, 8);
--- a/src/share/classes/com/sun/security/ntlm/Server.java	Wed Jul 16 16:02:51 2014 +0400
+++ b/src/share/classes/com/sun/security/ntlm/Server.java	Wed Jul 16 15:12:24 2014 -0700
@@ -1,3 +1,4 @@
+
 /*
  * Copyright (c) 2010, 2012, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
@@ -92,7 +93,9 @@
         debug("NTLM Server: Type 1 received\n");
         if (type1 != null) debug(type1);
         Writer p = new Writer(2, 32);
-        int flags = 0x80205;
+        // Negotiate NTLM2 Key, Target Type Domain,
+        // Negotiate NTLM, Request Target, Negotiate unicode
+        int flags = 0x90205;
         p.writeSecurityBuffer(12, domain, true);
         p.writeInt(20, flags);
         p.writeBytes(24, nonce);
@@ -127,8 +130,9 @@
                     "Wrong domain: " + incomingDomain +
                     " vs " + domain); // Needed?
         }*/
+
         boolean verified = false;
-        char[] password = getPassword(domain, username);
+        char[] password = getPassword(incomingDomain, username);
         if (password == null) {
             throw new NTLMException(NTLMException.USER_UNKNOWN,
                     "Unknown user");
@@ -179,6 +183,8 @@
                 }
             }
             if (incomingNTLM.length > 0) {
+                // We didn't sent alist in type2(), so there
+                // is nothing to check here.
                 byte[] clientBlob = Arrays.copyOfRange(
                         incomingNTLM, 16, incomingNTLM.length);
                 byte[] ntlmresponse = calcV2(nthash,
--- a/src/share/classes/com/sun/security/sasl/CramMD5Base.java	Wed Jul 16 16:02:51 2014 +0400
+++ b/src/share/classes/com/sun/security/sasl/CramMD5Base.java	Wed Jul 16 15:12:24 2014 -0700
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2003, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2003, 2014, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -32,6 +32,7 @@
 import java.security.NoSuchAlgorithmException;
 import java.security.MessageDigest;
 
+import java.util.Arrays;
 import java.util.logging.Logger;
 
 /**
@@ -159,7 +160,7 @@
         MessageDigest md5 = MessageDigest.getInstance("MD5");
 
         /* digest the key if longer than 64 bytes */
-        if (key.length > 64) {
+        if (key.length > MD5_BLOCKSIZE) {
             key = md5.digest(key);
         }
 
@@ -169,13 +170,9 @@
         int i;
 
         /* store key in pads */
-        for (i = 0; i < MD5_BLOCKSIZE; i++) {
-            for ( ; i < key.length; i++) {
-                ipad[i] = key[i];
-                opad[i] = key[i];
-            }
-            ipad[i] = 0x00;
-            opad[i] = 0x00;
+        for (i = 0; i < key.length; i++) {
+            ipad[i] = key[i];
+            opad[i] = key[i];
         }
 
         /* XOR key with pads */
@@ -207,6 +204,11 @@
             }
         }
 
+        Arrays.fill(ipad, (byte)0);
+        Arrays.fill(opad, (byte)0);
+        ipad = null;
+        opad = null;
+
         return (digestString.toString());
     }
 
--- a/src/share/classes/com/sun/security/sasl/digest/DigestMD5Base.java	Wed Jul 16 16:02:51 2014 +0400
+++ b/src/share/classes/com/sun/security/sasl/digest/DigestMD5Base.java	Wed Jul 16 15:12:24 2014 -0700
@@ -1410,7 +1410,7 @@
             if (logger.isLoggable(Level.FINEST)) {
                 logger.log(Level.FINEST,
                     "DIGEST33:Expecting sequence num: {0}",
-                    new Integer(peerSeqNum));
+                    peerSeqNum);
                 traceOutput(DP_CLASS_NAME, "unwrap", "DIGEST34:incoming: ",
                     encryptedMsg);
             }
--- a/src/share/classes/com/sun/security/sasl/digest/DigestMD5Client.java	Wed Jul 16 16:02:51 2014 +0400
+++ b/src/share/classes/com/sun/security/sasl/digest/DigestMD5Client.java	Wed Jul 16 15:12:24 2014 -0700
@@ -439,7 +439,7 @@
 
         if (logger.isLoggable(Level.FINE)) {
             logger.log(Level.FINE, "DIGEST61:Raw send size: {0}",
-                new Integer(rawSendSize));
+                rawSendSize);
         }
      }
 
--- a/src/share/classes/com/sun/security/sasl/gsskerb/GssKrb5Base.java	Wed Jul 16 16:02:51 2014 +0400
+++ b/src/share/classes/com/sun/security/sasl/gsskerb/GssKrb5Base.java	Wed Jul 16 15:12:24 2014 -0700
@@ -26,11 +26,14 @@
 
 package com.sun.security.sasl.gsskerb;
 
+import java.util.Locale;
 import java.util.Map;
 import java.util.logging.Level;
 import javax.security.sasl.*;
 import com.sun.security.sasl.util.AbstractSaslImpl;
 import org.ietf.jgss.*;
+import com.sun.security.jgss.ExtendedGSSContext;
+import com.sun.security.jgss.InquireType;
 
 abstract class GssKrb5Base extends AbstractSaslImpl {
 
@@ -61,6 +64,36 @@
         return "GSSAPI";
     }
 
+    @Override
+    public Object getNegotiatedProperty(String propName) {
+        if (!completed) {
+            throw new IllegalStateException("Authentication incomplete");
+        }
+        String xprefix = "com.sun.security.jgss.inquiretype.";
+        if (propName.startsWith(xprefix)) {
+            String type = propName.substring(xprefix.length());
+            if (logger.isLoggable(Level.FINEST)) {
+                logger.logp(Level.FINE, "GssKrb5Base",
+                        "getNegotiatedProperty", propName);
+            }
+            for (InquireType t: InquireType.values()) {
+                if (t.name().toLowerCase(Locale.US).equals(type)) {
+                    try {
+                        return ((ExtendedGSSContext)secCtx).inquireSecContext(t);
+                    } catch (GSSException e) {
+                        if (logger.isLoggable(Level.FINEST)) {
+                            logger.log(Level.WARNING, "inquireSecContext error", e);
+                        }
+                        return null;
+                    }
+                }
+            }
+            // No such InquireType. Although not likely to be defined
+            // as a property in a parent class, still try it.
+        }
+        return super.getNegotiatedProperty(propName);
+    }
+
     public byte[] unwrap(byte[] incoming, int start, int len)
         throws SaslException {
         if (!completed) {
--- a/src/share/classes/com/sun/security/sasl/gsskerb/GssKrb5Client.java	Wed Jul 16 16:02:51 2014 +0400
+++ b/src/share/classes/com/sun/security/sasl/gsskerb/GssKrb5Client.java	Wed Jul 16 15:12:24 2014 -0700
@@ -275,9 +275,9 @@
             if (logger.isLoggable(Level.FINE)) {
                 logger.log(Level.FINE,
 "KRB5CLNT07:Client max recv size: {0}; server max recv size: {1}; rawSendSize: {2}",
-                    new Object[] {new Integer(recvMaxBufSize),
-                                  new Integer(srvMaxBufSize),
-                                  new Integer(rawSendSize)});
+                    new Object[] {recvMaxBufSize,
+                                  srvMaxBufSize,
+                                  rawSendSize});
             }
 
             // Construct negotiated security layers and client's max
--- a/src/share/classes/com/sun/security/sasl/gsskerb/GssKrb5Server.java	Wed Jul 16 16:02:51 2014 +0400
+++ b/src/share/classes/com/sun/security/sasl/gsskerb/GssKrb5Server.java	Wed Jul 16 15:12:24 2014 -0700
@@ -222,7 +222,7 @@
                 logger.log(Level.FINE,
                     "KRB5SRV06:Supported protections: {0}; recv max buf size: {1}",
                     new Object[]{allQop,
-                                 new Integer(recvMaxBufSize)});
+                                 recvMaxBufSize});
             }
 
             handshakeStage = 2;  // progress to next stage
@@ -293,9 +293,9 @@
                                  Boolean.valueOf(integrity)});
                 logger.log(Level.FINE,
 "KRB5SRV11:Client max recv size: {0}; server max send size: {1}; rawSendSize: {2}",
-                    new Object[] {new Integer(clntMaxBufSize),
-                                  new Integer(sendMaxBufSize),
-                                  new Integer(rawSendSize)});
+                    new Object[] {clntMaxBufSize,
+                                  sendMaxBufSize,
+                                  rawSendSize});
             }
 
             // Get authorization identity, if any
--- a/src/share/classes/com/sun/security/sasl/ntlm/NTLMClient.java	Wed Jul 16 16:02:51 2014 +0400
+++ b/src/share/classes/com/sun/security/sasl/ntlm/NTLMClient.java	Wed Jul 16 15:12:24 2014 -0700
@@ -160,9 +160,17 @@
             }
         }
         try {
+            String name = ncb.getName();
+            if (name == null) {
+                name = authzid;
+            }
+            String domain = dcb.getText();
+            if (domain == null) {
+                domain = serverName;
+            }
             client = new Client(version, hostname,
-                    ncb.getName(),
-                    dcb.getText(),
+                    name,
+                    domain,
                     pcb.getPassword());
         } catch (NTLMException ne) {
             throw new SaslException(
--- a/src/share/classes/com/sun/security/sasl/ntlm/NTLMServer.java	Wed Jul 16 16:02:51 2014 +0400
+++ b/src/share/classes/com/sun/security/sasl/ntlm/NTLMServer.java	Wed Jul 16 15:12:24 2014 -0700
@@ -141,8 +141,10 @@
             server = new Server(version, domain) {
                 public char[] getPassword(String ntdomain, String username) {
                     try {
-                        RealmCallback rcb = new RealmCallback(
-                                "Domain: ", ntdomain);
+                        RealmCallback rcb =
+                                (ntdomain == null || ntdomain.isEmpty())
+                                    ? new RealmCallback("Domain: ")
+                                    : new RealmCallback("Domain: ", ntdomain);
                         NameCallback ncb = new NameCallback(
                                 "Name: ", username);
                         PasswordCallback pcb = new PasswordCallback(
--- a/src/share/classes/com/sun/security/sasl/util/AbstractSaslImpl.java	Wed Jul 16 16:02:51 2014 +0400
+++ b/src/share/classes/com/sun/security/sasl/util/AbstractSaslImpl.java	Wed Jul 16 15:12:24 2014 -0700
@@ -286,7 +286,7 @@
 
             // Message id supplied by caller as part of traceTag
             logger.logp(lev, srcClass, srcMethod, "{0} ( {1} ): {2}",
-                new Object[] {traceTag, new Integer(origlen), content});
+                new Object[] {traceTag, origlen, content});
         } catch (Exception e) {
             logger.logp(Level.WARNING, srcClass, srcMethod,
                 "SASLIMPL09:Error generating trace output: {0}", e);
--- a/src/share/classes/com/sun/tools/example/debug/gui/ContextManager.java	Wed Jul 16 16:02:51 2014 +0400
+++ b/src/share/classes/com/sun/tools/example/debug/gui/ContextManager.java	Wed Jul 16 15:12:24 2014 -0700
@@ -211,7 +211,7 @@
     }
 
     private void setCurrentFrameIndex(ThreadInfo tinfo, int index) {
-        tinfo.setUserObject(new Integer(index));
+        tinfo.setUserObject(index);
         //### In fact, the value may not have changed at this point.
         //### We need to signal that the user attempted to change it,
         //### however, so that the selection can be "warped" to the
--- a/src/share/classes/com/sun/tools/example/debug/tty/Commands.java	Wed Jul 16 16:02:51 2014 +0400
+++ b/src/share/classes/com/sun/tools/example/debug/tty/Commands.java	Wed Jul 16 15:12:24 2014 -0700
@@ -84,7 +84,7 @@
                                     MessageOutput.println("Current thread isnt suspended.");
                                 } catch (ArrayIndexOutOfBoundsException e) {
                                     MessageOutput.println("Requested stack frame is no longer active:",
-                                                          new Object []{new Integer(stackFrame)});
+                                                          new Object []{stackFrame});
                                 }
                             }
                             MessageOutput.printPrompt();
@@ -942,14 +942,14 @@
         }
         if (pc != -1) {
             MessageOutput.println("stack frame dump with pc",
-                                  new Object [] {new Integer(frameNumber + 1),
+                                  new Object [] {(frameNumber + 1),
                                                  meth.declaringType().name(),
                                                  meth.name(),
                                                  methodInfo,
                                                  Long.valueOf(pc)});
         } else {
             MessageOutput.println("stack frame dump",
-                                  new Object [] {new Integer(frameNumber + 1),
+                                  new Object [] {(frameNumber + 1),
                                                  meth.declaringType().name(),
                                                  meth.name(),
                                                  methodInfo});
@@ -2093,8 +2093,8 @@
                         VirtualMachineManager vmm) {
         MessageOutput.println("minus version",
                               new Object [] { debuggerName,
-                                              new Integer(vmm.majorInterfaceVersion()),
-                                              new Integer(vmm.minorInterfaceVersion()),
+                                              vmm.majorInterfaceVersion(),
+                                              vmm.minorInterfaceVersion(),
                                                   System.getProperty("java.version")});
         if (Env.connection() != null) {
             try {
--- a/src/share/classes/com/sun/tools/example/debug/tty/TTY.java	Wed Jul 16 16:02:51 2014 +0400
+++ b/src/share/classes/com/sun/tools/example/debug/tty/TTY.java	Wed Jul 16 15:12:24 2014 -0700
@@ -241,7 +241,7 @@
                 }
                 if (line != null) {
                     MessageOutput.println("source line number and line",
-                                          new Object [] {new Integer(loc.lineNumber()),
+                                          new Object [] {loc.lineNumber(),
                                                          line});
                 }
             }
--- a/src/share/classes/com/sun/tools/hat/internal/model/JavaLazyReadObject.java	Wed Jul 16 16:02:51 2014 +0400
+++ b/src/share/classes/com/sun/tools/hat/internal/model/JavaLazyReadObject.java	Wed Jul 16 15:12:24 2014 -0700
@@ -100,7 +100,7 @@
     // make Integer or Long for given object ID
     protected static Number makeId(long id) {
         if ((id & ~Snapshot.SMALL_ID_MASK) == 0) {
-            return new Integer((int)id);
+            return (int)id;
         } else {
             return id;
         }
--- a/src/share/classes/com/sun/tools/hat/internal/model/Snapshot.java	Wed Jul 16 16:02:51 2014 +0400
+++ b/src/share/classes/com/sun/tools/hat/internal/model/Snapshot.java	Wed Jul 16 15:12:24 2014 -0700
@@ -581,7 +581,7 @@
     // Internals only below this point
     private Number makeId(long id) {
         if (identifierSize == 4) {
-            return new Integer((int)id);
+            return (int)id;
         } else {
             return id;
         }
--- a/src/share/classes/com/sun/tools/hat/internal/parser/HprofReader.java	Wed Jul 16 16:02:51 2014 +0400
+++ b/src/share/classes/com/sun/tools/hat/internal/parser/HprofReader.java	Wed Jul 16 15:12:24 2014 -0700
@@ -227,7 +227,7 @@
                     String nm = getNameFromID(classNameID).replace('/', '.');
                     classNameFromObjectID.put(classIdI, nm);
                     if (classNameFromSerialNo != null) {
-                        classNameFromSerialNo.put(new Integer(serialNo), nm);
+                        classNameFromSerialNo.put(serialNo, nm);
                     }
                     break;
                 }
@@ -297,7 +297,7 @@
                         String methodSig = getNameFromID(readID());
                         String sourceFile = getNameFromID(readID());
                         int classSer = in.readInt();
-                        String className = classNameFromSerialNo.get(new Integer(classSer));
+                        String className = classNameFromSerialNo.get(classSer);
                         int lineNumber = in.readInt();
                         if (lineNumber < StackFrame.LINE_NUMBER_NATIVE) {
                             warn("Weird stack frame line number:  " + lineNumber);
@@ -324,7 +324,7 @@
                                 throw new IOException("Stack frame " + toHex(fid) + " not found");
                             }
                         }
-                        stackTraces.put(new Integer(serialNo),
+                        stackTraces.put(serialNo,
                                         new StackTrace(frames));
                     }
                     break;
@@ -404,7 +404,7 @@
                     int threadSeq = in.readInt();
                     int stackSeq = in.readInt();
                     bytesLeft -= identifierSize + 8;
-                    threadObjects.put(new Integer(threadSeq),
+                    threadObjects.put(threadSeq,
                                       new ThreadObject(id, stackSeq));
                     break;
                 }
@@ -610,7 +610,7 @@
 
     private ThreadObject getThreadObjectFromSequence(int threadSeq)
             throws IOException {
-        ThreadObject to = threadObjects.get(new Integer(threadSeq));
+        ThreadObject to = threadObjects.get(threadSeq);
         if (to == null) {
             throw new IOException("Thread " + threadSeq +
                                   " not found for JNI local ref");
@@ -638,7 +638,7 @@
         if (stackTraces == null) {
             return null;
         }
-        StackTrace result = stackTraces.get(new Integer(ser));
+        StackTrace result = stackTraces.get(ser);
         if (result == null) {
             warn("Stack trace not found for serial # " + ser);
         }
--- a/src/share/classes/com/sun/tools/hat/internal/server/ObjectQuery.java	Wed Jul 16 16:02:51 2014 +0400
+++ b/src/share/classes/com/sun/tools/hat/internal/server/ObjectQuery.java	Wed Jul 16 15:12:24 2014 -0700
@@ -99,7 +99,7 @@
         final JavaField[] fields = obj.getClazz().getFieldsForInstance();
         Integer[] hack = new Integer[things.length];
         for (int i = 0; i < things.length; i++) {
-            hack[i] = new Integer(i);
+            hack[i] = i;
         }
         ArraySorter.sort(hack, new Comparer() {
             public int compare(Object lhs, Object rhs) {
--- a/src/share/classes/com/sun/tools/jdi/ConcreteMethodImpl.java	Wed Jul 16 16:02:51 2014 +0400
+++ b/src/share/classes/com/sun/tools/jdi/ConcreteMethodImpl.java	Wed Jul 16 15:12:24 2014 -0700
@@ -143,7 +143,7 @@
          * Find the locations which match the line number
          * passed in.
          */
-        List<Location> list = info.lineMapper.get(new Integer(lineNumber));
+        List<Location> list = info.lineMapper.get(lineNumber);
 
         if (list == null) {
             list = new ArrayList<Location>(0);
@@ -329,7 +329,7 @@
                 lineLocations.add(loc);
 
                 // Add to the line -> locations map
-                Integer key = new Integer(lineNumber);
+                Integer key = lineNumber;
                 List<Location> mappedLocs = lineMapper.get(key);
                 if (mappedLocs == null) {
                     mappedLocs = new ArrayList<Location>(1);
@@ -399,7 +399,7 @@
                 lineLocations.add(loc);
 
                 // Add to the line -> locations map
-                Integer key = new Integer(lineNumber);
+                Integer key = lineNumber;
                 List<Location> mappedLocs = lineMapper.get(key);
                 if (mappedLocs == null) {
                     mappedLocs = new ArrayList<Location>(1);
--- a/src/share/classes/com/sun/tools/jdi/ReferenceTypeImpl.java	Wed Jul 16 16:02:51 2014 +0400
+++ b/src/share/classes/com/sun/tools/jdi/ReferenceTypeImpl.java	Wed Jul 16 15:12:24 2014 -0700
@@ -529,7 +529,7 @@
          * to filter that ordered collection.
          */
         List<Method> list = allMethods();
-        list.retainAll(map.values());
+        list.retainAll(new HashSet<Method>(map.values()));
         return list;
     }
 
--- a/src/share/classes/java/lang/Class.java	Wed Jul 16 16:02:51 2014 +0400
+++ b/src/share/classes/java/lang/Class.java	Wed Jul 16 15:12:24 2014 -0700
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 1994, 2013, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 1994, 2014, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -130,11 +130,16 @@
     }
 
     /*
-     * Constructor. Only the Java Virtual Machine creates Class
-     * objects.
+     * Private constructor. Only the Java Virtual Machine creates Class objects.
+     * This constructor is not used and prevents the default constructor being
+     * generated.
      */
-    private Class() {}
-
+    private Class(ClassLoader loader, Class<?> arrayComponentType) {
+        // Initialize final field for classLoader.  The initialization value of non-null
+        // prevents future JIT optimizations from assuming this final field is null.
+        classLoader = loader;
+        componentType = arrayComponentType;
+    }
 
     /**
      * Converts the object to a string. The string representation is the
@@ -677,8 +682,10 @@
     }
 
     // Package-private to allow ClassLoader access
-    native ClassLoader getClassLoader0();
-
+    ClassLoader getClassLoader0() { return classLoader; }
+
+    // Initialized in JVM not by private constructor
+    private final ClassLoader classLoader;
 
     /**
      * Returns an array of {@code TypeVariable} objects that represent the
@@ -911,7 +918,16 @@
      * @see     java.lang.reflect.Array
      * @since 1.1
      */
-    public native Class<?> getComponentType();
+    public Class<?> getComponentType() {
+        // Only return for array types. Storage may be reused for Class for instance types.
+        if (isArray()) {
+            return componentType;
+        } else {
+            return null;
+        }
+    }
+
+    private final Class<?> componentType;
 
 
     /**
--- a/src/share/classes/java/lang/ConditionalSpecialCasing.java	Wed Jul 16 16:02:51 2014 +0400
+++ b/src/share/classes/java/lang/ConditionalSpecialCasing.java	Wed Jul 16 15:12:24 2014 -0700
@@ -147,7 +147,7 @@
     }
 
     private static char[] lookUpTable(String src, int index, Locale locale, boolean bLowerCasing) {
-        HashSet<Entry> set = entryTable.get(new Integer(src.codePointAt(index)));
+        HashSet<Entry> set = entryTable.get(src.codePointAt(index));
         char[] ret = null;
 
         if (set != null) {
--- a/src/share/classes/java/lang/ProcessBuilder.java	Wed Jul 16 16:02:51 2014 +0400
+++ b/src/share/classes/java/lang/ProcessBuilder.java	Wed Jul 16 15:12:24 2014 -0700
@@ -957,6 +957,7 @@
      * <li>The operating system program file was not found.
      * <li>Access to the program file was denied.
      * <li>The working directory does not exist.
+     * <li>Invalid character in command argument, such as NUL.
      * </ul>
      *
      * <p>In such cases an exception will be thrown.  The exact nature
@@ -1019,6 +1020,12 @@
 
         String dir = directory == null ? null : directory.toString();
 
+        for (int i = 1; i < cmdarray.length; i++) {
+            if (cmdarray[i].indexOf('\u0000') >= 0) {
+                throw new IOException("invalid null character in command");
+            }
+        }
+
         try {
             return ProcessImpl.start(cmdarray,
                                      environment,
--- a/src/share/classes/java/lang/invoke/MethodHandles.java	Wed Jul 16 16:02:51 2014 +0400
+++ b/src/share/classes/java/lang/invoke/MethodHandles.java	Wed Jul 16 15:12:24 2014 -0700
@@ -1505,6 +1505,10 @@
                 // that is *not* the bytecode behavior.
                 mods ^= Modifier.PROTECTED | Modifier.PUBLIC;
             }
+            if (Modifier.isProtected(mods) && refKind == REF_newInvokeSpecial) {
+                // cannot "new" a protected ctor in a different package
+                mods ^= Modifier.PROTECTED;
+            }
             if (Modifier.isFinal(mods) &&
                     MethodHandleNatives.refKindIsSetter(refKind))
                 throw m.makeAccessException("unexpected set of a final field", this);
--- a/src/share/classes/java/lang/reflect/AccessibleObject.java	Wed Jul 16 16:02:51 2014 +0400
+++ b/src/share/classes/java/lang/reflect/AccessibleObject.java	Wed Jul 16 15:12:24 2014 -0700
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 1997, 2013, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 1997, 2014, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -129,16 +129,24 @@
         setAccessible0(this, flag);
     }
 
-    /* Check that you aren't exposing java.lang.Class.<init>. */
+    /* Check that you aren't exposing java.lang.Class.<init> or sensitive
+       fields in java.lang.Class. */
     private static void setAccessible0(AccessibleObject obj, boolean flag)
         throws SecurityException
     {
         if (obj instanceof Constructor && flag == true) {
             Constructor<?> c = (Constructor<?>)obj;
             if (c.getDeclaringClass() == Class.class) {
-                throw new SecurityException("Can not make a java.lang.Class" +
+                throw new SecurityException("Cannot make a java.lang.Class" +
                                             " constructor accessible");
             }
+        } else if (obj instanceof Field && flag == true) {
+            Field f = (Field)obj;
+            if (f.getDeclaringClass() == Class.class &&
+                f.getName().equals("classLoader")) {
+                throw new SecurityException("Cannot make java.lang.Class.classLoader" +
+                                            " accessible");
+            }
         }
         obj.override = flag;
     }
--- a/src/share/classes/java/lang/reflect/Proxy.java	Wed Jul 16 16:02:51 2014 +0400
+++ b/src/share/classes/java/lang/reflect/Proxy.java	Wed Jul 16 15:12:24 2014 -0700
@@ -362,12 +362,13 @@
                                          Class<?>... interfaces)
         throws IllegalArgumentException
     {
-        SecurityManager sm = System.getSecurityManager();
+        final Class<?>[] intfs = interfaces.clone();
+        final SecurityManager sm = System.getSecurityManager();
         if (sm != null) {
-            checkProxyAccess(Reflection.getCallerClass(), loader, interfaces);
+            checkProxyAccess(Reflection.getCallerClass(), loader, intfs);
         }
 
-        return getProxyClass0(loader, interfaces);
+        return getProxyClass0(loader, intfs);
     }
 
     /*
@@ -706,15 +707,16 @@
     {
         Objects.requireNonNull(h);
 
+        final Class<?>[] intfs = interfaces.clone();
         final SecurityManager sm = System.getSecurityManager();
         if (sm != null) {
-            checkProxyAccess(Reflection.getCallerClass(), loader, interfaces);
+            checkProxyAccess(Reflection.getCallerClass(), loader, intfs);
         }
 
         /*
          * Look up or generate the designated proxy class.
          */
-        Class<?> cl = getProxyClass0(loader, interfaces);
+        Class<?> cl = getProxyClass0(loader, intfs);
 
         /*
          * Invoke its constructor with the designated invocation handler.
--- a/src/share/classes/java/net/AbstractPlainDatagramSocketImpl.java	Wed Jul 16 16:02:51 2014 +0400
+++ b/src/share/classes/java/net/AbstractPlainDatagramSocketImpl.java	Wed Jul 16 15:12:24 2014 -0700
@@ -322,13 +322,13 @@
 
         switch (optID) {
             case SO_TIMEOUT:
-                result = new Integer(timeout);
+                result = timeout;
                 break;
 
             case IP_TOS:
                 result = socketGetOption(optID);
                 if ( ((Integer)result).intValue() == -1) {
-                    result = new Integer(trafficClass);
+                    result = trafficClass;
                 }
                 break;
 
--- a/src/share/classes/java/net/AbstractPlainSocketImpl.java	Wed Jul 16 16:02:51 2014 +0400
+++ b/src/share/classes/java/net/AbstractPlainSocketImpl.java	Wed Jul 16 15:12:24 2014 -0700
@@ -279,7 +279,7 @@
             throw new SocketException("Socket Closed");
         }
         if (opt == SO_TIMEOUT) {
-            return new Integer(timeout);
+            return timeout;
         }
         int ret = 0;
         /*
@@ -299,7 +299,7 @@
             return Boolean.valueOf(ret != -1);
         case SO_LINGER:
             ret = socketGetOption(opt, null);
-            return (ret == -1) ? Boolean.FALSE: (Object)(new Integer(ret));
+            return (ret == -1) ? Boolean.FALSE: (Object)(ret);
         case SO_REUSEADDR:
             ret = socketGetOption(opt, null);
             return Boolean.valueOf(ret != -1);
@@ -310,13 +310,13 @@
         case SO_SNDBUF:
         case SO_RCVBUF:
             ret = socketGetOption(opt, null);
-            return new Integer(ret);
+            return ret;
         case IP_TOS:
             ret = socketGetOption(opt, null);
             if (ret == -1) { // ipv6 tos
-                return new Integer(trafficClass);
+                return trafficClass;
             } else {
-                return new Integer(ret);
+                return ret;
             }
         case SO_KEEPALIVE:
             ret = socketGetOption(opt, null);
--- a/src/share/classes/java/net/DatagramSocket.java	Wed Jul 16 16:02:51 2014 +0400
+++ b/src/share/classes/java/net/DatagramSocket.java	Wed Jul 16 15:12:24 2014 -0700
@@ -858,7 +858,7 @@
     public synchronized void setSoTimeout(int timeout) throws SocketException {
         if (isClosed())
             throw new SocketException("Socket is closed");
-        getImpl().setOption(SocketOptions.SO_TIMEOUT, new Integer(timeout));
+        getImpl().setOption(SocketOptions.SO_TIMEOUT, timeout);
     }
 
     /**
@@ -920,7 +920,7 @@
         }
         if (isClosed())
             throw new SocketException("Socket is closed");
-        getImpl().setOption(SocketOptions.SO_SNDBUF, new Integer(size));
+        getImpl().setOption(SocketOptions.SO_SNDBUF, size);
     }
 
     /**
@@ -978,7 +978,7 @@
         }
         if (isClosed())
             throw new SocketException("Socket is closed");
-        getImpl().setOption(SocketOptions.SO_RCVBUF, new Integer(size));
+        getImpl().setOption(SocketOptions.SO_RCVBUF, size);
     }
 
     /**
@@ -1040,7 +1040,7 @@
             throw new SocketException("Socket is closed");
         // Integer instead of Boolean for compatibility with older DatagramSocketImpl
         if (oldImpl)
-            getImpl().setOption(SocketOptions.SO_REUSEADDR, new Integer(on?-1:0));
+            getImpl().setOption(SocketOptions.SO_REUSEADDR, on?-1:0);
         else
             getImpl().setOption(SocketOptions.SO_REUSEADDR, Boolean.valueOf(on));
     }
@@ -1141,7 +1141,7 @@
 
         if (isClosed())
             throw new SocketException("Socket is closed");
-        getImpl().setOption(SocketOptions.IP_TOS, new Integer(tc));
+        getImpl().setOption(SocketOptions.IP_TOS, tc);
     }
 
     /**
--- a/src/share/classes/java/net/ServerSocket.java	Wed Jul 16 16:02:51 2014 +0400
+++ b/src/share/classes/java/net/ServerSocket.java	Wed Jul 16 15:12:24 2014 -0700
@@ -650,7 +650,7 @@
     public synchronized void setSoTimeout(int timeout) throws SocketException {
         if (isClosed())
             throw new SocketException("Socket is closed");
-        getImpl().setOption(SocketOptions.SO_TIMEOUT, new Integer(timeout));
+        getImpl().setOption(SocketOptions.SO_TIMEOUT, timeout);
     }
 
     /**
@@ -847,7 +847,7 @@
         }
         if (isClosed())
             throw new SocketException("Socket is closed");
-        getImpl().setOption(SocketOptions.SO_RCVBUF, new Integer(size));
+        getImpl().setOption(SocketOptions.SO_RCVBUF, size);
     }
 
     /**
--- a/src/share/classes/java/net/Socket.java	Wed Jul 16 16:02:51 2014 +0400
+++ b/src/share/classes/java/net/Socket.java	Wed Jul 16 15:12:24 2014 -0700
@@ -1024,7 +1024,7 @@
             }
             if (linger > 65535)
                 linger = 65535;
-            getImpl().setOption(SocketOptions.SO_LINGER, new Integer(linger));
+            getImpl().setOption(SocketOptions.SO_LINGER, linger);
         }
     }
 
@@ -1140,7 +1140,7 @@
         if (timeout < 0)
           throw new IllegalArgumentException("timeout can't be negative");
 
-        getImpl().setOption(SocketOptions.SO_TIMEOUT, new Integer(timeout));
+        getImpl().setOption(SocketOptions.SO_TIMEOUT, timeout);
     }
 
     /**
@@ -1196,7 +1196,7 @@
         }
         if (isClosed())
             throw new SocketException("Socket is closed");
-        getImpl().setOption(SocketOptions.SO_SNDBUF, new Integer(size));
+        getImpl().setOption(SocketOptions.SO_SNDBUF, size);
     }
 
     /**
@@ -1270,7 +1270,7 @@
         }
         if (isClosed())
             throw new SocketException("Socket is closed");
-        getImpl().setOption(SocketOptions.SO_RCVBUF, new Integer(size));
+        getImpl().setOption(SocketOptions.SO_RCVBUF, size);
     }
 
     /**
@@ -1380,7 +1380,7 @@
 
         if (isClosed())
             throw new SocketException("Socket is closed");
-        getImpl().setOption(SocketOptions.IP_TOS, new Integer(tc));
+        getImpl().setOption(SocketOptions.IP_TOS, tc);
     }
 
     /**
--- a/src/share/classes/java/net/URL.java	Wed Jul 16 16:02:51 2014 +0400
+++ b/src/share/classes/java/net/URL.java	Wed Jul 16 15:12:24 2014 -0700
@@ -1071,7 +1071,7 @@
     /**
      * The URLStreamHandler factory.
      */
-    static URLStreamHandlerFactory factory;
+    private static volatile URLStreamHandlerFactory factory;
 
     /**
      * Sets an application's {@code URLStreamHandlerFactory}.
@@ -1106,6 +1106,7 @@
                 security.checkSetFactory();
             }
             handlers.clear();
+            // safe publication of URLStreamHandlerFactory with volatile write
             factory = fac;
         }
     }
@@ -1127,9 +1128,11 @@
 
             boolean checkedWithFactory = false;
 
-            // Use the factory (if any)
-            if (factory != null) {
-                handler = factory.createURLStreamHandler(protocol);
+            // Use the factory (if any). Volatile read makes
+            // URLStreamHandlerFactory appear fully initialized to current thread.
+            URLStreamHandlerFactory fac = factory;
+            if (fac != null) {
+                handler = fac.createURLStreamHandler(protocol);
                 checkedWithFactory = true;
             }
 
@@ -1193,8 +1196,8 @@
 
                 // Check with factory if another thread set a
                 // factory since our last check
-                if (!checkedWithFactory && factory != null) {
-                    handler2 = factory.createURLStreamHandler(protocol);
+                if (!checkedWithFactory && (fac = factory) != null) {
+                    handler2 = fac.createURLStreamHandler(protocol);
                 }
 
                 if (handler2 != null) {
--- a/src/share/classes/java/nio/charset/CoderResult.java	Wed Jul 16 16:02:51 2014 +0400
+++ b/src/share/classes/java/nio/charset/CoderResult.java	Wed Jul 16 15:12:24 2014 -0700
@@ -200,7 +200,7 @@
         private synchronized CoderResult get(int len) {
             if (len <= 0)
                 throw new IllegalArgumentException("Non-positive length");
-            Integer k = new Integer(len);
+            Integer k = len;
             WeakReference<CoderResult> w;
             CoderResult e = null;
             if (cache == null) {
--- a/src/share/classes/java/security/Provider.java	Wed Jul 16 16:02:51 2014 +0400
+++ b/src/share/classes/java/security/Provider.java	Wed Jul 16 15:12:24 2014 -0700
@@ -1376,7 +1376,7 @@
      * <p>This class defines the methods {@link #supportsParameter
      * supportsParameter()} and {@link #newInstance newInstance()}
      * which are used by the Java security framework when it searches for
-     * suitable services and instantes them. The valid arguments to those
+     * suitable services and instantiates them. The valid arguments to those
      * methods depend on the type of service. For the service types defined
      * within Java SE, see the
      * <a href="../../../technotes/guides/security/crypto/CryptoSpec.html">
@@ -1566,7 +1566,7 @@
          *
          * @throws InvalidParameterException if the value of
          * constructorParameter is invalid for this type of service.
-         * @throws NoSuchAlgorithmException if instantation failed for
+         * @throws NoSuchAlgorithmException if instantiation failed for
          * any other reason.
          */
         public Object newInstance(Object constructorParameter)
@@ -1594,7 +1594,9 @@
                             + " engines");
                     }
                     Class<?> clazz = getImplClass();
-                    return clazz.newInstance();
+                    Class<?>[] empty = {};
+                    Constructor<?> con = clazz.getConstructor(empty);
+                    return con.newInstance();
                 } else {
                     Class<?> paramClass = cap.getConstructorParameterClass();
                     if (constructorParameter != null) {
@@ -1637,13 +1639,18 @@
                     } else {
                         clazz = cl.loadClass(className);
                     }
+                    if (!Modifier.isPublic(clazz.getModifiers())) {
+                        throw new NoSuchAlgorithmException
+                            ("class configured for " + type + " (provider: " +
+                            provider.getName() + ") is not public.");
+                    }
                     classRef = new WeakReference<Class<?>>(clazz);
                 }
                 return clazz;
             } catch (ClassNotFoundException e) {
                 throw new NoSuchAlgorithmException
-                    ("class configured for " + type + "(provider: " +
-                    provider.getName() + ")" + "cannot be found.", e);
+                    ("class configured for " + type + " (provider: " +
+                    provider.getName() + ") cannot be found.", e);
             }
         }
 
@@ -1656,15 +1663,21 @@
                 throws Exception {
             Class<?> clazz = getImplClass();
             if (constructorParameter == null) {
-                Object o = clazz.newInstance();
-                return o;
+                // create instance with public no-arg constructor if it exists
+                try {
+                    Class<?>[] empty = {};
+                    Constructor<?> con = clazz.getConstructor(empty);
+                    return con.newInstance();
+                } catch (NoSuchMethodException e) {
+                    throw new NoSuchAlgorithmException("No public no-arg "
+                        + "constructor found in class " + className);
+                }
             }
             Class<?> argClass = constructorParameter.getClass();
             Constructor<?>[] cons = clazz.getConstructors();
             // find first public constructor that can take the
             // argument as parameter
-            for (int i = 0; i < cons.length; i++) {
-                Constructor<?> con = cons[i];
+            for (Constructor<?> con : cons) {
                 Class<?>[] paramTypes = con.getParameterTypes();
                 if (paramTypes.length != 1) {
                     continue;
@@ -1672,10 +1685,9 @@
                 if (paramTypes[0].isAssignableFrom(argClass) == false) {
                     continue;
                 }
-                Object o = con.newInstance(new Object[] {constructorParameter});
-                return o;
+                return con.newInstance(constructorParameter);
             }
-            throw new NoSuchAlgorithmException("No constructor matching "
+            throw new NoSuchAlgorithmException("No public constructor matching "
                 + argClass.getName() + " found in class " + className);
         }
 
--- a/src/share/classes/java/security/SignedObject.java	Wed Jul 16 16:02:51 2014 +0400
+++ b/src/share/classes/java/security/SignedObject.java	Wed Jul 16 15:12:24 2014 -0700
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 1997, 2013, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 1997, 2014, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -211,7 +211,9 @@
      * @param verificationKey the public key for verification.
      * @param verificationEngine the signature verification engine.
      *
-     * @exception SignatureException if signature verification failed.
+     * @exception SignatureException if signature verification failed (an
+     *     exception prevented the signature verification engine from completing
+     *     normally).
      * @exception InvalidKeyException if the verification key is invalid.
      *
      * @return {@code true} if the signature
--- a/src/share/classes/java/util/IdentityHashMap.java	Wed Jul 16 16:02:51 2014 +0400
+++ b/src/share/classes/java/util/IdentityHashMap.java	Wed Jul 16 15:12:24 2014 -0700
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2000, 2013, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2000, 2014, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -25,7 +25,6 @@
 
 package java.util;
 
-import java.io.*;
 import java.lang.reflect.Array;
 import java.util.function.BiConsumer;
 import java.util.function.BiFunction;
@@ -74,7 +73,7 @@
  * maximum size and the number of buckets is unspecified.
  *
  * <p>If the size of the map (the number of key-value mappings) sufficiently
- * exceeds the expected maximum size, the number of buckets is increased
+ * exceeds the expected maximum size, the number of buckets is increased.
  * Increasing the number of buckets ("rehashing") may be fairly expensive, so
  * it pays to create identity hash maps with a sufficiently large expected
  * maximum size.  On the other hand, iteration over collection views requires
@@ -160,6 +159,10 @@
      * The maximum capacity, used if a higher value is implicitly specified
      * by either of the constructors with arguments.
      * MUST be a power of two <= 1<<29.
+     *
+     * In fact, the map can hold no more than MAXIMUM_CAPACITY-1 items
+     * because it has to have at least one slot with the key == null
+     * in order to avoid infinite loops in get(), put(), remove()
      */
     private static final int MAXIMUM_CAPACITY = 1 << 29;
 
@@ -181,11 +184,6 @@
     transient int modCount;
 
     /**
-     * The next size value at which to resize (capacity * load factor).
-     */
-    private transient int threshold;
-
-    /**
      * Value representing null keys inside tables.
      */
     static final Object NULL_KEY = new Object();
@@ -229,27 +227,18 @@
     }
 
     /**
-     * Returns the appropriate capacity for the specified expected maximum
-     * size.  Returns the smallest power of two between MINIMUM_CAPACITY
-     * and MAXIMUM_CAPACITY, inclusive, that is greater than
-     * (3 * expectedMaxSize)/2, if such a number exists.  Otherwise
-     * returns MAXIMUM_CAPACITY.  If (3 * expectedMaxSize)/2 is negative, it
-     * is assumed that overflow has occurred, and MAXIMUM_CAPACITY is returned.
+     * Returns the appropriate capacity for the given expected maximum size.
+     * Returns the smallest power of two between MINIMUM_CAPACITY and
+     * MAXIMUM_CAPACITY, inclusive, that is greater than (3 *
+     * expectedMaxSize)/2, if such a number exists.  Otherwise returns
+     * MAXIMUM_CAPACITY.
      */
-    private int capacity(int expectedMaxSize) {
-        // Compute min capacity for expectedMaxSize given a load factor of 2/3
-        int minCapacity = (3 * expectedMaxSize)/2;
-
-        // Compute the appropriate capacity
-        int result;
-        if (minCapacity > MAXIMUM_CAPACITY || minCapacity < 0) {
-            result = MAXIMUM_CAPACITY;
-        } else {
-            result = MINIMUM_CAPACITY;
-            while (result < minCapacity)
-                result <<= 1;
-        }
-        return result;
+    private static int capacity(int expectedMaxSize) {
+        // assert expectedMaxSize >= 0;
+        return
+            (expectedMaxSize > MAXIMUM_CAPACITY / 3) ? MAXIMUM_CAPACITY :
+            (expectedMaxSize <= 2 * MINIMUM_CAPACITY / 3) ? MINIMUM_CAPACITY :
+            Integer.highestOneBit(expectedMaxSize + (expectedMaxSize << 1));
     }
 
     /**
@@ -262,7 +251,6 @@
         // assert initCapacity >= MINIMUM_CAPACITY;
         // assert initCapacity <= MAXIMUM_CAPACITY;
 
-        threshold = (initCapacity * 2)/3;
         table = new Object[2 * initCapacity];
     }
 
@@ -429,52 +417,58 @@
      * @see     #containsKey(Object)
      */
     public V put(K key, V value) {
-        Object k = maskNull(key);
-        Object[] tab = table;
-        int len = tab.length;
-        int i = hash(k, len);
+        final Object k = maskNull(key);
 
-        Object item;
-        while ( (item = tab[i]) != null) {
-            if (item == k) {
-                @SuppressWarnings("unchecked")
-                    V oldValue = (V) tab[i + 1];
-                tab[i + 1] = value;
-                return oldValue;
+        retryAfterResize: for (;;) {
+            final Object[] tab = table;
+            final int len = tab.length;
+            int i = hash(k, len);
+
+            for (Object item; (item = tab[i]) != null;
+                 i = nextKeyIndex(i, len)) {
+                if (item == k) {
+                    @SuppressWarnings("unchecked")
+                        V oldValue = (V) tab[i + 1];
+                    tab[i + 1] = value;
+                    return oldValue;
+                }
             }
-            i = nextKeyIndex(i, len);
+
+            final int s = size + 1;
+            // Use optimized form of 3 * s.
+            // Next capacity is len, 2 * current capacity.
+            if (s + (s << 1) > len && resize(len))
+                continue retryAfterResize;
+
+            modCount++;
+            tab[i] = k;
+            tab[i + 1] = value;
+            size = s;
+            return null;
         }
-
-        modCount++;
-        tab[i] = k;
-        tab[i + 1] = value;
-        if (++size >= threshold)
-            resize(len); // len == 2 * current capacity.
-        return null;
     }
 
     /**
-     * Resize the table to hold given capacity.
+     * Resizes the table if necessary to hold given capacity.
      *
      * @param newCapacity the new capacity, must be a power of two.
+     * @return whether a resize did in fact take place
      */
-    private void resize(int newCapacity) {
+    private boolean resize(int newCapacity) {
         // assert (newCapacity & -newCapacity) == newCapacity; // power of 2
         int newLength = newCapacity * 2;
 
         Object[] oldTable = table;
         int oldLength = oldTable.length;
-        if (oldLength == 2*MAXIMUM_CAPACITY) { // can't expand any further
-            if (threshold == MAXIMUM_CAPACITY-1)
+        if (oldLength == 2 * MAXIMUM_CAPACITY) { // can't expand any further
+            if (size == MAXIMUM_CAPACITY - 1)
                 throw new IllegalStateException("Capacity exhausted.");
-            threshold = MAXIMUM_CAPACITY-1;  // Gigantic map!
-            return;
+            return false;
         }
         if (oldLength >= newLength)
-            return;
+            return false;
 
         Object[] newTable = new Object[newLength];
-        threshold = newLength / 3;
 
         for (int j = 0; j < oldLength; j += 2) {
             Object key = oldTable[j];
@@ -490,6 +484,7 @@
             }
         }
         table = newTable;
+        return true;
     }
 
     /**
@@ -504,8 +499,8 @@
         int n = m.size();
         if (n == 0)
             return;
-        if (n > threshold) // conservatively pre-expand
-            resize(capacity(n));
+        if (n > size)
+            resize(capacity(n)); // conservatively pre-expand
 
         for (Entry<? extends K, ? extends V> e : m.entrySet())
             put(e.getKey(), e.getValue());
@@ -542,7 +537,6 @@
                 return null;
             i = nextKeyIndex(i, len);
         }
-
     }
 
     /**
@@ -1266,8 +1260,8 @@
     private static final long serialVersionUID = 8188218128353913216L;
 
     /**
-     * Save the state of the <tt>IdentityHashMap</tt> instance to a stream
-     * (i.e., serialize it).
+     * Saves the state of the <tt>IdentityHashMap</tt> instance to a stream
+     * (i.e., serializes it).
      *
      * @serialData The <i>size</i> of the HashMap (the number of key-value
      *          mappings) (<tt>int</tt>), followed by the key (Object) and
@@ -1295,8 +1289,8 @@
     }
 
     /**
-     * Reconstitute the <tt>IdentityHashMap</tt> instance from a stream (i.e.,
-     * deserialize it).
+     * Reconstitutes the <tt>IdentityHashMap</tt> instance from a stream (i.e.,
+     * deserializes it).
      */
     private void readObject(java.io.ObjectInputStream s)
         throws java.io.IOException, ClassNotFoundException  {
@@ -1305,9 +1299,10 @@
 
         // Read in size (number of Mappings)
         int size = s.readInt();
-
-        // Allow for 33% growth (i.e., capacity is >= 2* size()).
-        init(capacity((size*4)/3));
+        if (size < 0)
+            throw new java.io.StreamCorruptedException
+                ("Illegal mappings count: " + size);
+        init(capacity(size));
 
         // Read the keys and values, and put the mappings in the table
         for (int i=0; i<size; i++) {
@@ -1324,7 +1319,7 @@
      * update modCount, etc.
      */
     private void putForCreate(K key, V value)
-        throws IOException
+        throws java.io.StreamCorruptedException
     {
         Object k = maskNull(key);
         Object[] tab = table;
--- a/src/share/classes/java/util/Locale.java	Wed Jul 16 16:02:51 2014 +0400
+++ b/src/share/classes/java/util/Locale.java	Wed Jul 16 15:12:24 2014 -0700
@@ -1924,7 +1924,7 @@
         // the qualifier; if there are no qualifiers, the third element is
         // unused by the format pattern.
         Object[] displayNames = {
-            new Integer(qualifierNames.length != 0 ? 2 : 1),
+            qualifierNames.length != 0 ? 2 : 1,
             mainName,
             // We could also just call formatList() and have it handle the empty
             // list case, but this is more efficient, and we want it to be
@@ -2078,7 +2078,7 @@
         // Rebuild the argument list with the list length as the first element
         Object[] args = new Object[stringList.length + 1];
         System.arraycopy(stringList, 0, args, 1, stringList.length);
-        args[0] = new Integer(stringList.length);
+        args[0] = stringList.length;
 
         // Format it using the pattern in the resource
         MessageFormat format = new MessageFormat(listPattern);
--- a/src/share/classes/java/util/concurrent/atomic/AtomicReferenceFieldUpdater.java	Wed Jul 16 16:02:51 2014 +0400
+++ b/src/share/classes/java/util/concurrent/atomic/AtomicReferenceFieldUpdater.java	Wed Jul 16 15:12:24 2014 -0700
@@ -334,6 +334,8 @@
 
             if (vclass != fieldClass)
                 throw new ClassCastException();
+            if (vclass.isPrimitive())
+                throw new IllegalArgumentException("Must be reference type");
 
             if (!Modifier.isVolatile(modifiers))
                 throw new IllegalArgumentException("Must be volatile type");
--- a/src/share/classes/java/util/prefs/XmlSupport.java	Wed Jul 16 16:02:51 2014 +0400
+++ b/src/share/classes/java/util/prefs/XmlSupport.java	Wed Jul 16 15:12:24 2014 -0700
@@ -262,7 +262,7 @@
         try {
             TransformerFactory tf = TransformerFactory.newInstance();
             try {
-                tf.setAttribute("indent-number", new Integer(2));
+                tf.setAttribute("indent-number", 2);
             } catch (IllegalArgumentException iae) {
                 //Ignore the IAE. Should not fail the writeout even the
                 //transformer provider does not support "indent-number".
--- a/src/share/classes/java/util/regex/Pattern.java	Wed Jul 16 16:02:51 2014 +0400
+++ b/src/share/classes/java/util/regex/Pattern.java	Wed Jul 16 15:12:24 2014 -0700
@@ -917,6 +917,13 @@
      */
     public static final int UNICODE_CHARACTER_CLASS = 0x100;
 
+    /**
+     * Contains all possible flags for compile(regex, flags).
+     */
+    private static final int ALL_FLAGS = CASE_INSENSITIVE | MULTILINE |
+            DOTALL | UNICODE_CASE | CANON_EQ | UNIX_LINES | LITERAL |
+            UNICODE_CHARACTER_CLASS | COMMENTS;
+
     /* Pattern has only two serialized components: The pattern string
      * and the flags, which are all that is needed to recompile the pattern
      * when it is deserialized.
@@ -1336,6 +1343,10 @@
      * only a Start node and a LastNode node.
      */
     private Pattern(String p, int f) {
+        if ((f & ~ALL_FLAGS) != 0) {
+            throw new IllegalArgumentException("Unknown flag 0x"
+                                               + Integer.toHexString(f));
+        }
         pattern = p;
         flags = f;
 
--- a/src/share/classes/java/util/stream/AbstractPipeline.java	Wed Jul 16 16:02:51 2014 +0400
+++ b/src/share/classes/java/util/stream/AbstractPipeline.java	Wed Jul 16 15:12:24 2014 -0700
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2012, 2013, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2012, 2014, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -322,6 +322,7 @@
     @Override
     @SuppressWarnings("unchecked")
     public S onClose(Runnable closeHandler) {
+        Objects.requireNonNull(closeHandler);
         Runnable existingHandler = sourceStage.sourceCloseAction;
         sourceStage.sourceCloseAction =
                 (existingHandler == null)
@@ -406,7 +407,7 @@
                         // Clear the short circuit flag for next pipeline stage
                         // This stage encapsulates short-circuiting, the next
                         // stage may not have any short-circuit operations, and
-                        // if so spliterator.forEachRemaining should be be used
+                        // if so spliterator.forEachRemaining should be used
                         // for traversal
                         thisOpFlags = thisOpFlags & ~StreamOpFlag.IS_SHORT_CIRCUIT;
                     }
--- a/src/share/classes/java/util/stream/BaseStream.java	Wed Jul 16 16:02:51 2014 +0400
+++ b/src/share/classes/java/util/stream/BaseStream.java	Wed Jul 16 15:12:24 2014 -0700
@@ -53,7 +53,7 @@
  * parallelism, which governs the behavior of all stream types.
  *
  * @param <T> the type of the stream elements
- * @param <S> the type of of the stream implementing {@code BaseStream}
+ * @param <S> the type of the stream implementing {@code BaseStream}
  * @since 1.8
  * @see Stream
  * @see IntStream
--- a/src/share/classes/java/util/stream/DoublePipeline.java	Wed Jul 16 16:02:51 2014 +0400
+++ b/src/share/classes/java/util/stream/DoublePipeline.java	Wed Jul 16 15:12:24 2014 -0700
@@ -254,6 +254,7 @@
 
     @Override
     public final DoubleStream flatMap(DoubleFunction<? extends DoubleStream> mapper) {
+        Objects.requireNonNull(mapper);
         return new StatelessOp<Double>(this, StreamShape.DOUBLE_VALUE,
                                         StreamOpFlag.NOT_SORTED | StreamOpFlag.NOT_DISTINCT | StreamOpFlag.NOT_SIZED) {
             @Override
@@ -469,6 +470,7 @@
     public final <R> R collect(Supplier<R> supplier,
                                ObjDoubleConsumer<R> accumulator,
                                BiConsumer<R, R> combiner) {
+        Objects.requireNonNull(combiner);
         BinaryOperator<R> operator = (left, right) -> {
             combiner.accept(left, right);
             return left;
--- a/src/share/classes/java/util/stream/DoubleStream.java	Wed Jul 16 16:02:51 2014 +0400
+++ b/src/share/classes/java/util/stream/DoubleStream.java	Wed Jul 16 15:12:24 2014 -0700
@@ -768,7 +768,7 @@
      *  to the element at position {@code n - 1}.
      *
      * @param seed the initial element
-     * @param f a function to be applied to to the previous element to produce
+     * @param f a function to be applied to the previous element to produce
      *          a new element
      * @return a new sequential {@code DoubleStream}
      */
--- a/src/share/classes/java/util/stream/IntPipeline.java	Wed Jul 16 16:02:51 2014 +0400
+++ b/src/share/classes/java/util/stream/IntPipeline.java	Wed Jul 16 15:12:24 2014 -0700
@@ -290,6 +290,7 @@
 
     @Override
     public final IntStream flatMap(IntFunction<? extends IntStream> mapper) {
+        Objects.requireNonNull(mapper);
         return new StatelessOp<Integer>(this, StreamShape.INT_VALUE,
                                         StreamOpFlag.NOT_SORTED | StreamOpFlag.NOT_DISTINCT | StreamOpFlag.NOT_SIZED) {
             @Override
@@ -465,6 +466,7 @@
     public final <R> R collect(Supplier<R> supplier,
                                ObjIntConsumer<R> accumulator,
                                BiConsumer<R, R> combiner) {
+        Objects.requireNonNull(combiner);
         BinaryOperator<R> operator = (left, right) -> {
             combiner.accept(left, right);
             return left;
--- a/src/share/classes/java/util/stream/IntStream.java	Wed Jul 16 16:02:51 2014 +0400
+++ b/src/share/classes/java/util/stream/IntStream.java	Wed Jul 16 15:12:24 2014 -0700
@@ -734,7 +734,7 @@
      * element at position {@code n - 1}.
      *
      * @param seed the initial element
-     * @param f a function to be applied to to the previous element to produce
+     * @param f a function to be applied to the previous element to produce
      *          a new element
      * @return A new sequential {@code IntStream}
      */
--- a/src/share/classes/java/util/stream/LongPipeline.java	Wed Jul 16 16:02:51 2014 +0400
+++ b/src/share/classes/java/util/stream/LongPipeline.java	Wed Jul 16 15:12:24 2014 -0700
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2013, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2013, 2014, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -271,6 +271,7 @@
 
     @Override
     public final LongStream flatMap(LongFunction<? extends LongStream> mapper) {
+        Objects.requireNonNull(mapper);
         return new StatelessOp<Long>(this, StreamShape.LONG_VALUE,
                                      StreamOpFlag.NOT_SORTED | StreamOpFlag.NOT_DISTINCT | StreamOpFlag.NOT_SIZED) {
             @Override
@@ -447,6 +448,7 @@
     public final <R> R collect(Supplier<R> supplier,
                                ObjLongConsumer<R> accumulator,
                                BiConsumer<R, R> combiner) {
+        Objects.requireNonNull(combiner);
         BinaryOperator<R> operator = (left, right) -> {
             combiner.accept(left, right);
             return left;
--- a/src/share/classes/java/util/stream/LongStream.java	Wed Jul 16 16:02:51 2014 +0400
+++ b/src/share/classes/java/util/stream/LongStream.java	Wed Jul 16 15:12:24 2014 -0700
@@ -727,7 +727,7 @@
      * element at position {@code n - 1}.
      *
      * @param seed the initial element
-     * @param f a function to be applied to to the previous element to produce
+     * @param f a function to be applied to the previous element to produce
      *          a new element
      * @return a new sequential {@code LongStream}
      */
--- a/src/share/classes/java/util/stream/PipelineHelper.java	Wed Jul 16 16:02:51 2014 +0400
+++ b/src/share/classes/java/util/stream/PipelineHelper.java	Wed Jul 16 15:12:24 2014 -0700
@@ -74,7 +74,7 @@
     /**
      * Returns the exact output size of the portion of the output resulting from
      * applying the pipeline stages described by this {@code PipelineHelper} to
-     * the the portion of the input described by the provided
+     * the portion of the input described by the provided
      * {@code Spliterator}, if known.  If not known or known infinite, will
      * return {@code -1}.
      *
--- a/src/share/classes/java/util/stream/SliceOps.java	Wed Jul 16 16:02:51 2014 +0400
+++ b/src/share/classes/java/util/stream/SliceOps.java	Wed Jul 16 15:12:24 2014 -0700
@@ -693,7 +693,7 @@
          * size.
          *
          * @param target the target size
-         * @return return the number of completed elements
+         * @return the number of completed elements
          */
         private long completedSize(long target) {
             if (completed)
--- a/src/share/classes/java/util/stream/Stream.java	Wed Jul 16 16:02:51 2014 +0400
+++ b/src/share/classes/java/util/stream/Stream.java	Wed Jul 16 15:12:24 2014 -0700
@@ -1013,7 +1013,7 @@
      *
      * @param <T> the type of stream elements
      * @param seed the initial element
-     * @param f a function to be applied to to the previous element to produce
+     * @param f a function to be applied to the previous element to produce
      *          a new element
      * @return a new sequential {@code Stream}
      */
--- a/src/share/classes/java/util/stream/StreamOpFlag.java	Wed Jul 16 16:02:51 2014 +0400
+++ b/src/share/classes/java/util/stream/StreamOpFlag.java	Wed Jul 16 15:12:24 2014 -0700
@@ -115,7 +115,7 @@
  * characteristics that stream has; when describing a stream operation, one need
  * describe whether the operation preserves, injects, or clears that
  * characteristic.  Accordingly, two bits are used for each flag, so as to allow
- * representing not only the presence of of a characteristic, but how an
+ * representing not only the presence of a characteristic, but how an
  * operation modifies that characteristic.  There are two common forms in which
  * flag bits are combined into an {@code int} bit set.  <em>Stream flags</em>
  * are a unioned bit set constructed by ORing the enum characteristic values of
--- a/src/share/classes/javax/crypto/CryptoPolicyParser.java	Wed Jul 16 16:02:51 2014 +0400
+++ b/src/share/classes/javax/crypto/CryptoPolicyParser.java	Wed Jul 16 15:12:24 2014 -0700
@@ -256,11 +256,11 @@
             while (peek(",")) {
                 match(",");
                 if (peek("number")) {
-                    paramsV.addElement(new Integer(match()));
+                    paramsV.addElement(match());
                 } else {
                     if (peek("*")) {
                         match("*");
-                        paramsV.addElement(new Integer(Integer.MAX_VALUE));
+                        paramsV.addElement(Integer.MAX_VALUE);
                     } else {
                         throw new ParsingException(st.lineno(),
                                                    "Expecting an integer");
--- a/src/share/classes/javax/crypto/spec/SecretKeySpec.java	Wed Jul 16 16:02:51 2014 +0400
+++ b/src/share/classes/javax/crypto/spec/SecretKeySpec.java	Wed Jul 16 15:12:24 2014 -0700
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 1998, 2013, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 1998, 2014, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -26,6 +26,7 @@
 package javax.crypto.spec;
 
 import java.security.spec.KeySpec;
+import java.util.Locale;
 import javax.crypto.SecretKey;
 
 /**
@@ -194,7 +195,8 @@
         if (this.algorithm.equalsIgnoreCase("TripleDES"))
             return (retval ^= "desede".hashCode());
         else
-            return (retval ^= this.algorithm.toLowerCase().hashCode());
+            return (retval ^=
+                    this.algorithm.toLowerCase(Locale.ENGLISH).hashCode());
     }
 
    /**
--- a/src/share/classes/javax/management/loading/MLet.java	Wed Jul 16 16:02:51 2014 +0400
+++ b/src/share/classes/javax/management/loading/MLet.java	Wed Jul 16 15:12:24 2014 -0700
@@ -1313,7 +1313,7 @@
         if (type.compareTo("java.lang.Long") == 0)
              return Long.valueOf(param);
         if (type.compareTo("java.lang.Integer") == 0)
-             return new Integer(param);
+             return param;
         if (type.compareTo("java.lang.Float") == 0)
              return new Float(param);
         if (type.compareTo("java.lang.Double") == 0)
--- a/src/share/classes/javax/management/relation/RelationService.java	Wed Jul 16 16:02:51 2014 +0400
+++ b/src/share/classes/javax/management/relation/RelationService.java	Wed Jul 16 15:12:24 2014 -0700
@@ -3208,7 +3208,7 @@
                 // End of check :)
                 RELATION_LOGGER.exiting(RelationService.class.getName(),
                         "checkRoleInt");
-                return new Integer(0);
+                return 0;
             }
         }
 
@@ -3218,7 +3218,7 @@
             if (!isWritable) {
                 RELATION_LOGGER.exiting(RelationService.class.getName(),
                         "checkRoleInt");
-                return new Integer(RoleStatus.ROLE_NOT_WRITABLE);
+                return RoleStatus.ROLE_NOT_WRITABLE;
             }
         }
 
@@ -3229,7 +3229,7 @@
         if (!chkMinFlag) {
             RELATION_LOGGER.exiting(RelationService.class.getName(),
                     "checkRoleInt");
-            return new Integer(RoleStatus.LESS_THAN_MIN_ROLE_DEGREE);
+            return RoleStatus.LESS_THAN_MIN_ROLE_DEGREE;
         }
 
         // Checks maximum cardinality
@@ -3237,7 +3237,7 @@
         if (!chkMaxFlag) {
             RELATION_LOGGER.exiting(RelationService.class.getName(),
                     "checkRoleInt");
-            return new Integer(RoleStatus.MORE_THAN_MAX_ROLE_DEGREE);
+            return RoleStatus.MORE_THAN_MAX_ROLE_DEGREE;
         }
 
         // Verifies that each referenced MBean is registered in the MBean
@@ -3254,7 +3254,7 @@
             if (currObjName == null) {
                 RELATION_LOGGER.exiting(RelationService.class.getName(),
                         "checkRoleInt");
-                return new Integer(RoleStatus.REF_MBEAN_NOT_REGISTERED);
+                return RoleStatus.REF_MBEAN_NOT_REGISTERED;
             }
 
             // Checks if it is of the correct class
@@ -3265,19 +3265,19 @@
                 if (!classSts) {
                     RELATION_LOGGER.exiting(RelationService.class.getName(),
                             "checkRoleInt");
-                    return new Integer(RoleStatus.REF_MBEAN_OF_INCORRECT_CLASS);
+                    return RoleStatus.REF_MBEAN_OF_INCORRECT_CLASS;
                 }
 
             } catch (InstanceNotFoundException exc) {
                 RELATION_LOGGER.exiting(RelationService.class.getName(),
                         "checkRoleInt");
-                return new Integer(RoleStatus.REF_MBEAN_NOT_REGISTERED);
+                return RoleStatus.REF_MBEAN_NOT_REGISTERED;
             }
         }
 
         RELATION_LOGGER.exiting(RelationService.class.getName(),
                 "checkRoleInt");
-        return new Integer(0);
+        return 0;
     }
 
 
--- a/src/share/classes/javax/security/sasl/SaslClient.java	Wed Jul 16 16:02:51 2014 +0400
+++ b/src/share/classes/javax/security/sasl/SaslClient.java	Wed Jul 16 15:12:24 2014 -0700
@@ -204,6 +204,10 @@
      * This method can be called only after the authentication exchange has
      * completed (i.e., when {@code isComplete()} returns true); otherwise, an
      * {@code IllegalStateException} is thrown.
+     * <p>
+     * The {@link Sasl} class includes several well-known property names
+     * (For example, {@link Sasl#QOP}). A SASL provider can support other
+     * properties which are specific to the vendor and/or a mechanism.
      *
      * @param propName The non-null property name.
      * @return The value of the negotiated property. If null, the property was
--- a/src/share/classes/javax/security/sasl/SaslServer.java	Wed Jul 16 16:02:51 2014 +0400
+++ b/src/share/classes/javax/security/sasl/SaslServer.java	Wed Jul 16 15:12:24 2014 -0700
@@ -196,6 +196,10 @@
      * This method can be called only after the authentication exchange has
      * completed (i.e., when {@code isComplete()} returns true); otherwise, an
      * {@code IllegalStateException} is thrown.
+     * <p>
+     * The {@link Sasl} class includes several well-known property names
+     * (For example, {@link Sasl#QOP}). A SASL provider can support other
+     * properties which are specific to the vendor and/or a mechanism.
      *
      * @param propName the property
      * @return The value of the negotiated property. If null, the property was
--- a/src/share/classes/javax/swing/filechooser/FileSystemView.java	Wed Jul 16 16:02:51 2014 +0400
+++ b/src/share/classes/javax/swing/filechooser/FileSystemView.java	Wed Jul 16 15:12:24 2014 -0700
@@ -739,7 +739,8 @@
      * @return the Desktop folder.
      */
     public File getHomeDirectory() {
-        return getRoots()[0];
+        File[] roots = getRoots();
+        return (roots.length == 0) ? null : roots[0];
     }
 
     /**
--- a/src/share/classes/org/jcp/xml/dsig/internal/dom/DOMSignedInfo.java	Wed Jul 16 16:02:51 2014 +0400
+++ b/src/share/classes/org/jcp/xml/dsig/internal/dom/DOMSignedInfo.java	Wed Jul 16 15:12:24 2014 -0700
@@ -221,8 +221,17 @@
         }
 
         OutputStream os = new UnsyncBufferedOutputStream(bos);
+
+        DOMSubTreeData subTree = new DOMSubTreeData(localSiElem, true);
         try {
-            os.close();
+            ((DOMCanonicalizationMethod)
+                canonicalizationMethod).canonicalize(subTree, context, os);
+        } catch (TransformException te) {
+            throw new XMLSignatureException(te);
+        }
+
+        try {
+            os.flush();
         } catch (IOException e) {
             if (log.isLoggable(java.util.logging.Level.FINE)) {
                 log.log(java.util.logging.Level.FINE, e.getMessage(), e);
@@ -230,15 +239,6 @@
             // Impossible
         }
 
-        DOMSubTreeData subTree = new DOMSubTreeData(localSiElem, true);
-
-        try {
-            ((DOMCanonicalizationMethod)
-                canonicalizationMethod).canonicalize(subTree, context, bos);
-        } catch (TransformException te) {
-            throw new XMLSignatureException(te);
-        }
-
         byte[] signedInfoBytes = bos.toByteArray();
 
         // this whole block should only be done if logging is enabled
@@ -253,6 +253,15 @@
         }
 
         this.canonData = new ByteArrayInputStream(signedInfoBytes);
+
+        try {
+            os.close();
+        } catch (IOException e) {
+            if (log.isLoggable(java.util.logging.Level.FINE)) {
+                log.log(java.util.logging.Level.FINE, e.getMessage(), e);
+            }
+            // Impossible
+        }
     }
 
     public void marshal(Node parent, String dsPrefix, DOMCryptoContext context)
--- a/src/share/classes/sun/awt/AppContext.java	Wed Jul 16 16:02:51 2014 +0400
+++ b/src/share/classes/sun/awt/AppContext.java	Wed Jul 16 15:12:24 2014 -0700
@@ -331,6 +331,20 @@
                     while (context == null) {
                         threadGroup = threadGroup.getParent();
                         if (threadGroup == null) {
+                            // We've got up to the root thread group and did not find an AppContext
+                            // Try to get it from the security manager
+                            SecurityManager securityManager = System.getSecurityManager();
+                            if (securityManager != null) {
+                                ThreadGroup smThreadGroup = securityManager.getThreadGroup();
+                                if (smThreadGroup != null) {
+                                    /*
+                                     * If we get this far then it's likely that
+                                     * the ThreadGroup does not actually belong
+                                     * to the applet, so do not cache it.
+                                     */
+                                    return threadGroup2appContext.get(smThreadGroup);
+                                }
+                            }
                             return null;
                         }
                         context = threadGroup2appContext.get(threadGroup);
--- a/src/share/classes/sun/jvmstat/monitor/event/MonitorStatusChangeEvent.java	Wed Jul 16 16:02:51 2014 +0400
+++ b/src/share/classes/sun/jvmstat/monitor/event/MonitorStatusChangeEvent.java	Wed Jul 16 15:12:24 2014 -0700
@@ -27,6 +27,7 @@
 
 import java.util.List;
 import sun.jvmstat.monitor.MonitoredVm;
+import sun.jvmstat.monitor.Monitor;
 
 /**
  * Provides a description of a change in status of the instrumentation
@@ -42,13 +43,13 @@
      * List of instrumentation objects inserted since the last event.
      * Elements of this list will always be of type Monitor.
      */
-    protected List inserted;
+    protected List<Monitor> inserted;
 
     /**
      * List of instrumentation objects removed since the last event.
      * Elements of this list will always be of type Monitor.
      */
-    protected List removed;
+    protected List<Monitor> removed;
 
     /**
      * Construct a new MonitorStatusChangeEvent.
@@ -59,8 +60,8 @@
      * @param removed the list of instrumentation objects removed since
      *                the last event.
      */
-    public MonitorStatusChangeEvent(MonitoredVm vm, List inserted,
-                                    List removed) {
+    public MonitorStatusChangeEvent(MonitoredVm vm, List<Monitor> inserted,
+                                    List<Monitor> removed) {
         super(vm);
         this.inserted = inserted;
         this.removed = removed;
@@ -75,7 +76,7 @@
      *                new instrumentation was inserted, an emply List is
      *                returned.
      */
-    public List getInserted() {
+    public List<Monitor> getInserted() {
         return inserted;
     }
 
@@ -87,7 +88,7 @@
      *                instrumentation exported by the MonitoredHost. If no
      *                instrumentation was removed, an emply List is returned.
      */
-    public List getRemoved() {
+    public List<Monitor> getRemoved() {
         return removed;
     }
 }
--- a/src/share/classes/sun/jvmstat/monitor/event/VmStatusChangeEvent.java	Wed Jul 16 16:02:51 2014 +0400
+++ b/src/share/classes/sun/jvmstat/monitor/event/VmStatusChangeEvent.java	Wed Jul 16 15:12:24 2014 -0700
@@ -44,7 +44,7 @@
      * active Java Virtual Machine on the MonitoredHost. This Set will only
      * contain Integer objects.
      */
-    protected Set active;
+    protected Set<Integer> active;
 
     /**
      * The set of Java Virtual Machines started on MonitoredHost since the
@@ -52,7 +52,7 @@
      * <em>lvmid</em> for each Java Virtual Machine started on the
      * MonitoredHost. This Set will only contain Integer objects.
      */
-    protected Set started;
+    protected Set<Integer> started;
 
     /**
      * The set of Java Virtual Machines terminated on MonitoredHost since the
@@ -60,7 +60,7 @@
      * <em>lvmid</em> for each Java Virtual Machine started on the
      * MonitoredHost. This Set will only contain Integer objects.
      */
-    protected Set terminated;
+    protected Set<Integer> terminated;
 
     /**
      * Construct a new VmStatusChangeEvent instance.
@@ -72,8 +72,8 @@
      * @param terminated the set of Java Virtual Machines terminated since
      *                   the last event.
      */
-    public VmStatusChangeEvent(MonitoredHost host, Set active,
-                               Set started, Set terminated) {
+    public VmStatusChangeEvent(MonitoredHost host, Set<Integer> active,
+                               Set<Integer> started, Set<Integer> terminated) {
         super(host);
         this.active = active;
         this.started = started;
@@ -90,7 +90,7 @@
      *               there are no active Java Virtual Machines on the host,
      *               an empty Set is returned.
      */
-    public Set getActive() {
+    public Set<Integer> getActive() {
         return active;
     }
 
@@ -105,7 +105,7 @@
      *               no Java Virtual Machines were recently started on the
      *               host, an empty Set is returned.
      */
-    public Set getStarted() {
+    public Set<Integer> getStarted() {
         return started;
     }
 
@@ -120,7 +120,7 @@
      *               no Java Virtual Machines were recently terminated on the
      *               host, an empty Set is returned.
      */
-    public Set getTerminated() {
+    public Set<Integer> getTerminated() {
         return terminated;
     }
 }
--- a/src/share/classes/sun/jvmstat/perfdata/monitor/AbstractPerfDataBuffer.java	Wed Jul 16 16:02:51 2014 +0400
+++ b/src/share/classes/sun/jvmstat/perfdata/monitor/AbstractPerfDataBuffer.java	Wed Jul 16 15:12:24 2014 -0700
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2004, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2004, 2014, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -169,13 +169,13 @@
 
         try {
             Class<?> implClass = Class.forName(classname);
-            Constructor cons = implClass.getConstructor(new Class[] {
+            Constructor<?> cons = implClass.getConstructor(new Class<?>[] {
                     Class.forName("java.nio.ByteBuffer"),
                     Integer.TYPE
             });
 
             impl = (PerfDataBufferImpl)cons.newInstance(new Object[] {
-                     bb, new Integer(lvmid)
+                     bb, lvmid
             });
 
         } catch (ClassNotFoundException e) {
--- a/src/share/classes/sun/jvmstat/perfdata/monitor/MonitorStatus.java	Wed Jul 16 16:02:51 2014 +0400
+++ b/src/share/classes/sun/jvmstat/perfdata/monitor/MonitorStatus.java	Wed Jul 16 15:12:24 2014 -0700
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2004, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2004, 2014, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -26,6 +26,7 @@
 package sun.jvmstat.perfdata.monitor;
 
 import java.util.List;
+import sun.jvmstat.monitor.Monitor;
 
 /**
  * Immutable class containing the list of inserted and deleted
@@ -39,12 +40,12 @@
     /**
      * The list of Monitors inserted since the last query.
      */
-    protected List inserted;
+    protected List<Monitor> inserted;
 
     /**
      * The list of Monitors removed since the last query.
      */
-    protected List removed;
+    protected List<Monitor> removed;
 
     /**
      * Create a MonitorStatus instance.
@@ -52,7 +53,7 @@
      * @param inserted the list of Monitors inserted
      * @param removed the list of Monitors removed
      */
-    public MonitorStatus(List inserted, List removed) {
+    public MonitorStatus(List<Monitor> inserted, List<Monitor> removed) {
         this.inserted = inserted;
         this.removed = removed;
     }
@@ -62,7 +63,7 @@
      *
      * @return List - the List of Monitor objects inserted or an empty List.
      */
-    public List getInserted() {
+    public List<Monitor> getInserted() {
         return inserted;
     }
 
@@ -71,7 +72,7 @@
      *
      * @return List - the List of Monitor objects removed or an empty List.
      */
-    public List getRemoved() {
+    public List<Monitor> getRemoved() {
         return removed;
     }
 }
--- a/src/share/classes/sun/jvmstat/perfdata/monitor/PerfDataBufferImpl.java	Wed Jul 16 16:02:51 2014 +0400
+++ b/src/share/classes/sun/jvmstat/perfdata/monitor/PerfDataBufferImpl.java	Wed Jul 16 15:12:24 2014 -0700
@@ -66,7 +66,7 @@
     /**
      * A cache of resolved monitor aliases.
      */
-    protected Map aliasCache;
+    protected Map<String, Monitor> aliasCache;
 
 
     /**
@@ -79,9 +79,9 @@
     protected PerfDataBufferImpl(ByteBuffer buffer, int lvmid) {
         this.buffer = buffer;
         this.lvmid = lvmid;
-        this.monitors = new TreeMap<String, Monitor>();
-        this.aliasMap = new HashMap<String, ArrayList<String>>();
-        this.aliasCache = new HashMap();
+        this.monitors = new TreeMap<>();
+        this.aliasMap = new HashMap<>();
+        this.aliasCache = new HashMap<>();
     }
 
     /**
@@ -200,12 +200,12 @@
     protected Monitor findByAlias(String name) {
         assert Thread.holdsLock(this);
 
-        Monitor  m = (Monitor)aliasCache.get(name);
+        Monitor  m = aliasCache.get(name);
         if (m == null) {
-            ArrayList al = aliasMap.get(name);
+            ArrayList<String> al = aliasMap.get(name);
             if (al != null) {
-                for (Iterator i = al.iterator(); i.hasNext() && m == null; ) {
-                    String alias = (String)i.next();
+                for (Iterator<String> i = al.iterator(); i.hasNext() && m == null; ) {
+                    String alias = i.next();
                     m = monitors.get(alias);
                 }
             }
@@ -287,21 +287,21 @@
 
         Pattern pattern = Pattern.compile(patternString);
         Matcher matcher = pattern.matcher("");
-        List<Monitor> matches = new ArrayList<Monitor>();
+        List<Monitor> matches = new ArrayList<>();
 
-        Set monitorSet = monitors.entrySet();
+        Set<Map.Entry<String,Monitor>> monitorSet = monitors.entrySet();
 
-        for (Iterator i = monitorSet.iterator(); i.hasNext(); /* empty */) {
-            Map.Entry me = (Map.Entry)i.next();
-            String name = (String)me.getKey();
-            Monitor m = (Monitor)me.getValue();
+        for (Iterator<Map.Entry<String, Monitor>> i = monitorSet.iterator(); i.hasNext(); /* empty */) {
+            Map.Entry<String, Monitor> me = i.next();
+            String name = me.getKey();
+            Monitor m = me.getValue();
 
             // apply pattern to monitor item name
             matcher.reset(name);
 
             // if the pattern matches, then add monitor to list
             if (matcher.lookingAt()) {
-                 matches.add((Monitor)me.getValue());
+                 matches.add(me.getValue());
             }
         }
         return matches;
--- a/src/share/classes/sun/jvmstat/perfdata/monitor/PerfIntegerMonitor.java	Wed Jul 16 16:02:51 2014 +0400
+++ b/src/share/classes/sun/jvmstat/perfdata/monitor/PerfIntegerMonitor.java	Wed Jul 16 15:12:24 2014 -0700
@@ -67,7 +67,7 @@
      *                   return type is guaranteed to be of type Integer.
      */
     public Object getValue() {
-        return new Integer(ib.get(0));
+        return ib.get(0);
     }
 
     /**
--- a/src/share/classes/sun/jvmstat/perfdata/monitor/protocol/local/LocalMonitoredVm.java	Wed Jul 16 16:02:51 2014 +0400
+++ b/src/share/classes/sun/jvmstat/perfdata/monitor/protocol/local/LocalMonitoredVm.java	Wed Jul 16 15:12:24 2014 -0700
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2004, 2008, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2004, 2014, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -143,16 +143,17 @@
      * @param inserted List of Monitor objects inserted.
      * @param removed List of Monitor objects removed.
      */
-    void fireMonitorStatusChangedEvents(List inserted, List removed) {
+    @SuppressWarnings("unchecked") // Cast of result of clone
+    void fireMonitorStatusChangedEvents(List<Monitor> inserted, List<Monitor> removed) {
         MonitorStatusChangeEvent ev = null;
-        ArrayList registered = null;
+        ArrayList<VmListener> registered = null;
 
         synchronized (listeners) {
             registered = (ArrayList)listeners.clone();
         }
 
-        for (Iterator i = registered.iterator(); i.hasNext(); /* empty */) {
-            VmListener l = (VmListener)i.next();
+        for (Iterator<VmListener> i = registered.iterator(); i.hasNext(); /* empty */) {
+            VmListener l = i.next();
             // lazily create the event object;
             if (ev == null) {
                 ev = new MonitorStatusChangeEvent(this, inserted, removed);
@@ -190,8 +191,8 @@
             super.run();
             try {
                 MonitorStatus status = getMonitorStatus();
-                List inserted = status.getInserted();
-                List removed = status.getRemoved();
+                List<Monitor> inserted = status.getInserted();
+                List<Monitor> removed = status.getRemoved();
 
                 if (!inserted.isEmpty() || !removed.isEmpty()) {
                     fireMonitorStatusChangedEvents(inserted, removed);
--- a/src/share/classes/sun/jvmstat/perfdata/monitor/protocol/local/LocalVmManager.java	Wed Jul 16 16:02:51 2014 +0400
+++ b/src/share/classes/sun/jvmstat/perfdata/monitor/protocol/local/LocalVmManager.java	Wed Jul 16 15:12:24 2014 -0700
@@ -156,8 +156,8 @@
                 if (files != null) {
                     for (int j = 0; j < files.length; j++) {
                         if (files[j].isFile() && files[j].canRead()) {
-                            jvmSet.add(new Integer(
-                                    PerfDataFile.getLocalVmId(files[j])));
+                            jvmSet.add(
+                                    PerfDataFile.getLocalVmId(files[j]));
                         }
                     }
                 }
@@ -175,8 +175,8 @@
             if (files != null) {
                 for (int j = 0; j < files.length; j++) {
                     if (files[j].isFile() && files[j].canRead()) {
-                        jvmSet.add(new Integer(
-                                PerfDataFile.getLocalVmId(files[j])));
+                        jvmSet.add(
+                                PerfDataFile.getLocalVmId(files[j]));
                     }
                 }
             }
@@ -187,8 +187,8 @@
         if (files != null) {
             for (int j = 0; j < files.length; j++) {
                 if (files[j].isFile() && files[j].canRead()) {
-                    jvmSet.add(new Integer(
-                            PerfDataFile.getLocalVmId(files[j])));
+                    jvmSet.add(
+                            PerfDataFile.getLocalVmId(files[j]));
                 }
             }
         }
--- a/src/share/classes/sun/jvmstat/perfdata/monitor/protocol/local/MonitoredHostProvider.java	Wed Jul 16 16:02:51 2014 +0400
+++ b/src/share/classes/sun/jvmstat/perfdata/monitor/protocol/local/MonitoredHostProvider.java	Wed Jul 16 15:12:24 2014 -0700
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2004, 2008, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2004, 2014, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -160,17 +160,18 @@
      * @param terminated a set of Integer objects containing the vmid of
      *                   terminated Vms since last interval.
      */
-    private void fireVmStatusChangedEvents(Set active, Set started,
-                                           Set terminated) {
-        ArrayList registered = null;
+    @SuppressWarnings("unchecked") // Cast of result of clone
+    private void fireVmStatusChangedEvents(Set<Integer> active, Set<Integer> started,
+                                           Set<Integer> terminated) {
+        ArrayList<HostListener> registered = null;
         VmStatusChangeEvent ev = null;
 
         synchronized(listeners) {
             registered = (ArrayList)listeners.clone();
         }
 
-        for (Iterator i = registered.iterator(); i.hasNext(); /* empty */) {
-            HostListener l = (HostListener)i.next();
+        for (Iterator<HostListener> i = registered.iterator(); i.hasNext(); /* empty */) {
+            HostListener l = i.next();
             if (ev == null) {
                 ev = new VmStatusChangeEvent(this, active, started, terminated);
             }
@@ -186,7 +187,7 @@
             super.run();
 
             // save the last set of active JVMs
-            Set lastActiveVms = activeVms;
+            Set<Integer> lastActiveVms = activeVms;
 
             // get the current set of active JVMs
             activeVms = (HashSet<Integer>)vmManager.activeVms();
@@ -194,20 +195,20 @@
             if (activeVms.isEmpty()) {
                 return;
             }
-            Set<Integer> startedVms = new HashSet<Integer>();
-            Set<Object> terminatedVms = new HashSet<Object>();
+            Set<Integer> startedVms = new HashSet<>();
+            Set<Integer> terminatedVms = new HashSet<>();
 
-            for (Iterator i = activeVms.iterator(); i.hasNext(); /* empty */) {
-                Integer vmid = (Integer)i.next();
+            for (Iterator<Integer> i = activeVms.iterator(); i.hasNext(); /* empty */) {
+                Integer vmid = i.next();
                 if (!lastActiveVms.contains(vmid)) {
                     // a new file has been detected, add to set
                     startedVms.add(vmid);
                 }
             }
 
-            for (Iterator i = lastActiveVms.iterator(); i.hasNext();
+            for (Iterator<Integer> i = lastActiveVms.iterator(); i.hasNext();
                     /* empty */) {
-                Object o = i.next();
+                Integer o = i.next();
                 if (!activeVms.contains(o)) {
                     // JVM has terminated, remove it from the active list
                     terminatedVms.add(o);
--- a/src/share/classes/sun/jvmstat/perfdata/monitor/protocol/rmi/MonitoredHostProvider.java	Wed Jul 16 16:02:51 2014 +0400
+++ b/src/share/classes/sun/jvmstat/perfdata/monitor/protocol/rmi/MonitoredHostProvider.java	Wed Jul 16 15:12:24 2014 -0700
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2004, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2004, 2014, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -246,17 +246,18 @@
      *                   Vm Identifiers of terminated JVMs since last
      *                   interval.
      */
-    private void fireVmStatusChangedEvents(Set active, Set started,
-                                           Set terminated) {
-        ArrayList registered = null;
+    @SuppressWarnings("unchecked") // Cast of result of clone
+    private void fireVmStatusChangedEvents(Set<Integer> active, Set<Integer> started,
+                                           Set<Integer> terminated) {
+        ArrayList<HostListener> registered = null;
         VmStatusChangeEvent ev = null;
 
         synchronized(listeners) {
             registered = (ArrayList)listeners.clone();
         }
 
-        for (Iterator i = registered.iterator(); i.hasNext(); /* empty */) {
-            HostListener l = (HostListener)i.next();
+        for (Iterator<HostListener> i = registered.iterator(); i.hasNext(); /* empty */) {
+            HostListener l = i.next();
             if (ev == null) {
                 ev = new VmStatusChangeEvent(this, active, started, terminated);
             }
@@ -267,16 +268,17 @@
     /**
      * Fire hostDisconnectEvent events.
      */
+    @SuppressWarnings("unchecked") // Cast of result of clone
     void fireDisconnectedEvents() {
-        ArrayList registered = null;
+        ArrayList<HostListener> registered = null;
         HostEvent ev = null;
 
         synchronized(listeners) {
             registered = (ArrayList)listeners.clone();
         }
 
-        for (Iterator i = registered.iterator(); i.hasNext(); /* empty */) {
-            HostListener l = (HostListener)i.next();
+        for (Iterator<HostListener> i = registered.iterator(); i.hasNext(); /* empty */) {
+            HostListener l = i.next();
             if (ev == null) {
                 ev = new HostEvent(this);
             }
@@ -292,7 +294,7 @@
             super.run();
 
             // save the last set of active JVMs
-            Set lastActiveVms = activeVms;
+            Set<Integer> lastActiveVms = activeVms;
 
             try {
                 // get the current set of active JVMs
@@ -313,20 +315,20 @@
                 return;
             }
 
-            Set<Integer> startedVms = new HashSet<Integer>();
-            Set<Object> terminatedVms = new HashSet<Object>();
+            Set<Integer> startedVms = new HashSet<>();
+            Set<Integer> terminatedVms = new HashSet<>();
 
-            for (Iterator i = activeVms.iterator(); i.hasNext(); /* empty */ ) {
-                Integer vmid = (Integer)i.next();
+            for (Iterator<Integer> i = activeVms.iterator(); i.hasNext(); /* empty */ ) {
+                Integer vmid = i.next();
                 if (!lastActiveVms.contains(vmid)) {
                     // a new file has been detected, add to set
                     startedVms.add(vmid);
                 }
             }
 
-            for (Iterator i = lastActiveVms.iterator(); i.hasNext();
+            for (Iterator<Integer> i = lastActiveVms.iterator(); i.hasNext();
                     /* empty */ ) {
-                Object o = i.next();
+                Integer o = i.next();
                 if (!activeVms.contains(o)) {
                     // JVM has terminated, remove it from the active list
                     terminatedVms.add(o);
--- a/src/share/classes/sun/jvmstat/perfdata/monitor/protocol/rmi/RemoteMonitoredVm.java	Wed Jul 16 16:02:51 2014 +0400
+++ b/src/share/classes/sun/jvmstat/perfdata/monitor/protocol/rmi/RemoteMonitoredVm.java	Wed Jul 16 15:12:24 2014 -0700
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2004, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2004, 2014, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -198,16 +198,17 @@
      * @param inserted List of Monitor objects inserted.
      * @param removed List of Monitor objects removed.
      */
-    void fireMonitorStatusChangedEvents(List inserted, List removed) {
-        ArrayList registered = null;
+    @SuppressWarnings("unchecked") // Cast of result of clone
+    void fireMonitorStatusChangedEvents(List<Monitor> inserted, List<Monitor> removed) {
+        ArrayList<VmListener> registered = null;
         MonitorStatusChangeEvent ev = null;
 
         synchronized(listeners) {
             registered = (ArrayList)listeners.clone();
         }
 
-        for (Iterator i = registered.iterator(); i.hasNext(); /* empty */) {
-            VmListener l = (VmListener)i.next();
+        for (Iterator<VmListener> i = registered.iterator(); i.hasNext(); /* empty */) {
+            VmListener l = i.next();
             if (ev == null) {
                 ev = new MonitorStatusChangeEvent(this, inserted, removed);
             }
@@ -218,16 +219,17 @@
     /**
      * Fire MonitoredVmStructureChanged events.
      */
+    @SuppressWarnings("unchecked") // Cast of result of clone
     void fireMonitorsUpdatedEvents() {
-        ArrayList registered = null;
+        ArrayList<VmListener> registered = null;
         VmEvent ev = null;
 
         synchronized(listeners) {
             registered = (ArrayList)listeners.clone();
         }
 
-        for (Iterator i = registered.iterator(); i.hasNext(); /* empty */) {
-            VmListener l = (VmListener)i.next();
+        for (Iterator<VmListener> i = registered.iterator(); i.hasNext(); /* empty */) {
+            VmListener l = i.next();
             if (ev == null) {
                 ev = new VmEvent(this);
             }
@@ -256,8 +258,8 @@
             try {
                 MonitorStatus status = getMonitorStatus();
 
-                List inserted = status.getInserted();
-                List removed = status.getRemoved();
+                List<Monitor> inserted = status.getInserted();
+                List<Monitor> removed = status.getRemoved();
 
                 if (!inserted.isEmpty() || !removed.isEmpty()) {
                     fireMonitorStatusChangedEvents(inserted, removed);
--- a/src/share/classes/sun/jvmstat/perfdata/monitor/protocol/rmi/RemoteVmManager.java	Wed Jul 16 16:02:51 2014 +0400
+++ b/src/share/classes/sun/jvmstat/perfdata/monitor/protocol/rmi/RemoteVmManager.java	Wed Jul 16 15:12:24 2014 -0700
@@ -106,7 +106,7 @@
         Set<Integer> activeSet = new HashSet<Integer>(active.length);
 
         for (int i = 0; i < active.length; i++) {
-            activeSet.add(new Integer(active[i]));
+            activeSet.add(active[i]);
         }
 
         return activeSet;
--- a/src/share/classes/sun/jvmstat/perfdata/monitor/v1_0/PerfDataBuffer.java	Wed Jul 16 16:02:51 2014 +0400
+++ b/src/share/classes/sun/jvmstat/perfdata/monitor/v1_0/PerfDataBuffer.java	Wed Jul 16 15:12:24 2014 -0700
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2004, 2010, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2004, 2014, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -47,7 +47,7 @@
     private static final boolean DEBUG = false;
     private static final int syncWaitMs =
             Integer.getInteger("sun.jvmstat.perdata.syncWaitMs", 5000);
-    private static final ArrayList EMPTY_LIST = new ArrayList(0);
+    private static final ArrayList<Monitor> EMPTY_LIST = new ArrayList<Monitor>(0);
 
     /*
      * the following constants must be kept in sync with struct
@@ -190,8 +190,8 @@
         getNewMonitors(map);
 
         // current implementation doesn't support deletion or reuse of entries
-        ArrayList removed = EMPTY_LIST;
-        ArrayList inserted = insertedMonitors;
+        ArrayList<Monitor> removed = EMPTY_LIST;
+        ArrayList<Monitor> inserted = insertedMonitors;
 
         insertedMonitors = new ArrayList<Monitor>();
         return new MonitorStatus(inserted, removed);
@@ -618,14 +618,14 @@
     /**
      * Method to dump debugging information
      */
-    private void dumpAll(Map map, int lvmid) {
+    private void dumpAll(Map<String, Monitor> map, int lvmid) {
         if (DEBUG) {
-            Set keys = map.keySet();
+            Set<String> keys = map.keySet();
 
             System.err.println("Dump for " + lvmid);
             int j = 0;
-            for (Iterator i = keys.iterator(); i.hasNext(); j++) {
-                Monitor monitor = (Monitor)map.get(i.next());
+            for (Iterator<String> i = keys.iterator(); i.hasNext(); j++) {
+                Monitor monitor = map.get(i.next());
                 System.err.println(j + "\t" + monitor.getName()
                                    + "=" + monitor.getValue());
             }
--- a/src/share/classes/sun/jvmstat/perfdata/monitor/v2_0/PerfDataBuffer.java	Wed Jul 16 16:02:51 2014 +0400
+++ b/src/share/classes/sun/jvmstat/perfdata/monitor/v2_0/PerfDataBuffer.java	Wed Jul 16 15:12:24 2014 -0700
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2004, 2010, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2004, 2014, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -65,7 +65,7 @@
     private static final boolean DEBUG = false;
     private static final int syncWaitMs =
             Integer.getInteger("sun.jvmstat.perdata.syncWaitMs", 5000);
-    private static final ArrayList EMPTY_LIST = new ArrayList(0);
+    private static final ArrayList<Monitor> EMPTY_LIST = new ArrayList<>(0);
 
     /*
      * These are primarily for documentary purposes and the match up
@@ -198,10 +198,10 @@
         getNewMonitors(map);
 
         // current implementation doesn't support deletion of reuse of entries
-        ArrayList removed = EMPTY_LIST;
-        ArrayList inserted = insertedMonitors;
+        ArrayList<Monitor> removed = EMPTY_LIST;
+        ArrayList<Monitor> inserted = insertedMonitors;
 
-        insertedMonitors = new ArrayList<Monitor>();
+        insertedMonitors = new ArrayList<>();
         return new MonitorStatus(inserted, removed);
     }
 
@@ -524,7 +524,7 @@
 
             System.err.println("Dump for " + lvmid);
             int j = 0;
-            for (Iterator i = keys.iterator(); i.hasNext(); j++) {
+            for (Iterator<String> i = keys.iterator(); i.hasNext(); j++) {
                 Monitor monitor = map.get(i.next());
                 System.err.println(j + "\t" + monitor.getName()
                                    + "=" + monitor.getValue());
--- a/src/share/classes/sun/management/DiagnosticCommandImpl.java	Wed Jul 16 16:02:51 2014 +0400
+++ b/src/share/classes/sun/management/DiagnosticCommandImpl.java	Wed Jul 16 15:12:24 2014 -0700
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2013, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2013, 2014, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -84,10 +84,10 @@
             Exception cause = null;
             if (info.getPermissionClass() != null) {
                 try {
-                    Class c = Class.forName(info.getPermissionClass());
+                    Class<?> c = Class.forName(info.getPermissionClass());
                     if (info.getPermissionAction() == null) {
                         try {
-                            Constructor constructor = c.getConstructor(String.class);
+                            Constructor<?> constructor = c.getConstructor(String.class);
                             permission = (Permission) constructor.newInstance(info.getPermissionName());
 
                         } catch (InstantiationException | IllegalAccessException
@@ -98,7 +98,7 @@
                     }
                     if (permission == null) {
                         try {
-                            Constructor constructor = c.getConstructor(String.class, String.class);
+                            Constructor<?> constructor = c.getConstructor(String.class, String.class);
                             permission = (Permission) constructor.newInstance(
                                     info.getPermissionName(),
                                     info.getPermissionAction());
@@ -158,7 +158,7 @@
         SortedSet<MBeanOperationInfo> operations = new TreeSet<>(new OperationInfoComparator());
         Map<String, Wrapper> wrappersmap;
         if (!isSupported) {
-            wrappersmap = (Map<String, Wrapper>) Collections.EMPTY_MAP;
+            wrappersmap = Collections.emptyMap();
         } else {
             try {
                 String[] command = getDiagnosticCommands();
@@ -189,7 +189,7 @@
                     }
                 }
             } catch (IllegalArgumentException | UnsupportedOperationException e) {
-                wrappersmap = (Map<String, Wrapper>) Collections.EMPTY_MAP;
+                wrappersmap = Collections.emptyMap();
             }
         }
         wrappers =  Collections.unmodifiableMap(wrappersmap);
--- a/src/share/classes/sun/management/GarbageCollectionNotifInfoCompositeData.java	Wed Jul 16 16:02:51 2014 +0400
+++ b/src/share/classes/sun/management/GarbageCollectionNotifInfoCompositeData.java	Wed Jul 16 15:12:24 2014 -0700
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2011, 2012, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2011, 2014, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -65,7 +65,7 @@
         final GcInfoBuilder builder = AccessController.doPrivileged (new PrivilegedAction<GcInfoBuilder>() {
                 public GcInfoBuilder run() {
                     try {
-                        Class cl = Class.forName("com.sun.management.GcInfo");
+                        Class<?> cl = Class.forName("com.sun.management.GcInfo");
                         Field f = cl.getDeclaredField("builder");
                         f.setAccessible(true);
                         return (GcInfoBuilder)f.get(gcNotifInfo.getGcInfo());
--- a/src/share/classes/sun/management/GcInfoBuilder.java	Wed Jul 16 16:02:51 2014 +0400
+++ b/src/share/classes/sun/management/GcInfoBuilder.java	Wed Jul 16 15:12:24 2014 -0700
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2003, 2012, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2003, 2014, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -98,7 +98,7 @@
 
         // First, fill with the attributes in the GcInfo
         String[] gcInfoItemNames = GcInfoCompositeData.getBaseGcInfoItemNames();
-        OpenType[] gcInfoItemTypes = GcInfoCompositeData.getBaseGcInfoItemTypes();
+        OpenType<?>[] gcInfoItemTypes = GcInfoCompositeData.getBaseGcInfoItemTypes();
         int numGcInfoItems = gcInfoItemNames.length;
 
         int itemCount = numGcInfoItems + gcExtItemCount;
--- a/src/share/classes/sun/management/GcInfoCompositeData.java	Wed Jul 16 16:02:51 2014 +0400
+++ b/src/share/classes/sun/management/GcInfoCompositeData.java	Wed Jul 16 15:12:24 2014 -0700
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2004, 2012, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2004, 2014, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -72,7 +72,7 @@
         final GcInfoBuilder builder = AccessController.doPrivileged (new PrivilegedAction<GcInfoBuilder>() {
                         public GcInfoBuilder run() {
                             try {
-                                Class cl = Class.forName("com.sun.management.GcInfo");
+                                Class<?> cl = Class.forName("com.sun.management.GcInfo");
                                 Field f = cl.getDeclaredField("builder");
                                 f.setAccessible(true);
                                 return (GcInfoBuilder)f.get(info);
@@ -84,7 +84,7 @@
         final Object[] extAttr = AccessController.doPrivileged (new PrivilegedAction<Object[]>() {
                         public Object[] run() {
                             try {
-                                Class cl = Class.forName("com.sun.management.GcInfo");
+                                Class<?> cl = Class.forName("com.sun.management.GcInfo");
                                 Field f = cl.getDeclaredField("extAttributes");
                                 f.setAccessible(true);
                                 return (Object[])f.get(info);
@@ -182,8 +182,8 @@
         return baseGcInfoItemNames;
     }
 
-    private static OpenType[] baseGcInfoItemTypes = null;
-    static synchronized OpenType[] getBaseGcInfoItemTypes() {
+    private static OpenType<?>[] baseGcInfoItemTypes = null;
+    static synchronized OpenType<?>[] getBaseGcInfoItemTypes() {
         if (baseGcInfoItemTypes == null) {
             OpenType<?> memoryUsageOpenType = memoryUsageMapType.getOpenType();
             baseGcInfoItemTypes = new OpenType<?>[] {
--- a/src/share/classes/sun/management/LockInfoCompositeData.java	Wed Jul 16 16:02:51 2014 +0400
+++ b/src/share/classes/sun/management/LockInfoCompositeData.java	Wed Jul 16 15:12:24 2014 -0700
@@ -61,7 +61,7 @@
         // lockInfoItemNames!
         final Object[] lockInfoItemValues = {
             new String(lock.getClassName()),
-            new Integer(lock.getIdentityHashCode()),
+            lock.getIdentityHashCode(),
         };
 
         try {
--- a/src/share/classes/sun/management/MappedMXBeanType.java	Wed Jul 16 16:02:51 2014 +0400
+++ b/src/share/classes/sun/management/MappedMXBeanType.java	Wed Jul 16 15:12:24 2014 -0700
@@ -227,6 +227,7 @@
     //   Enum <-> enum's name
     //
     static class EnumMXBeanType extends MappedMXBeanType {
+        @SuppressWarnings("rawtypes")
         final Class enumClass;
         EnumMXBeanType(Class<?> c) {
             this.enumClass = c;
@@ -754,7 +755,7 @@
         }
     }
 
-    private static class InProgress extends OpenType {
+    private static class InProgress<T> extends OpenType<T> {
         private static final String description =
                   "Marker to detect recursive type use -- internal use only!";
 
@@ -783,7 +784,7 @@
     static {
         OpenType<?> t;
         try {
-            t = new InProgress();
+            t = new InProgress<>();
         } catch (OpenDataException e) {
             // Should not reach here
             throw new AssertionError(e);
@@ -791,7 +792,7 @@
         inProgress = t;
     }
 
-    private static final OpenType[] simpleTypes = {
+    private static final OpenType<?>[] simpleTypes = {
         BIGDECIMAL, BIGINTEGER, BOOLEAN, BYTE, CHARACTER, DATE,
         DOUBLE, FLOAT, INTEGER, LONG, OBJECTNAME, SHORT, STRING,
         VOID,
--- a/src/share/classes/sun/management/MonitorInfoCompositeData.java	Wed Jul 16 16:02:51 2014 +0400
+++ b/src/share/classes/sun/management/MonitorInfoCompositeData.java	Wed Jul 16 15:12:24 2014 -0700
@@ -69,7 +69,7 @@
                                                toCompositeData(ste)
                                          : null);
             } else if (item.equals(LOCKED_STACK_DEPTH)) {
-                values[i] = new Integer(lock.getLockedStackDepth());
+                values[i] = lock.getLockedStackDepth();
             } else {
                 values[i] = li.get(item);
             }
--- a/src/share/classes/sun/management/StackTraceElementCompositeData.java	Wed Jul 16 16:02:51 2014 +0400
+++ b/src/share/classes/sun/management/StackTraceElementCompositeData.java	Wed Jul 16 15:12:24 2014 -0700
@@ -67,7 +67,7 @@
             ste.getClassName(),
             ste.getMethodName(),
             ste.getFileName(),
-            new Integer(ste.getLineNumber()),
+            ste.getLineNumber(),
             ste.isNativeMethod(),
         };
         try {
--- a/src/share/classes/sun/management/jdp/JdpController.java	Wed Jul 16 16:02:51 2014 +0400
+++ b/src/share/classes/sun/management/jdp/JdpController.java	Wed Jul 16 15:12:24 2014 -0700
@@ -204,7 +204,7 @@
         packet.setRmiHostname(rmiHostname);
 
         // Set broadcast interval
-        packet.setBroadcastInterval(new Integer(pause).toString());
+        packet.setBroadcastInterval(Integer.toString(pause));
 
         // Set process id
         Integer pid = getProcessId();
--- a/src/share/classes/sun/management/snmp/jvminstr/JvmMemGCEntryImpl.java	Wed Jul 16 16:02:51 2014 +0400
+++ b/src/share/classes/sun/management/snmp/jvminstr/JvmMemGCEntryImpl.java	Wed Jul 16 15:12:24 2014 -0700
@@ -85,7 +85,7 @@
      * Getter for the "JvmMemManagerIndex" variable.
      */
     public Integer getJvmMemManagerIndex() throws SnmpStatusException {
-        return new Integer(JvmMemManagerIndex);
+        return JvmMemManagerIndex;
     }
 
 }
--- a/src/share/classes/sun/management/snmp/jvminstr/JvmMemManagerEntryImpl.java	Wed Jul 16 16:02:51 2014 +0400
+++ b/src/share/classes/sun/management/snmp/jvminstr/JvmMemManagerEntryImpl.java	Wed Jul 16 15:12:24 2014 -0700
@@ -79,7 +79,7 @@
      * Getter for the "JvmMemManagerIndex" variable.
      */
     public Integer getJvmMemManagerIndex() throws SnmpStatusException {
-        return new Integer(JvmMemManagerIndex);
+        return JvmMemManagerIndex;
     }
 
     /**
--- a/src/share/classes/sun/management/snmp/jvminstr/JvmMemMgrPoolRelEntryImpl.java	Wed Jul 16 16:02:51 2014 +0400
+++ b/src/share/classes/sun/management/snmp/jvminstr/JvmMemMgrPoolRelEntryImpl.java	Wed Jul 16 15:12:24 2014 -0700
@@ -92,14 +92,14 @@
      * Getter for the "JvmMemManagerIndex" variable.
      */
     public Integer getJvmMemManagerIndex() throws SnmpStatusException {
-        return new Integer(JvmMemManagerIndex);
+        return JvmMemManagerIndex;
     }
 
     /**
      * Getter for the "JvmMemPoolIndex" variable.
      */
     public Integer getJvmMemPoolIndex() throws SnmpStatusException {
-        return new Integer(JvmMemPoolIndex);
+        return JvmMemPoolIndex;
     }
 
 }
--- a/src/share/classes/sun/management/snmp/jvminstr/JvmMemPoolEntryImpl.java	Wed Jul 16 16:02:51 2014 +0400
+++ b/src/share/classes/sun/management/snmp/jvminstr/JvmMemPoolEntryImpl.java	Wed Jul 16 15:12:24 2014 -0700
@@ -430,7 +430,7 @@
      * Getter for the "JvmMemPoolIndex" variable.
      */
     public Integer getJvmMemPoolIndex() throws SnmpStatusException {
-        return new Integer(jvmMemPoolIndex);
+        return jvmMemPoolIndex;
     }
 
 
--- a/src/share/classes/sun/management/snmp/jvminstr/JvmOSImpl.java	Wed Jul 16 16:02:51 2014 +0400
+++ b/src/share/classes/sun/management/snmp/jvminstr/JvmOSImpl.java	Wed Jul 16 15:12:24 2014 -0700
@@ -82,7 +82,7 @@
      * Getter for the "JvmRTProcessorCount" variable.
      */
     public Integer getJvmOSProcessorCount() throws SnmpStatusException {
-        return new Integer(getOSMBean().getAvailableProcessors());
+        return getOSMBean().getAvailableProcessors();
 
     }
 
--- a/src/share/classes/sun/management/snmp/jvminstr/JvmRTBootClassPathEntryImpl.java	Wed Jul 16 16:02:51 2014 +0400
+++ b/src/share/classes/sun/management/snmp/jvminstr/JvmRTBootClassPathEntryImpl.java	Wed Jul 16 15:12:24 2014 -0700
@@ -72,7 +72,7 @@
      * Getter for the "JvmRTBootClassPathIndex" variable.
      */
     public Integer getJvmRTBootClassPathIndex() throws SnmpStatusException {
-        return new Integer(index);
+        return index;
     }
 
 }
--- a/src/share/classes/sun/management/snmp/jvminstr/JvmRTClassPathEntryImpl.java	Wed Jul 16 16:02:51 2014 +0400
+++ b/src/share/classes/sun/management/snmp/jvminstr/JvmRTClassPathEntryImpl.java	Wed Jul 16 15:12:24 2014 -0700
@@ -71,7 +71,7 @@
      * Getter for the "JvmRTClassPathIndex" variable.
      */
     public Integer getJvmRTClassPathIndex() throws SnmpStatusException {
-        return new Integer(index);
+        return index;
     }
 
 }
--- a/src/share/classes/sun/management/snmp/jvminstr/JvmRTInputArgsEntryImpl.java	Wed Jul 16 16:02:51 2014 +0400
+++ b/src/share/classes/sun/management/snmp/jvminstr/JvmRTInputArgsEntryImpl.java	Wed Jul 16 15:12:24 2014 -0700
@@ -71,7 +71,7 @@
      * Getter for the "JvmRTInputArgsIndex" variable.
      */
     public Integer getJvmRTInputArgsIndex() throws SnmpStatusException {
-        return new Integer(index);
+        return index;
     }
 
 }
--- a/src/share/classes/sun/management/snmp/jvminstr/JvmRTLibraryPathEntryImpl.java	Wed Jul 16 16:02:51 2014 +0400
+++ b/src/share/classes/sun/management/snmp/jvminstr/JvmRTLibraryPathEntryImpl.java	Wed Jul 16 15:12:24 2014 -0700
@@ -71,7 +71,7 @@
      * Getter for the "JvmRTLibraryPathIndex" variable.
      */
     public Integer getJvmRTLibraryPathIndex() throws SnmpStatusException {
-        return new Integer(index);
+        return index;
     }
 
 }
--- a/src/share/classes/sun/management/snmp/jvminstr/JvmRuntimeImpl.java	Wed Jul 16 16:02:51 2014 +0400
+++ b/src/share/classes/sun/management/snmp/jvminstr/JvmRuntimeImpl.java	Wed Jul 16 15:12:24 2014 -0700
@@ -241,7 +241,7 @@
 
         final String[] args = getInputArguments(JvmContextFactory.
                                                 getUserData());
-        return new Integer(args.length);
+        return args.length;
     }
 
     /**
--- a/src/share/classes/sun/management/snmp/jvmmib/EnumJvmClassesVerboseLevel.java	Wed Jul 16 16:02:51 2014 +0400
+++ b/src/share/classes/sun/management/snmp/jvmmib/EnumJvmClassesVerboseLevel.java	Wed Jul 16 15:12:24 2014 -0700
@@ -49,10 +49,10 @@
     protected static Hashtable<String, Integer> stringTable =
             new Hashtable<>();
     static  {
-        intTable.put(new Integer(2), "verbose");
-        intTable.put(new Integer(1), "silent");
-        stringTable.put("verbose", new Integer(2));
-        stringTable.put("silent", new Integer(1));
+        intTable.put(2, "verbose");
+        intTable.put(1, "silent");
+        stringTable.put("verbose", 2);
+        stringTable.put("silent", 1);
     }
 
     public EnumJvmClassesVerboseLevel(int valueIndex) throws IllegalArgumentException {
--- a/src/share/classes/sun/management/snmp/jvmmib/EnumJvmJITCompilerTimeMonitoring.java	Wed Jul 16 16:02:51 2014 +0400
+++ b/src/share/classes/sun/management/snmp/jvmmib/EnumJvmJITCompilerTimeMonitoring.java	Wed Jul 16 15:12:24 2014 -0700
@@ -49,10 +49,10 @@
     protected static Hashtable<String, Integer> stringTable =
             new Hashtable<>();
     static  {
-        intTable.put(new Integer(2), "supported");
-        intTable.put(new Integer(1), "unsupported");
-        stringTable.put("supported", new Integer(2));
-        stringTable.put("unsupported", new Integer(1));
+        intTable.put(2, "supported");
+        intTable.put(1, "unsupported");
+        stringTable.put("supported", 2);
+        stringTable.put("unsupported", 1);
     }
 
     public EnumJvmJITCompilerTimeMonitoring(int valueIndex) throws IllegalArgumentException {
--- a/src/share/classes/sun/management/snmp/jvmmib/EnumJvmMemManagerState.java	Wed Jul 16 16:02:51 2014 +0400
+++ b/src/share/classes/sun/management/snmp/jvmmib/EnumJvmMemManagerState.java	Wed Jul 16 15:12:24 2014 -0700
@@ -50,10 +50,10 @@
     protected static Hashtable<String, Integer> stringTable =
             new Hashtable<>();
     static  {
-        intTable.put(new Integer(2), "valid");
-        intTable.put(new Integer(1), "invalid");
-        stringTable.put("valid", new Integer(2));
-        stringTable.put("invalid", new Integer(1));
+        intTable.put(2, "valid");
+        intTable.put(1, "invalid");
+        stringTable.put("valid", 2);
+        stringTable.put("invalid", 1);
     }
 
     public EnumJvmMemManagerState(int valueIndex) throws IllegalArgumentException {
--- a/src/share/classes/sun/management/snmp/jvmmib/EnumJvmMemPoolCollectThreshdSupport.java	Wed Jul 16 16:02:51 2014 +0400
+++ b/src/share/classes/sun/management/snmp/jvmmib/EnumJvmMemPoolCollectThreshdSupport.java	Wed Jul 16 15:12:24 2014 -0700
@@ -49,10 +49,10 @@
     protected static Hashtable<String, Integer> stringTable =
             new Hashtable<>();
     static  {
-        intTable.put(new Integer(2), "supported");
-        intTable.put(new Integer(1), "unsupported");
-        stringTable.put("supported", new Integer(2));
-        stringTable.put("unsupported", new Integer(1));
+        intTable.put(2, "supported");
+        intTable.put(1, "unsupported");
+        stringTable.put("supported", 2);
+        stringTable.put("unsupported", 1);
     }
 
     public EnumJvmMemPoolCollectThreshdSupport(int valueIndex) throws IllegalArgumentException {
--- a/src/share/classes/sun/management/snmp/jvmmib/EnumJvmMemPoolState.java	Wed Jul 16 16:02:51 2014 +0400
+++ b/src/share/classes/sun/management/snmp/jvmmib/EnumJvmMemPoolState.java	Wed Jul 16 15:12:24 2014 -0700
@@ -49,10 +49,10 @@
     protected static Hashtable<String, Integer> stringTable =
             new Hashtable<>();
     static  {
-        intTable.put(new Integer(2), "valid");
-        intTable.put(new Integer(1), "invalid");
-        stringTable.put("valid", new Integer(2));
-        stringTable.put("invalid", new Integer(1));
+        intTable.put(2, "valid");
+        intTable.put(1, "invalid");
+        stringTable.put("valid", 2);
+        stringTable.put("invalid", 1);
     }
 
     public EnumJvmMemPoolState(int valueIndex) throws IllegalArgumentException {
--- a/src/share/classes/sun/management/snmp/jvmmib/EnumJvmMemPoolThreshdSupport.java	Wed Jul 16 16:02:51 2014 +0400
+++ b/src/share/classes/sun/management/snmp/jvmmib/EnumJvmMemPoolThreshdSupport.java	Wed Jul 16 15:12:24 2014 -0700
@@ -49,10 +49,10 @@
     protected static Hashtable<String, Integer> stringTable =
             new Hashtable<>();
     static  {
-        intTable.put(new Integer(2), "supported");
-        intTable.put(new Integer(1), "unsupported");
-        stringTable.put("supported", new Integer(2));
-        stringTable.put("unsupported", new Integer(1));
+        intTable.put(2, "supported");
+        intTable.put(1, "unsupported");
+        stringTable.put("supported", 2);
+        stringTable.put("unsupported", 1);
     }
 
     public EnumJvmMemPoolThreshdSupport(int valueIndex) throws IllegalArgumentException {
--- a/src/share/classes/sun/management/snmp/jvmmib/EnumJvmMemPoolType.java	Wed Jul 16 16:02:51 2014 +0400
+++ b/src/share/classes/sun/management/snmp/jvmmib/EnumJvmMemPoolType.java	Wed Jul 16 15:12:24 2014 -0700
@@ -49,10 +49,10 @@
     protected static Hashtable<String, Integer> stringTable =
             new Hashtable<>();
     static  {
-        intTable.put(new Integer(2), "heap");
-        intTable.put(new Integer(1), "nonheap");
-        stringTable.put("heap", new Integer(2));
-        stringTable.put("nonheap", new Integer(1));
+        intTable.put(2, "heap");
+        intTable.put(1, "nonheap");
+        stringTable.put("heap", 2);
+        stringTable.put("nonheap", 1);
     }
 
     public EnumJvmMemPoolType(int valueIndex) throws IllegalArgumentException {
--- a/src/share/classes/sun/management/snmp/jvmmib/EnumJvmMemoryGCCall.java	Wed Jul 16 16:02:51 2014 +0400
+++ b/src/share/classes/sun/management/snmp/jvmmib/EnumJvmMemoryGCCall.java	Wed Jul 16 15:12:24 2014 -0700
@@ -49,16 +49,16 @@
     protected static Hashtable<String, Integer> stringTable =
             new Hashtable<>();
     static  {
-        intTable.put(new Integer(2), "supported");
-        intTable.put(new Integer(5), "failed");
-        intTable.put(new Integer(4), "started");
-        intTable.put(new Integer(1), "unsupported");
-        intTable.put(new Integer(3), "start");
-        stringTable.put("supported", new Integer(2));
-        stringTable.put("failed", new Integer(5));
-        stringTable.put("started", new Integer(4));
-        stringTable.put("unsupported", new Integer(1));
-        stringTable.put("start", new Integer(3));
+        intTable.put(2, "supported");
+        intTable.put(5, "failed");
+        intTable.put(4, "started");
+        intTable.put(1, "unsupported");
+        intTable.put(3, "start");
+        stringTable.put("supported", 2);
+        stringTable.put("failed", 5);
+        stringTable.put("started", 4);
+        stringTable.put("unsupported", 1);
+        stringTable.put("start", 3);
     }
 
     public EnumJvmMemoryGCCall(int valueIndex) throws IllegalArgumentException {
--- a/src/share/classes/sun/management/snmp/jvmmib/EnumJvmMemoryGCVerboseLevel.java	Wed Jul 16 16:02:51 2014 +0400
+++ b/src/share/classes/sun/management/snmp/jvmmib/EnumJvmMemoryGCVerboseLevel.java	Wed Jul 16 15:12:24 2014 -0700
@@ -49,10 +49,10 @@
     protected static Hashtable<String, Integer> stringTable =
             new Hashtable<>();
     static  {
-        intTable.put(new Integer(2), "verbose");
-        intTable.put(new Integer(1), "silent");
-        stringTable.put("verbose", new Integer(2));
-        stringTable.put("silent", new Integer(1));
+        intTable.put(2, "verbose");
+        intTable.put(1, "silent");
+        stringTable.put("verbose", 2);
+        stringTable.put("silent", 1);
     }
 
     public EnumJvmMemoryGCVerboseLevel(int valueIndex) throws IllegalArgumentException {
--- a/src/share/classes/sun/management/snmp/jvmmib/EnumJvmRTBootClassPathSupport.java	Wed Jul 16 16:02:51 2014 +0400
+++ b/src/share/classes/sun/management/snmp/jvmmib/EnumJvmRTBootClassPathSupport.java	Wed Jul 16 15:12:24 2014 -0700
@@ -49,10 +49,10 @@
     protected static Hashtable<String, Integer> stringTable =
             new Hashtable<>();
     static  {
-        intTable.put(new Integer(2), "supported");
-        intTable.put(new Integer(1), "unsupported");
-        stringTable.put("supported", new Integer(2));
-        stringTable.put("unsupported", new Integer(1));
+        intTable.put(2, "supported");
+        intTable.put(1, "unsupported");
+        stringTable.put("supported", 2);
+        stringTable.put("unsupported", 1);
     }
 
     public EnumJvmRTBootClassPathSupport(int valueIndex) throws IllegalArgumentException {
--- a/src/share/classes/sun/management/snmp/jvmmib/EnumJvmThreadContentionMonitoring.java	Wed Jul 16 16:02:51 2014 +0400
+++ b/src/share/classes/sun/management/snmp/jvmmib/EnumJvmThreadContentionMonitoring.java	Wed Jul 16 15:12:24 2014 -0700
@@ -49,12 +49,12 @@
     protected static Hashtable<String, Integer> stringTable =
             new Hashtable<>();
     static  {
-        intTable.put(new Integer(3), "enabled");
-        intTable.put(new Integer(4), "disabled");
-        intTable.put(new Integer(1), "unsupported");
-        stringTable.put("enabled", new Integer(3));
-        stringTable.put("disabled", new Integer(4));
-        stringTable.put("unsupported", new Integer(1));
+        intTable.put(3, "enabled");
+        intTable.put(4, "disabled");
+        intTable.put(1, "unsupported");
+        stringTable.put("enabled", 3);
+        stringTable.put("disabled", 4);
+        stringTable.put("unsupported", 1);
     }
 
     public EnumJvmThreadContentionMonitoring(int valueIndex) throws IllegalArgumentException {
--- a/src/share/classes/sun/management/snmp/jvmmib/EnumJvmThreadCpuTimeMonitoring.java	Wed Jul 16 16:02:51 2014 +0400
+++ b/src/share/classes/sun/management/snmp/jvmmib/EnumJvmThreadCpuTimeMonitoring.java	Wed Jul 16 15:12:24 2014 -0700
@@ -49,12 +49,12 @@
     protected static Hashtable<String, Integer> stringTable =
             new Hashtable<>();
     static  {
-        intTable.put(new Integer(3), "enabled");
-        intTable.put(new Integer(4), "disabled");
-        intTable.put(new Integer(1), "unsupported");
-        stringTable.put("enabled", new Integer(3));
-        stringTable.put("disabled", new Integer(4));
-        stringTable.put("unsupported", new Integer(1));
+        intTable.put(3, "enabled");
+        intTable.put(4, "disabled");
+        intTable.put(1, "unsupported");
+        stringTable.put("enabled", 3);
+        stringTable.put("disabled", 4);
+        stringTable.put("unsupported", 1);
     }
 
     public EnumJvmThreadCpuTimeMonitoring(int valueIndex) throws IllegalArgumentException {
--- a/src/share/classes/sun/misc/ProxyGenerator.java	Wed Jul 16 16:02:51 2014 +0400
+++ b/src/share/classes/sun/misc/ProxyGenerator.java	Wed Jul 16 15:12:24 2014 -0700
@@ -1743,7 +1743,7 @@
          * Get or assign the index for a CONSTANT_Integer entry.
          */
         public short getInteger(int i) {
-            return getValue(new Integer(i));
+            return getValue(i);
         }
 
         /**
--- a/src/share/classes/sun/net/NetProperties.java	Wed Jul 16 16:02:51 2014 +0400
+++ b/src/share/classes/sun/net/NetProperties.java	Wed Jul 16 15:12:24 2014 -0700
@@ -123,7 +123,7 @@
             } catch (NumberFormatException ex) {
             }
         }
-        return new Integer(defval);
+        return defval;
     }
 
     /**
--- a/src/share/classes/sun/nio/ch/Util.java	Wed Jul 16 16:02:51 2014 +0400
+++ b/src/share/classes/sun/nio/ch/Util.java	Wed Jul 16 15:12:24 2014 -0700
@@ -328,7 +328,7 @@
             initDBBConstructor();
         try {
             dbb = (MappedByteBuffer)directByteBufferConstructor.newInstance(
-              new Object[] { new Integer(size),
+              new Object[] { size,
                              addr,
                              fd,
                              unmapper });
@@ -373,7 +373,7 @@
             initDBBRConstructor();
         try {
             dbb = (MappedByteBuffer)directByteBufferRConstructor.newInstance(
-              new Object[] { new Integer(size),
+              new Object[] { size,
                              addr,
                              fd,
                              unmapper });
--- a/src/share/classes/sun/rmi/rmic/RMIGenerator.java	Wed Jul 16 16:02:51 2014 +0400
+++ b/src/share/classes/sun/rmi/rmic/RMIGenerator.java	Wed Jul 16 15:12:24 2014 -0700
@@ -63,9 +63,9 @@
 
     private static final Hashtable<String, Integer> versionOptions = new Hashtable<>();
     static {
-        versionOptions.put("-v1.1", new Integer(STUB_VERSION_1_1));
-        versionOptions.put("-vcompat", new Integer(STUB_VERSION_FAT));
-        versionOptions.put("-v1.2", new Integer(STUB_VERSION_1_2));
+        versionOptions.put("-v1.1", STUB_VERSION_1_1);
+        versionOptions.put("-vcompat", STUB_VERSION_FAT);
+        versionOptions.put("-v1.2", STUB_VERSION_1_2);
     }
 
     /**
--- a/src/share/classes/sun/security/action/GetIntegerAction.java	Wed Jul 16 16:02:51 2014 +0400
+++ b/src/share/classes/sun/security/action/GetIntegerAction.java	Wed Jul 16 15:12:24 2014 -0700
@@ -107,7 +107,7 @@
     public Integer run() {
         Integer value = Integer.getInteger(theProp);
         if ((value == null) && defaultSet)
-            return new Integer(defaultVal);
+            return defaultVal;
         return value;
     }
 }
--- a/src/share/classes/sun/security/ec/ECKeyPairGenerator.java	Wed Jul 16 16:02:51 2014 +0400
+++ b/src/share/classes/sun/security/ec/ECKeyPairGenerator.java	Wed Jul 16 15:12:24 2014 -0700
@@ -125,19 +125,18 @@
 
         try {
 
-            long[] handles = generateECKeyPair(keySize, encodedParams, seed);
+            Object[] keyBytes = generateECKeyPair(keySize, encodedParams, seed);
 
             // The 'params' object supplied above is equivalent to the native
             // one so there is no need to fetch it.
-
-            // handles[0] points to the native private key
-            BigInteger s = new BigInteger(1, getEncodedBytes(handles[0]));
+            // keyBytes[0] is the encoding of the native private key
+            BigInteger s = new BigInteger(1, (byte[])keyBytes[0]);
 
             PrivateKey privateKey =
                 new ECPrivateKeyImpl(s, (ECParameterSpec)params);
 
-            // handles[1] points to the native public key
-            ECPoint w = ECUtil.decodePoint(getEncodedBytes(handles[1]),
+            // keyBytes[1] is the encoding of the native public key
+            ECPoint w = ECUtil.decodePoint((byte[])keyBytes[1],
                 ((ECParameterSpec)params).getCurve());
             PublicKey publicKey =
                 new ECPublicKeyImpl(w, (ECParameterSpec)params);
@@ -162,14 +161,9 @@
     }
 
     /*
-     * Generates the keypair and returns a 2-element array of handles.
-     * The first handle points to the private key, the second to the public key.
+     * Generates the keypair and returns a 2-element array of encoding bytes.
+     * The first one is for the private key, the second for the public key.
      */
-    private static native long[] generateECKeyPair(int keySize,
+    private static native Object[] generateECKeyPair(int keySize,
         byte[] encodedParams, byte[] seed) throws GeneralSecurityException;
-
-    /*
-     * Extracts the encoded key data using the supplied handle.
-     */
-    private static native byte[] getEncodedBytes(long handle);
 }
--- a/src/share/classes/sun/security/jca/ProviderConfig.java	Wed Jul 16 16:02:51 2014 +0400
+++ b/src/share/classes/sun/security/jca/ProviderConfig.java	Wed Jul 16 15:12:24 2014 -0700
@@ -255,6 +255,14 @@
                         disableLoad();
                     }
                     return null;
+                } catch (ExceptionInInitializerError err) {
+                    // no sufficient permission to initialize provider class
+                    if (debug != null) {
+                        debug.println("Error loading provider " + ProviderConfig.this);
+                        err.printStackTrace();
+                    }
+                    disableLoad();
+                    return null;
                 }
             }
         });
--- a/src/share/classes/sun/security/jgss/krb5/ServiceCreds.java	Wed Jul 16 16:02:51 2014 +0400
+++ b/src/share/classes/sun/security/jgss/krb5/ServiceCreds.java	Wed Jul 16 15:12:24 2014 -0700
@@ -231,7 +231,7 @@
         for (int i=0; i<ekeys.length; i++) {
             ekeys[i] =  new EncryptionKey(
                         kkeys[i].getEncoded(), kkeys[i].getKeyType(),
-                        new Integer(kkeys[i].getVersionNumber()));
+                        kkeys[i].getVersionNumber());
         }
         return ekeys;
     }
--- a/src/share/classes/sun/security/krb5/EncryptedData.java	Wed Jul 16 16:02:51 2014 +0400
+++ b/src/share/classes/sun/security/krb5/EncryptedData.java	Wed Jul 16 15:12:24 2014 -0700
@@ -87,7 +87,7 @@
         EncryptedData new_encryptedData = new EncryptedData();
         new_encryptedData.eType = eType;
         if (kvno != null) {
-            new_encryptedData.kvno = new Integer(kvno.intValue());
+            new_encryptedData.kvno = kvno.intValue();
         }
         if (cipher != null) {
             new_encryptedData.cipher = new byte[cipher.length];
@@ -241,7 +241,7 @@
         if ((encoding.getData().peekByte() & 0x1F) == 1) {
             der = encoding.getData().getDerValue();
             int i = (der.getData().getBigInteger()).intValue();
-            kvno = new Integer(i);
+            kvno = i;
         } else {
             kvno = null;
         }
--- a/src/share/classes/sun/security/krb5/KrbApRep.java	Wed Jul 16 16:02:51 2014 +0400
+++ b/src/share/classes/sun/security/krb5/KrbApRep.java	Wed Jul 16 15:12:24 2014 -0700
@@ -180,7 +180,7 @@
         Integer seqno = null;
 
         if (seqNumber != null)
-            seqno = new Integer(seqNumber.current());
+            seqno = seqNumber.current();
 
         encPart = new EncAPRepPart(ctime,
                                    cusec,
--- a/src/share/classes/sun/security/krb5/KrbApReq.java	Wed Jul 16 16:02:51 2014 +0400
+++ b/src/share/classes/sun/security/krb5/KrbApReq.java	Wed Jul 16 15:12:24 2014 -0700
@@ -485,7 +485,7 @@
         Integer seqno = null;
 
         if (seqNumber != null)
-            seqno = new Integer(seqNumber.current());
+            seqno = seqNumber.current();
 
         authenticator =
             new Authenticator(cname,
--- a/src/share/classes/sun/security/krb5/KrbPriv.java	Wed Jul 16 16:02:51 2014 +0400
+++ b/src/share/classes/sun/security/krb5/KrbPriv.java	Wed Jul 16 15:12:24 2014 -0700
@@ -114,10 +114,10 @@
                                Integer seqno = null;
 
                                if (timestamp != null)
-                               usec = new Integer(timestamp.getMicroSeconds());
+                               usec = timestamp.getMicroSeconds();
 
                                if (seqNumber != null) {
-                                   seqno = new Integer(seqNumber.current());
+                                   seqno = seqNumber.current();
                                    seqNumber.step();
                                }
 
--- a/src/share/classes/sun/security/krb5/KrbSafe.java	Wed Jul 16 16:02:51 2014 +0400
+++ b/src/share/classes/sun/security/krb5/KrbSafe.java	Wed Jul 16 15:12:24 2014 -0700
@@ -115,10 +115,10 @@
                                 Integer seqno = null;
 
                                 if (timestamp != null)
-                                usec = new Integer(timestamp.getMicroSeconds());
+                                usec = timestamp.getMicroSeconds();
 
                                 if (seqNumber != null) {
-                                    seqno = new Integer(seqNumber.current());
+                                    seqno = seqNumber.current();
                                     seqNumber.step();
                                 }
 
--- a/src/share/classes/sun/security/krb5/internal/Authenticator.java	Wed Jul 16 16:02:51 2014 +0400
+++ b/src/share/classes/sun/security/krb5/internal/Authenticator.java	Wed Jul 16 15:12:24 2014 -0700
@@ -149,7 +149,7 @@
             if ((der.getData().peekByte() & 0x1F) == 0x07) {
                 subDer = der.getData().getDerValue();
                 if ((subDer.getTag() & (byte) 0x1F) == (byte) 0x07) {
-                    seqNumber = new Integer(subDer.getData().getBigInteger().intValue());
+                    seqNumber = subDer.getData().getBigInteger().intValue();
                 }
             }
         } else {
--- a/src/share/classes/sun/security/krb5/internal/EncAPRepPart.java	Wed Jul 16 16:02:51 2014 +0400
+++ b/src/share/classes/sun/security/krb5/internal/EncAPRepPart.java	Wed Jul 16 15:12:24 2014 -0700
@@ -117,7 +117,7 @@
             if ((subDer.getTag() & 0x1F) != 0x03) {
                 throw new Asn1Exception(Krb5.ASN1_BAD_ID);
             }
-            seqNumber = new Integer(subDer.getData().getBigInteger().intValue());
+            seqNumber = subDer.getData().getBigInteger().intValue();
         } else {
             seqNumber = null;
         }
--- a/src/share/classes/sun/security/krb5/internal/EncKrbCredPart.java	Wed Jul 16 16:02:51 2014 +0400
+++ b/src/share/classes/sun/security/krb5/internal/EncKrbCredPart.java	Wed Jul 16 15:12:24 2014 -0700
@@ -140,7 +140,7 @@
         if (der.getData().available() > 0) {
             if (((byte) (der.getData().peekByte()) & (byte) 0x1F) == (byte) 0x01) {
                 subDer = der.getData().getDerValue();
-                nonce = new Integer(subDer.getData().getBigInteger().intValue());
+                nonce = subDer.getData().getBigInteger().intValue();
             }
         }
         if (der.getData().available() > 0) {
@@ -149,7 +149,7 @@
         if (der.getData().available() > 0) {
             if (((byte) (der.getData().peekByte()) & (byte) 0x1F) == (byte) 0x03) {
                 subDer = der.getData().getDerValue();
-                usec = new Integer(subDer.getData().getBigInteger().intValue());
+                usec = subDer.getData().getBigInteger().intValue();
             }
         }
         if (der.getData().available() > 0) {
--- a/src/share/classes/sun/security/krb5/internal/EncKrbPrivPart.java	Wed Jul 16 16:02:51 2014 +0400
+++ b/src/share/classes/sun/security/krb5/internal/EncKrbPrivPart.java	Wed Jul 16 15:12:24 2014 -0700
@@ -115,13 +115,13 @@
         timestamp = KerberosTime.parse(der.getData(), (byte) 0x01, true);
         if ((der.getData().peekByte() & 0x1F) == 0x02) {
             subDer = der.getData().getDerValue();
-            usec = new Integer(subDer.getData().getBigInteger().intValue());
+            usec = subDer.getData().getBigInteger().intValue();
         } else {
             usec = null;
         }
         if ((der.getData().peekByte() & 0x1F) == 0x03) {
             subDer = der.getData().getDerValue();
-            seqNumber = new Integer(subDer.getData().getBigInteger().intValue());
+            seqNumber = subDer.getData().getBigInteger().intValue();
         } else {
             seqNumber = null;
         }
--- a/src/share/classes/sun/security/krb5/internal/KRBError.java	Wed Jul 16 16:02:51 2014 +0400
+++ b/src/share/classes/sun/security/krb5/internal/KRBError.java	Wed Jul 16 15:12:24 2014 -0700
@@ -335,13 +335,13 @@
         cTime = KerberosTime.parse(der.getData(), (byte)0x02, true);
         if ((der.getData().peekByte() & 0x1F) == 0x03) {
             subDer = der.getData().getDerValue();
-            cuSec = new Integer(subDer.getData().getBigInteger().intValue());
+            cuSec = subDer.getData().getBigInteger().intValue();
         }
         else cuSec = null;
         sTime = KerberosTime.parse(der.getData(), (byte)0x04, false);
         subDer = der.getData().getDerValue();
         if ((subDer.getTag() & (byte)0x1F) == (byte)0x05) {
-            suSec = new Integer (subDer.getData().getBigInteger().intValue());
+            suSec = subDer.getData().getBigInteger().intValue();
         }
         else  throw new Asn1Exception(Krb5.ASN1_BAD_ID);
         subDer = der.getData().getDerValue();
--- a/src/share/classes/sun/security/krb5/internal/KRBSafeBody.java	Wed Jul 16 16:02:51 2014 +0400
+++ b/src/share/classes/sun/security/krb5/internal/KRBSafeBody.java	Wed Jul 16 15:12:24 2014 -0700
@@ -104,11 +104,11 @@
         timestamp = KerberosTime.parse(encoding.getData(), (byte)0x01, true);
         if ((encoding.getData().peekByte() & 0x1F) == 0x02) {
             der = encoding.getData().getDerValue();
-            usec = new Integer(der.getData().getBigInteger().intValue());
+            usec = der.getData().getBigInteger().intValue();
         }
         if ((encoding.getData().peekByte() & 0x1F) == 0x03) {
             der = encoding.getData().getDerValue();
-            seqNumber = new Integer(der.getData().getBigInteger().intValue());
+            seqNumber = der.getData().getBigInteger().intValue();
         }
         sAddress = HostAddress.parse(encoding.getData(), (byte)0x04, false);
         if (encoding.getData().available() > 0)
--- a/src/share/classes/sun/security/krb5/internal/PAEncTSEnc.java	Wed Jul 16 16:02:51 2014 +0400
+++ b/src/share/classes/sun/security/krb5/internal/PAEncTSEnc.java	Wed Jul 16 15:12:24 2014 -0700
@@ -67,7 +67,7 @@
     public PAEncTSEnc() {
         KerberosTime now = KerberosTime.now();
         pATimeStamp = now;
-        pAUSec = new Integer(now.getMicroSeconds());
+        pAUSec = now.getMicroSeconds();
     }
 
     /**
@@ -85,7 +85,7 @@
         if (encoding.getData().available() > 0) {
             der = encoding.getData().getDerValue();
             if ((der.getTag() & 0x1F) == 0x01) {
-                pAUSec = new Integer(der.getData().getBigInteger().intValue());
+                pAUSec = der.getData().getBigInteger().intValue();
             }
             else throw new Asn1Exception(Krb5.ASN1_BAD_ID);
         }
--- a/src/share/classes/sun/security/krb5/internal/ccache/CCacheInputStream.java	Wed Jul 16 16:02:51 2014 +0400
+++ b/src/share/classes/sun/security/krb5/internal/ccache/CCacheInputStream.java	Wed Jul 16 15:12:24 2014 -0700
@@ -94,8 +94,8 @@
             taglen = read(2);
             switch (tag) {
             case FCC_TAG_DELTATIME:
-                time_offset = new Integer(read(4));
-                usec_offset = new Integer(read(4));
+                time_offset = read(4);
+                usec_offset = read(4);
                 break;
             default:
             }
@@ -186,7 +186,7 @@
             read(2); /* keytype recorded twice in fvno 3 */
         keyLen = read(4);
         byte[] bytes = IOUtils.readFully(this, keyLen, true);
-        return new EncryptionKey(bytes, keyType, new Integer(version));
+        return new EncryptionKey(bytes, keyType, version);
     }
 
     long[] readTimes() throws IOException {
--- a/src/share/classes/sun/security/krb5/internal/ktab/KeyTab.java	Wed Jul 16 16:02:51 2014 +0400
+++ b/src/share/classes/sun/security/krb5/internal/ktab/KeyTab.java	Wed Jul 16 15:12:24 2014 -0700
@@ -297,7 +297,7 @@
                 if (EType.isSupported(entry.keyType)) {
                     key = new EncryptionKey(entry.keyblock,
                                         entry.keyType,
-                                        new Integer(entry.keyVersion));
+                                        entry.keyVersion);
                     keys.add(key);
                     if (DEBUG) {
                         System.out.println("Added key: " + entry.keyType +
--- a/src/share/classes/sun/security/krb5/internal/ktab/KeyTabEntry.java	Wed Jul 16 16:02:51 2014 +0400
+++ b/src/share/classes/sun/security/krb5/internal/ktab/KeyTabEntry.java	Wed Jul 16 15:12:24 2014 -0700
@@ -68,7 +68,7 @@
     public EncryptionKey getKey() {
         EncryptionKey key = new EncryptionKey(keyblock,
                                               keyType,
-                                              new Integer(keyVersion));
+                                              keyVersion);
         return key;
     }
 
--- a/src/share/classes/sun/security/pkcs12/PKCS12KeyStore.java	Wed Jul 16 16:02:51 2014 +0400
+++ b/src/share/classes/sun/security/pkcs12/PKCS12KeyStore.java	Wed Jul 16 15:12:24 2014 -0700
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 1999, 2013, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 1999, 2014, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -900,7 +900,7 @@
     private static ObjectIdentifier mapPBEAlgorithmToOID(String algorithm)
         throws NoSuchAlgorithmException {
         // Check for PBES2 algorithms
-        if (algorithm.toLowerCase().startsWith("pbewithhmacsha")) {
+        if (algorithm.toLowerCase(Locale.ENGLISH).startsWith("pbewithhmacsha")) {
             return pbes2_OID;
         }
         return AlgorithmId.get(algorithm).getOID();
--- a/src/share/classes/sun/security/provider/ConfigFile.java	Wed Jul 16 16:02:51 2014 +0400
+++ b/src/share/classes/sun/security/provider/ConfigFile.java	Wed Jul 16 15:12:24 2014 -0700
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2000, 2013, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2000, 2014, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -451,7 +451,7 @@
 
                 // controlFlag (required, optional, etc)
                 LoginModuleControlFlag controlFlag;
-                String sflag = match("controlFlag").toUpperCase();
+                String sflag = match("controlFlag").toUpperCase(Locale.ENGLISH);
                 switch (sflag) {
                     case "REQUIRED":
                         controlFlag = LoginModuleControlFlag.REQUIRED;
@@ -531,7 +531,7 @@
                 } else {
                     throw ioException(
                         "Configuration.Error.Line.line.expected.expect.found.value.",
-                        new Integer(linenum), expect, st.sval);
+                        linenum, expect, st.sval);
                 }
                 break;
 
@@ -541,7 +541,7 @@
                 } else {
                     throw ioException(
                         "Configuration.Error.Line.line.expected.expect.",
-                        new Integer(linenum), expect, st.sval);
+                        linenum, expect, st.sval);
                 }
                 break;
 
@@ -551,7 +551,7 @@
                 } else {
                     throw ioException(
                         "Configuration.Error.Line.line.expected.expect.",
-                        new Integer(linenum), expect, st.sval);
+                        linenum, expect, st.sval);
                 }
                 break;
 
@@ -561,7 +561,7 @@
                 } else {
                     throw ioException(
                         "Configuration.Error.Line.line.expected.expect.",
-                        new Integer(linenum), expect, st.sval);
+                        linenum, expect, st.sval);
                 }
                 break;
 
@@ -571,14 +571,14 @@
                 } else {
                     throw ioException(
                         "Configuration.Error.Line.line.expected.expect.",
-                        new Integer(linenum), expect, st.sval);
+                        linenum, expect, st.sval);
                 }
                 break;
 
             default:
                 throw ioException(
                     "Configuration.Error.Line.line.expected.expect.found.value.",
-                    new Integer(linenum), expect, st.sval);
+                    linenum, expect, st.sval);
             }
             return value;
         }
@@ -655,7 +655,7 @@
             if (s == null || s.length() == 0) {
                 throw ioException(
                     "Configuration.Error.Line.line.system.property.value.expanded.to.empty.value",
-                    new Integer(linenum), value);
+                    linenum, value);
             }
             return s;
         }
--- a/src/share/classes/sun/security/provider/PolicyParser.java	Wed Jul 16 16:02:51 2014 +0400
+++ b/src/share/classes/sun/security/provider/PolicyParser.java	Wed Jul 16 15:12:24 2014 -0700
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 1997, 2013, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 1997, 2014, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -707,7 +707,7 @@
             } catch (PropertyExpander.ExpandException peee) {
                 throw new IOException(peee.getLocalizedMessage());
             }
-            properties.put(key.toLowerCase(), value);
+            properties.put(key.toLowerCase(Locale.ENGLISH), value);
         }
 
         return properties;
@@ -1405,7 +1405,7 @@
             super("line " + line + ": " + msg);
             MessageFormat form = new MessageFormat
                 (ResourcesMgr.getString("line.number.msg"));
-            Object[] source = {new Integer(line), msg};
+            Object[] source = {line, msg};
             i18nMessage = form.format(source);
         }
 
@@ -1414,7 +1414,7 @@
                 "], found [" + actual + "]");
             MessageFormat form = new MessageFormat(ResourcesMgr.getString
                 ("line.number.expected.expect.found.actual."));
-            Object[] source = {new Integer(line), expect, actual};
+            Object[] source = {line, expect, actual};
             i18nMessage = form.format(source);
         }
 
--- a/src/share/classes/sun/security/rsa/RSACore.java	Wed Jul 16 16:02:51 2014 +0400
+++ b/src/share/classes/sun/security/rsa/RSACore.java	Wed Jul 16 15:12:24 2014 -0700
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2003, 2011, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2003, 2014, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -50,6 +50,15 @@
  */
 public final class RSACore {
 
+    // globally enable/disable use of blinding
+    private final static boolean ENABLE_BLINDING = true;
+
+    // cache for blinding parameters. Map<BigInteger, BlindingParameters>
+    // use a weak hashmap so that cached values are automatically cleared
+    // when the modulus is GC'ed
+    private final static Map<BigInteger, BlindingParameters>
+                blindingCache = new WeakHashMap<>();
+
     private RSACore() {
         // empty
     }
@@ -100,12 +109,12 @@
         if (key instanceof RSAPrivateCrtKey) {
             return crtCrypt(msg, (RSAPrivateCrtKey)key);
         } else {
-            return crypt(msg, key.getModulus(), key.getPrivateExponent());
+            return priCrypt(msg, key.getModulus(), key.getPrivateExponent());
         }
     }
 
     /**
-     * RSA public key ops and non-CRT private key ops. Simple modPow().
+     * RSA public key ops. Simple modPow().
      */
     private static byte[] crypt(byte[] msg, BigInteger n, BigInteger exp)
             throws BadPaddingException {
@@ -115,22 +124,29 @@
     }
 
     /**
+     * RSA non-CRT private key operations.
+     */
+    private static byte[] priCrypt(byte[] msg, BigInteger n, BigInteger exp)
+            throws BadPaddingException {
+
+        BigInteger c = parseMsg(msg, n);
+        BlindingRandomPair brp = null;
+        BigInteger m;
+        if (ENABLE_BLINDING) {
+            brp = getBlindingRandomPair(null, exp, n);
+            c = c.multiply(brp.u).mod(n);
+            m = c.modPow(exp, n);
+            m = m.multiply(brp.v).mod(n);
+        } else {
+            m = c.modPow(exp, n);
+        }
+
+        return toByteArray(m, getByteLength(n));
+    }
+
+    /**
      * RSA private key operations with CRT. Algorithm and variable naming
      * are taken from PKCS#1 v2.1, section 5.1.2.
-     *
-     * The only difference is the addition of blinding to twart timing attacks.
-     * This is described in the RSA Bulletin#2 (Jan 96) among other places.
-     * This means instead of implementing RSA as
-     *   m = c ^ d mod n (or RSA in CRT variant)
-     * we do
-     *   r  = random(0, n-1)
-     *   c' = c  * r^e  mod n
-     *   m' = c' ^ d    mod n (or RSA in CRT variant)
-     *   m  = m' * r^-1 mod n (where r^-1 is the modular inverse of r mod n)
-     * This works because r^(e*d) * r^-1 = r * r^-1 = 1 (all mod n)
-     *
-     * We do not generate new blinding parameters for each operation but reuse
-     * them BLINDING_MAX_REUSE times (see definition below).
      */
     private static byte[] crtCrypt(byte[] msg, RSAPrivateCrtKey key)
             throws BadPaddingException {
@@ -141,13 +157,13 @@
         BigInteger dP = key.getPrimeExponentP();
         BigInteger dQ = key.getPrimeExponentQ();
         BigInteger qInv = key.getCrtCoefficient();
+        BigInteger e = key.getPublicExponent();
+        BigInteger d = key.getPrivateExponent();
 
-        BlindingParameters params;
+        BlindingRandomPair brp;
         if (ENABLE_BLINDING) {
-            params = getBlindingParameters(key);
-            c = c.multiply(params.re).mod(n);
-        } else {
-            params = null;
+            brp = getBlindingRandomPair(e, d, n);
+            c = c.multiply(brp.u).mod(n);
         }
 
         // m1 = c ^ dP mod p
@@ -165,8 +181,8 @@
         // m = m2 + q * h
         BigInteger m = h.multiply(q).add(m2);
 
-        if (params != null) {
-            m = m.multiply(params.rInv).mod(n);
+        if (ENABLE_BLINDING) {
+            m = m.multiply(brp.v).mod(n);
         }
 
         return toByteArray(m, getByteLength(n));
@@ -208,82 +224,217 @@
         return t;
     }
 
-    // globally enable/disable use of blinding
-    private final static boolean ENABLE_BLINDING = true;
+    /**
+     * Parameters (u,v) for RSA Blinding.  This is described in the RSA
+     * Bulletin#2 (Jan 96) and other places:
+     *
+     *     ftp://ftp.rsa.com/pub/pdfs/bull-2.pdf
+     *
+     * The standard RSA Blinding decryption requires the public key exponent
+     * (e) and modulus (n), and converts ciphertext (c) to plaintext (p).
+     *
+     * Before the modular exponentiation operation, the input message should
+     * be multiplied by (u (mod n)), and afterward the result is corrected
+     * by multiplying with (v (mod n)).  The system should reject messages
+     * equal to (0 (mod n)).  That is:
+     *
+     *     1.  Generate r between 0 and n-1, relatively prime to n.
+     *     2.  Compute x = (c*u) mod n
+     *     3.  Compute y = (x^d) mod n
+     *     4.  Compute p = (y*v) mod n
+     *
+     * The Java APIs allows for either standard RSAPrivateKey or
+     * RSAPrivateCrtKey RSA keys.
+     *
+     * If the public exponent is available to us (e.g. RSAPrivateCrtKey),
+     * choose a random r, then let (u, v):
+     *
+     *     u = r ^ e mod n
+     *     v = r ^ (-1) mod n
+     *
+     * The proof follows:
+     *
+     *     p = (((c * u) ^ d mod n) * v) mod n
+     *       = ((c ^ d) * (u ^ d) * v) mod n
+     *       = ((c ^ d) * (r ^ e) ^ d) * (r ^ (-1))) mod n
+     *       = ((c ^ d) * (r ^ (e * d)) * (r ^ (-1))) mod n
+     *       = ((c ^ d) * (r ^ 1) * (r ^ (-1))) mod n  (see below)
+     *       = (c ^ d) mod n
+     *
+     * because in RSA cryptosystem, d is the multiplicative inverse of e:
+     *
+     *    (r^(e * d)) mod n
+     *       = (r ^ 1) mod n
+     *       = r mod n
+     *
+     * However, if the public exponent is not available (e.g. RSAPrivateKey),
+     * we mitigate the timing issue by using a similar random number blinding
+     * approach using the private key:
+     *
+     *     u = r
+     *     v = ((r ^ (-1)) ^ d) mod n
+     *
+     * This returns the same plaintext because:
+     *
+     *     p = (((c * u) ^ d mod n) * v) mod n
+     *       = ((c ^ d) * (u ^ d) * v) mod n
+     *       = ((c ^ d) * (u ^ d) * ((u ^ (-1)) ^d)) mod n
+     *       = (c ^ d) mod n
+     *
+     * Computing inverses mod n and random number generation is slow, so
+     * it is often not practical to generate a new random (u, v) pair for
+     * each new exponentiation.  The calculation of parameters might even be
+     * subject to timing attacks.  However, (u, v) pairs should not be
+     * reused since they themselves might be compromised by timing attacks,
+     * leaving the private exponent vulnerable.  An efficient solution to
+     * this problem is update u and v before each modular exponentiation
+     * step by computing:
+     *
+     *     u = u ^ 2
+     *     v = v ^ 2
+     *
+     * The total performance cost is small.
+     */
+    private final static class BlindingRandomPair {
+        final BigInteger u;
+        final BigInteger v;
 
-    // maximum number of times that we will use a set of blinding parameters
-    // value suggested by Paul Kocher (quoted by NSS)
-    private final static int BLINDING_MAX_REUSE = 50;
-
-    // cache for blinding parameters. Map<BigInteger, BlindingParameters>
-    // use a weak hashmap so that cached values are automatically cleared
-    // when the modulus is GC'ed
-    private final static Map<BigInteger, BlindingParameters> blindingCache =
-                new WeakHashMap<>();
+        BlindingRandomPair(BigInteger u, BigInteger v) {
+            this.u = u;
+            this.v = v;
+        }
+    }
 
     /**
      * Set of blinding parameters for a given RSA key.
      *
      * The RSA modulus is usually unique, so we index by modulus in
-     * blindingCache. However, to protect against the unlikely case of two
-     * keys sharing the same modulus, we also store the public exponent.
-     * This means we cannot cache blinding parameters for multiple keys that
-     * share the same modulus, but since sharing moduli is fundamentally broken
-     * an insecure, this does not matter.
+     * {@code blindingCache}.  However, to protect against the unlikely
+     * case of two keys sharing the same modulus, we also store the public
+     * or the private exponent.  This means we cannot cache blinding
+     * parameters for multiple keys that share the same modulus, but
+     * since sharing moduli is fundamentally broken and insecure, this
+     * does not matter.
      */
-    private static final class BlindingParameters {
-        // e (RSA public exponent)
-        final BigInteger e;
-        // r ^ e mod n
-        final BigInteger re;
-        // inverse of r mod n
-        final BigInteger rInv;
-        // how many more times this parameter object can be used
-        private volatile int remainingUses;
-        BlindingParameters(BigInteger e, BigInteger re, BigInteger rInv) {
+    private final static class BlindingParameters {
+        private final static BigInteger BIG_TWO = BigInteger.valueOf(2L);
+
+        // RSA public exponent
+        private final BigInteger e;
+
+        // hash code of RSA private exponent
+        private final BigInteger d;
+
+        // r ^ e mod n (CRT), or r mod n (Non-CRT)
+        private BigInteger u;
+
+        // r ^ (-1) mod n (CRT) , or ((r ^ (-1)) ^ d) mod n (Non-CRT)
+        private BigInteger v;
+
+        // e: the public exponent
+        // d: the private exponent
+        // n: the modulus
+        BlindingParameters(BigInteger e, BigInteger d, BigInteger n) {
+            this.u = null;
+            this.v = null;
             this.e = e;
-            this.re = re;
-            this.rInv = rInv;
-            // initialize remaining uses, subtract current use now
-            remainingUses = BLINDING_MAX_REUSE - 1;
+            this.d = d;
+
+            int len = n.bitLength();
+            SecureRandom random = JCAUtil.getSecureRandom();
+            u = new BigInteger(len, random).mod(n);
+            // Although the possibility is very much limited that u is zero
+            // or is not relatively prime to n, we still want to be careful
+            // about the special value.
+            //
+            // Secure random generation is expensive, try to use BigInteger.ONE
+            // this time if this new generated random number is zero or is not
+            // relatively prime to n.  Next time, new generated secure random
+            // number will be used instead.
+            if (u.equals(BigInteger.ZERO)) {
+                u = BigInteger.ONE;     // use 1 this time
+            }
+
+            try {
+                // The call to BigInteger.modInverse() checks that u is
+                // relatively prime to n.  Otherwise, ArithmeticException is
+                // thrown.
+                v = u.modInverse(n);
+            } catch (ArithmeticException ae) {
+                // if u is not relatively prime to n, use 1 this time
+                u = BigInteger.ONE;
+                v = BigInteger.ONE;
+            }
+
+            if (e != null) {
+                u = u.modPow(e, n);   // e: the public exponent
+                                      // u: random ^ e
+                                      // v: random ^ (-1)
+            } else {
+                v = v.modPow(d, n);   // d: the private exponent
+                                      // u: random
+                                      // v: random ^ (-d)
+            }
         }
-        boolean valid(BigInteger e) {
-            int k = remainingUses--;
-            return (k > 0) && this.e.equals(e);
+
+        // return null if need to reset the parameters
+        BlindingRandomPair getBlindingRandomPair(
+                BigInteger e, BigInteger d, BigInteger n) {
+
+            if ((this.e != null && this.e.equals(e)) ||
+                (this.d != null && this.d.equals(d))) {
+
+                BlindingRandomPair brp = null;
+                synchronized (this) {
+                    if (!u.equals(BigInteger.ZERO) &&
+                        !v.equals(BigInteger.ZERO)) {
+
+                        brp = new BlindingRandomPair(u, v);
+                        if (u.compareTo(BigInteger.ONE) <= 0 ||
+                            v.compareTo(BigInteger.ONE) <= 0) {
+
+                            // need to reset the random pair next time
+                            u = BigInteger.ZERO;
+                            v = BigInteger.ZERO;
+                        } else {
+                            u = u.modPow(BIG_TWO, n);
+                            v = v.modPow(BIG_TWO, n);
+                        }
+                    } // Otherwise, need to reset the random pair.
+                }
+                return brp;
+            }
+
+            return null;
         }
     }
 
-    /**
-     * Return valid RSA blinding parameters for the given private key.
-     * Use cached parameters if available. If not, generate new parameters
-     * and cache.
-     */
-    private static BlindingParameters getBlindingParameters
-            (RSAPrivateCrtKey key) {
-        BigInteger modulus = key.getModulus();
-        BigInteger e = key.getPublicExponent();
-        BlindingParameters params;
-        // we release the lock between get() and put()
-        // that means threads might concurrently generate new blinding
-        // parameters for the same modulus. this is only a slight waste
-        // of cycles and seems preferable in terms of scalability
-        // to locking out all threads while generating new parameters
+    private static BlindingRandomPair getBlindingRandomPair(
+            BigInteger e, BigInteger d, BigInteger n) {
+
+        BlindingParameters bps = null;
         synchronized (blindingCache) {
-            params = blindingCache.get(modulus);
+            bps = blindingCache.get(n);
         }
-        if ((params != null) && params.valid(e)) {
-            return params;
+
+        if (bps == null) {
+            bps = new BlindingParameters(e, d, n);
+            synchronized (blindingCache) {
+                blindingCache.putIfAbsent(n, bps);
+            }
         }
-        int len = modulus.bitLength();
-        SecureRandom random = JCAUtil.getSecureRandom();
-        BigInteger r = new BigInteger(len, random).mod(modulus);
-        BigInteger re = r.modPow(e, modulus);
-        BigInteger rInv = r.modInverse(modulus);
-        params = new BlindingParameters(e, re, rInv);
-        synchronized (blindingCache) {
-            blindingCache.put(modulus, params);
+
+        BlindingRandomPair brp = bps.getBlindingRandomPair(e, d, n);
+        if (brp == null) {
+            // need to reset the blinding parameters
+            bps = new BlindingParameters(e, d, n);
+            synchronized (blindingCache) {
+                blindingCache.replace(n, bps);
+            }
+            brp = bps.getBlindingRandomPair(e, d, n);
         }
-        return params;
+
+        return brp;
     }
 
 }
--- a/src/share/classes/sun/security/tools/keytool/Main.java	Wed Jul 16 16:02:51 2014 +0400
+++ b/src/share/classes/sun/security/tools/keytool/Main.java	Wed Jul 16 15:12:24 2014 -0700
@@ -1540,7 +1540,7 @@
         boolean useDefaultPBEAlgorithm = true;
         SecretKey secKey = null;
 
-        if (keyAlgName.toUpperCase().startsWith("PBE")) {
+        if (keyAlgName.toUpperCase(Locale.ENGLISH).startsWith("PBE")) {
             SecretKeyFactory factory = SecretKeyFactory.getInstance("PBE");
 
             // User is prompted for PBE credential
@@ -1577,7 +1577,7 @@
             if (verbose) {
                 MessageFormat form = new MessageFormat(rb.getString
                     ("Generated.keysize.bit.keyAlgName.secret.key"));
-                Object[] source = {new Integer(keysize),
+                Object[] source = {keysize,
                                     secKey.getAlgorithm()};
                 System.err.println(form.format(source));
             }
@@ -1672,7 +1672,7 @@
         if (verbose) {
             MessageFormat form = new MessageFormat(rb.getString
                 ("Generating.keysize.bit.keyAlgName.key.pair.and.self.signed.certificate.sigAlgName.with.a.validity.of.validality.days.for"));
-            Object[] source = {new Integer(keysize),
+            Object[] source = {keysize,
                                 privKey.getAlgorithm(),
                                 chain[0].getSigAlgName(),
                                 validity,
@@ -1833,7 +1833,7 @@
                     for (int i = 0; i < chain.length; i ++) {
                         MessageFormat form = new MessageFormat
                                 (rb.getString("Certificate.i.1."));
-                        Object[] source = {new Integer((i + 1))};
+                        Object[] source = {(i + 1)};
                         out.println(form.format(source));
                         if (verbose && (chain[i] instanceof X509Certificate)) {
                             printX509Cert((X509Certificate)(chain[i]), out);
@@ -2108,7 +2108,7 @@
                         ("Your.keystore.contains.keyStore.size.entry")) :
                 new MessageFormat(rb.getString
                         ("Your.keystore.contains.keyStore.size.entries"));
-        Object[] source = {new Integer(keyStore.size())};
+        Object[] source = {keyStore.size()};
         out.println(form.format(source));
         out.println();
 
@@ -2380,7 +2380,7 @@
             if (certs.length > 1) {
                 MessageFormat form = new MessageFormat
                         (rb.getString("Certificate.i.1."));
-                Object[] source = {new Integer(i + 1)};
+                Object[] source = {i + 1};
                 out.println(form.format(source));
             }
             if (rfc)
--- a/src/share/classes/sun/security/util/DerIndefLenConverter.java	Wed Jul 16 16:02:51 2014 +0400
+++ b/src/share/classes/sun/security/util/DerIndefLenConverter.java	Wed Jul 16 15:12:24 2014 -0700
@@ -150,7 +150,7 @@
             return curLen;
         int lenByte = data[dataPos++] & 0xff;
         if (isIndefinite(lenByte)) {
-            ndefsList.add(new Integer(dataPos));
+            ndefsList.add(dataPos);
             unresolved++;
             return curLen;
         }
--- a/src/share/classes/sun/security/util/KeyUtil.java	Wed Jul 16 16:02:51 2014 +0400
+++ b/src/share/classes/sun/security/util/KeyUtil.java	Wed Jul 16 15:12:24 2014 -0700
@@ -272,7 +272,16 @@
                     "Diffie-Hellman public key is too large");
         }
 
-        // Don't bother to check against the y^q mod p if safe primes are used.
+        // y^q mod p == 1?
+        // Unable to perform this check as q is unknown in this circumstance.
+
+        // p is expected to be prime.  However, it is too expensive to check
+        // that p is prime.  Instead, in order to mitigate the impact of
+        // non-prime values, we check that y is not a factor of p.
+        BigInteger r = p.remainder(y);
+        if (r.equals(BigInteger.ZERO)) {
+            throw new InvalidKeyException("Invalid Diffie-Hellman parameters");
+        }
     }
 
     /**
--- a/src/share/classes/sun/security/x509/CRLReasonCodeExtension.java	Wed Jul 16 16:02:51 2014 +0400
+++ b/src/share/classes/sun/security/x509/CRLReasonCodeExtension.java	Wed Jul 16 15:12:24 2014 -0700
@@ -125,7 +125,7 @@
      */
     public Integer get(String name) throws IOException {
         if (name.equalsIgnoreCase(REASON)) {
-            return new Integer(reasonCode);
+            return reasonCode;
         } else {
             throw new IOException
                 ("Name not supported by CRLReasonCodeExtension");
--- a/src/share/classes/sun/security/x509/CertificateVersion.java	Wed Jul 16 16:02:51 2014 +0400
+++ b/src/share/classes/sun/security/x509/CertificateVersion.java	Wed Jul 16 15:12:24 2014 -0700
@@ -193,7 +193,7 @@
      */
     public Integer get(String name) throws IOException {
         if (name.equalsIgnoreCase(VERSION)) {
-            return(new Integer(getVersion()));
+            return(getVersion());
         } else {
             throw new IOException("Attribute name not recognized by " +
                                   "CertAttrSet: CertificateVersion.");
--- a/src/share/classes/sun/security/x509/InhibitAnyPolicyExtension.java	Wed Jul 16 16:02:51 2014 +0400
+++ b/src/share/classes/sun/security/x509/InhibitAnyPolicyExtension.java	Wed Jul 16 15:12:24 2014 -0700
@@ -217,7 +217,7 @@
      */
     public Integer get(String name) throws IOException {
         if (name.equalsIgnoreCase(SKIP_CERTS))
-            return (new Integer(skipCerts));
+            return (skipCerts);
         else
             throw new IOException("Attribute name not recognized by " +
                                   "CertAttrSet:InhibitAnyPolicy.");
--- a/src/share/classes/sun/security/x509/PolicyConstraintsExtension.java	Wed Jul 16 16:02:51 2014 +0400
+++ b/src/share/classes/sun/security/x509/PolicyConstraintsExtension.java	Wed Jul 16 15:12:24 2014 -0700
@@ -233,9 +233,9 @@
      */
     public Integer get(String name) throws IOException {
         if (name.equalsIgnoreCase(REQUIRE)) {
-            return new Integer(require);
+            return require;
         } else if (name.equalsIgnoreCase(INHIBIT)) {
-            return new Integer(inhibit);
+            return inhibit;
         } else {
           throw new IOException("Attribute name not recognized by " +
                                 "CertAttrSet:PolicyConstraints.");
--- a/src/share/classes/sun/tools/asm/Assembler.java	Wed Jul 16 16:02:51 2014 +0400
+++ b/src/share/classes/sun/tools/asm/Assembler.java	Wed Jul 16 15:12:24 2014 -0700
@@ -558,7 +558,7 @@
               case opc_tableswitch: {
                 SwitchData sw = (SwitchData)inst.value;
                 for (int i = sw.minValue; i <= sw.maxValue; i++) {
-                     TableLot.addElement(new Cover(CT_CASE, sw.whereCase(new Integer(i)), inst.pc));
+                     TableLot.addElement(new Cover(CT_CASE, sw.whereCase(i), inst.pc));
                      count++;
                 }
                 if (!sw.getDefault()) {
--- a/src/share/classes/sun/tools/asm/Instruction.java	Wed Jul 16 16:02:51 2014 +0400
+++ b/src/share/classes/sun/tools/asm/Instruction.java	Wed Jul 16 15:12:24 2014 -0700
@@ -142,7 +142,7 @@
             // Don't keep the LocalVariable info around, unless we
             // are actually going to generate a local variable table.
             if ((value instanceof LocalVariable) && !env.debug_vars()) {
-                value = new Integer(((LocalVariable)value).slot);
+                value = ((LocalVariable)value).slot;
             }
             break;
 
--- a/src/share/classes/sun/tools/java/BinaryConstantPool.java	Wed Jul 16 16:02:51 2014 +0400
+++ b/src/share/classes/sun/tools/java/BinaryConstantPool.java	Wed Jul 16 15:12:24 2014 -0700
@@ -60,7 +60,7 @@
                 break;
 
               case CONSTANT_INTEGER:
-                cpool[i] = new Integer(in.readInt());
+                cpool[i] = in.readInt();
                 break;
               case CONSTANT_FLOAT:
                 cpool[i] = new Float(in.readFloat());
@@ -76,7 +76,7 @@
               case CONSTANT_STRING:
                 // JVM 4.4.3 CONSTANT_String_info.string_index
                 // or JVM 4.4.1 CONSTANT_Class_info.name_index
-                cpool[i] = new Integer(in.readUnsignedShort());
+                cpool[i] =in.readUnsignedShort();
                 break;
 
               case CONSTANT_FIELD:
@@ -84,7 +84,7 @@
               case CONSTANT_INTERFACEMETHOD:
               case CONSTANT_NAMEANDTYPE:
                 // JVM 4.4.2 CONSTANT_*ref_info.class_index & name_and_type_index
-                cpool[i] = new Integer((in.readUnsignedShort() << 16) | in.readUnsignedShort());
+                cpool[i] = (in.readUnsignedShort() << 16) | in.readUnsignedShort();
                 break;
 
               case CONSTANT_METHODHANDLE:
@@ -260,7 +260,7 @@
         Integer result = (Integer)indexHashAscii.get(string);
         if (result == null) {
             if (MoreStuff == null) MoreStuff = new Vector();
-            result = new Integer(cpool.length + MoreStuff.size());
+            result = cpool.length + MoreStuff.size();
             MoreStuff.addElement(string);
             indexHashAscii.put(string, result);
         }
@@ -277,10 +277,10 @@
         indexHashAscii = new Hashtable();
         for (int i = 1; i < cpool.length; i++) {
             if (types[i] == CONSTANT_UTF8) {
-                indexHashAscii.put(cpool[i], new Integer(i));
+                indexHashAscii.put(cpool[i], i);
             } else {
                 try {
-                    indexHashObject.put(getConstant(i, env), new Integer(i));
+                    indexHashObject.put(getConstant(i, env), i);
                 } catch (ClassFormatError e) { }
             }
         }
--- a/src/share/classes/sun/tools/java/Identifier.java	Wed Jul 16 16:02:51 2014 +0400
+++ b/src/share/classes/sun/tools/java/Identifier.java	Wed Jul 16 15:12:24 2014 -0700
@@ -106,7 +106,7 @@
      * Set the type of the identifier.
      */
     void setType(int t) {
-        value = new Integer(t);
+        value = t;
         //System.out.println("type(" + this + ")=" + t);
     }
 
--- a/src/share/classes/sun/tools/javac/BatchEnvironment.java	Wed Jul 16 16:02:51 2014 +0400
+++ b/src/share/classes/sun/tools/javac/BatchEnvironment.java	Wed Jul 16 15:12:24 2014 -0700
@@ -1172,7 +1172,7 @@
                     if (!hitErrorLimit) {
                         hitErrorLimit = true;
                         output(errorString("too.many.errors",
-                                           new Integer(errorLimit),null,null));
+                                           errorLimit,null,null));
                     }
                     return;
                 }
--- a/src/share/classes/sun/tools/javac/Main.java	Wed Jul 16 16:02:51 2014 +0400
+++ b/src/share/classes/sun/tools/javac/Main.java	Wed Jul 16 15:12:24 2014 -0700
@@ -669,18 +669,18 @@
             if (env.deprecation()) {
                 if (ndepfiles > 1) {
                     env.error(0, "warn.note.deprecations",
-                              new Integer(ndepfiles), new Integer(ndeps));
+                              ndepfiles, ndeps);
                 } else {
                     env.error(0, "warn.note.1deprecation",
-                              file1, new Integer(ndeps));
+                              file1, ndeps);
                 }
             } else {
                 if (ndepfiles > 1) {
                     env.error(0, "warn.note.deprecations.silent",
-                              new Integer(ndepfiles), new Integer(ndeps));
+                              ndepfiles, ndeps);
                 } else {
                     env.error(0, "warn.note.1deprecation.silent",
-                              file1, new Integer(ndeps));
+                              file1, ndeps);
                 }
             }
         }
--- a/src/share/classes/sun/tools/javac/SourceMember.java	Wed Jul 16 16:02:51 2014 +0400
+++ b/src/share/classes/sun/tools/javac/SourceMember.java	Wed Jul 16 15:12:24 2014 -0700
@@ -885,7 +885,7 @@
                     // instance initializers.  Code for these is generated
                     // in the makeVarInits() method of the class
                     // MethodExpression.
-                    asm.add(getWhere(), opc_aload, new Integer(0));
+                    asm.add(getWhere(), opc_aload, 0);
                     e.codeValue(env, ctx, asm);
                     asm.add(getWhere(), opc_putfield, this);
                 }
--- a/src/share/classes/sun/tools/jstat/Jstat.java	Wed Jul 16 16:02:51 2014 +0400
+++ b/src/share/classes/sun/tools/jstat/Jstat.java	Wed Jul 16 15:12:24 2014 -0700
@@ -158,7 +158,7 @@
         // handle target termination events for targets other than ourself
         HostListener terminator = new HostListener() {
             public void vmStatusChanged(VmStatusChangeEvent ev) {
-                Integer lvmid = new Integer(vmId.getLocalVmId());
+                Integer lvmid = vmId.getLocalVmId();
                 if (ev.getTerminated().contains(lvmid)) {
                     logger.stopLogging();
                 } else if (!ev.getActive().contains(lvmid)) {
--- a/src/share/classes/sun/tools/jstatd/RemoteHostImpl.java	Wed Jul 16 16:02:51 2014 +0400
+++ b/src/share/classes/sun/tools/jstatd/RemoteHostImpl.java	Wed Jul 16 15:12:24 2014 -0700
@@ -62,7 +62,7 @@
 
     public RemoteVm attachVm(int lvmid, String mode)
                     throws RemoteException, MonitorException {
-        Integer v = new Integer(lvmid);
+        Integer v = lvmid;
         RemoteVm stub = null;
         StringBuilder sb = new StringBuilder();
 
--- a/src/share/classes/sun/tools/tree/ArrayExpression.java	Wed Jul 16 16:02:51 2014 +0400
+++ b/src/share/classes/sun/tools/tree/ArrayExpression.java	Wed Jul 16 15:12:24 2014 -0700
@@ -92,16 +92,16 @@
      */
     public void codeValue(Environment env, Context ctx, Assembler asm) {
         int t = 0;
-        asm.add(where, opc_ldc, new Integer(args.length));
+        asm.add(where, opc_ldc, args.length);
         switch (type.getElementType().getTypeCode()) {
-          case TC_BOOLEAN:      asm.add(where, opc_newarray, new Integer(T_BOOLEAN));   break;
-          case TC_BYTE:         asm.add(where, opc_newarray, new Integer(T_BYTE));      break;
-          case TC_SHORT:        asm.add(where, opc_newarray, new Integer(T_SHORT));     break;
-          case TC_CHAR:         asm.add(where, opc_newarray, new Integer(T_CHAR));      break;
-          case TC_INT:          asm.add(where, opc_newarray, new Integer(T_INT));       break;
-          case TC_LONG:         asm.add(where, opc_newarray, new Integer(T_LONG));      break;
-          case TC_FLOAT:        asm.add(where, opc_newarray, new Integer(T_FLOAT));     break;
-          case TC_DOUBLE:       asm.add(where, opc_newarray, new Integer(T_DOUBLE));    break;
+          case TC_BOOLEAN:      asm.add(where, opc_newarray, T_BOOLEAN);   break;
+          case TC_BYTE:         asm.add(where, opc_newarray, T_BYTE);      break;
+          case TC_SHORT:        asm.add(where, opc_newarray, T_SHORT);     break;
+          case TC_CHAR:         asm.add(where, opc_newarray, T_CHAR);      break;
+          case TC_INT:          asm.add(where, opc_newarray, T_INT);       break;
+          case TC_LONG:         asm.add(where, opc_newarray, T_LONG);      break;
+          case TC_FLOAT:        asm.add(where, opc_newarray, T_FLOAT);     break;
+          case TC_DOUBLE:       asm.add(where, opc_newarray, T_DOUBLE);    break;
 
           case TC_ARRAY:
             asm.add(where, opc_anewarray, type.getElementType());
@@ -122,7 +122,7 @@
             if (args[i].equalsDefault()) continue;
 
             asm.add(where, opc_dup);
-            asm.add(where, opc_ldc, new Integer(i));
+            asm.add(where, opc_ldc, i);
             args[i].codeValue(env, ctx, asm);
             switch (type.getElementType().getTypeCode()) {
               case TC_BOOLEAN:
--- a/src/share/classes/sun/tools/tree/BinaryExpression.java	Wed Jul 16 16:02:51 2014 +0400
+++ b/src/share/classes/sun/tools/tree/BinaryExpression.java	Wed Jul 16 15:12:24 2014 -0700
@@ -212,10 +212,10 @@
             Label l2 = new Label();
 
             codeBranch(env, ctx, asm, l1, true);
-            asm.add(true, where, opc_ldc, new Integer(0));
+            asm.add(true, where, opc_ldc, 0);
             asm.add(true, where, opc_goto, l2);
             asm.add(l1);
-            asm.add(true, where, opc_ldc, new Integer(1));
+            asm.add(true, where, opc_ldc, 1);
             asm.add(l2);
         } else {
             left.codeValue(env, ctx, asm);
--- a/src/share/classes/sun/tools/tree/BitNotExpression.java	Wed Jul 16 16:02:51 2014 +0400
+++ b/src/share/classes/sun/tools/tree/BitNotExpression.java	Wed Jul 16 15:12:24 2014 -0700
@@ -80,7 +80,7 @@
     public void codeValue(Environment env, Context ctx, Assembler asm) {
         right.codeValue(env, ctx, asm);
         if (type.isType(TC_INT)) {
-            asm.add(where, opc_ldc, new Integer(-1));
+            asm.add(where, opc_ldc, -1);
             asm.add(where, opc_ixor);
         } else {
             asm.add(where, opc_ldc2_w, -1L);
--- a/src/share/classes/sun/tools/tree/BooleanExpression.java	Wed Jul 16 16:02:51 2014 +0400
+++ b/src/share/classes/sun/tools/tree/BooleanExpression.java	Wed Jul 16 15:12:24 2014 -0700
@@ -52,7 +52,7 @@
      * Get the value
      */
     public Object getValue() {
-        return new Integer(value ? 1 : 0);
+        return value ? 1 : 0;
     }
 
     /**
@@ -106,7 +106,7 @@
         }
     }
     public void codeValue(Environment env, Context ctx, Assembler asm) {
-        asm.add(where, opc_ldc, new Integer(value ? 1 : 0));
+        asm.add(where, opc_ldc, value ? 1 : 0);
     }
 
     /**
--- a/src/share/classes/sun/tools/tree/Expression.java	Wed Jul 16 16:02:51 2014 +0400
+++ b/src/share/classes/sun/tools/tree/Expression.java	Wed Jul 16 15:12:24 2014 -0700
@@ -432,10 +432,10 @@
             Label l2 = new Label();
 
             codeBranch(env, ctx, asm, l1, true);
-            asm.add(true, where, opc_ldc, new Integer(0));
+            asm.add(true, where, opc_ldc, 0);
             asm.add(true, where, opc_goto, l2);
             asm.add(l1);
-            asm.add(true, where, opc_ldc, new Integer(1));
+            asm.add(true, where, opc_ldc, 1);
             asm.add(l2);
         } else {
             throw new CompilerError("codeValue");
--- a/src/share/classes/sun/tools/tree/FinallyStatement.java	Wed Jul 16 16:02:51 2014 +0400
+++ b/src/share/classes/sun/tools/tree/FinallyStatement.java	Wed Jul 16 15:12:24 2014 -0700
@@ -287,8 +287,8 @@
             // allocate space for the exception and return address
             f1 = new LocalMember(where, thisClass, 0, Type.tObject, null);
             f2 = new LocalMember(where, thisClass, 0, Type.tInt, null);
-            num1 = new Integer(ctx.declare(env, f1));
-            num2 = new Integer(ctx.declare(env, f2));
+            num1 = ctx.declare(env, f1);
+            num2 = ctx.declare(env, f2);
         }
 
         TryData td = new TryData();
--- a/src/share/classes/sun/tools/tree/IdentifierExpression.java	Wed Jul 16 16:02:51 2014 +0400
+++ b/src/share/classes/sun/tools/tree/IdentifierExpression.java	Wed Jul 16 15:12:24 2014 -0700
@@ -452,7 +452,7 @@
     }
     void codeLoad(Environment env, Context ctx, Assembler asm) {
         asm.add(where, opc_iload + type.getTypeCodeOffset(),
-                new Integer(((LocalMember)field).number));
+                ((LocalMember)field).number);
     }
     void codeStore(Environment env, Context ctx, Assembler asm) {
         LocalMember local = (LocalMember)field;
@@ -474,4 +474,4 @@
             implementation.print(out);
         }
     }
-}
+}
\ No newline at end of file
--- a/src/share/classes/sun/tools/tree/IncDecExpression.java	Wed Jul 16 16:02:51 2014 +0400
+++ b/src/share/classes/sun/tools/tree/IncDecExpression.java	Wed Jul 16 15:12:24 2014 -0700
@@ -112,22 +112,22 @@
     private void codeIncDecOp(Assembler asm, boolean inc) {
         switch (type.getTypeCode()) {
           case TC_BYTE:
-            asm.add(where, opc_ldc, new Integer(1));
+            asm.add(where, opc_ldc, 1);
             asm.add(where, inc ? opc_iadd : opc_isub);
             asm.add(where, opc_i2b);
             break;
           case TC_SHORT:
-            asm.add(where, opc_ldc, new Integer(1));
+            asm.add(where, opc_ldc, 1);
             asm.add(where, inc ? opc_iadd : opc_isub);
             asm.add(where, opc_i2s);
             break;
           case TC_CHAR:
-            asm.add(where, opc_ldc, new Integer(1));
+            asm.add(where, opc_ldc, 1);
             asm.add(where, inc ? opc_iadd : opc_isub);
             asm.add(where, opc_i2c);
             break;
           case TC_INT:
-            asm.add(where, opc_ldc, new Integer(1));
+            asm.add(where, opc_ldc, 1);
             asm.add(where, inc ? opc_iadd : opc_isub);
             break;
           case TC_LONG:
--- a/src/share/classes/sun/tools/tree/InlineNewInstanceExpression.java	Wed Jul 16 16:02:51 2014 +0400
+++ b/src/share/classes/sun/tools/tree/InlineNewInstanceExpression.java	Wed Jul 16 15:12:24 2014 -0700
@@ -93,11 +93,11 @@
             LocalMember v = (LocalMember)field.getArguments().elementAt(0);
             CodeContext newctx = new CodeContext(ctx, this);
             newctx.declare(env, v);
-            asm.add(where, opc_astore, new Integer(v.number));
+            asm.add(where, opc_astore, v.number);
             body.code(env, newctx, asm);
             asm.add(newctx.breakLabel);
             if (forValue) {
-                asm.add(where, opc_aload, new Integer(v.number));
+                asm.add(where, opc_aload, v.number);
             }
         }
     }
--- a/src/share/classes/sun/tools/tree/IntegerExpression.java	Wed Jul 16 16:02:51 2014 +0400
+++ b/src/share/classes/sun/tools/tree/IntegerExpression.java	Wed Jul 16 15:12:24 2014 -0700
@@ -70,7 +70,7 @@
      * Get the value
      */
     public Object getValue() {
-        return new Integer(value);
+        return value;
     }
 
     /**
@@ -91,6 +91,6 @@
      * Code
      */
     public void codeValue(Environment env, Context ctx, Assembler asm) {
-        asm.add(where, opc_ldc, new Integer(value));
+        asm.add(where, opc_ldc, value);
     }
 }
--- a/src/share/classes/sun/tools/tree/MethodExpression.java	Wed Jul 16 16:02:51 2014 +0400
+++ b/src/share/classes/sun/tools/tree/MethodExpression.java	Wed Jul 16 15:12:24 2014 -0700
@@ -857,7 +857,7 @@
                 right.code(env, ctx, asm);
             }
         } else if (right == null) {
-            asm.add(where, opc_aload, new Integer(0));
+            asm.add(where, opc_aload, 0);
         } else if (right.op == SUPER) {
             // 'super.<method>(...)', 'super(...)', or '<expr>.super(...)'
             /*****
--- a/src/share/classes/sun/tools/tree/NewArrayExpression.java	Wed Jul 16 16:02:51 2014 +0400
+++ b/src/share/classes/sun/tools/tree/NewArrayExpression.java	Wed Jul 16 15:12:24 2014 -0700
@@ -133,21 +133,21 @@
 
         switch (type.getElementType().getTypeCode()) {
             case TC_BOOLEAN:
-                asm.add(where, opc_newarray, new Integer(T_BOOLEAN));   break;
+                asm.add(where, opc_newarray, T_BOOLEAN);   break;
             case TC_BYTE:
-                asm.add(where, opc_newarray, new Integer(T_BYTE));      break;
+                asm.add(where, opc_newarray, T_BYTE);      break;
             case TC_SHORT:
-                asm.add(where, opc_newarray, new Integer(T_SHORT));     break;
+                asm.add(where, opc_newarray, T_SHORT);     break;
             case TC_CHAR:
-                asm.add(where, opc_newarray, new Integer(T_CHAR));      break;
+                asm.add(where, opc_newarray, T_CHAR);      break;
             case TC_INT:
-                asm.add(where, opc_newarray, new Integer(T_INT));       break;
+                asm.add(where, opc_newarray, T_INT);       break;
             case TC_LONG:
-                asm.add(where, opc_newarray, new Integer(T_LONG));      break;
+                asm.add(where, opc_newarray, T_LONG);      break;
             case TC_FLOAT:
-                asm.add(where, opc_newarray, new Integer(T_FLOAT));     break;
+                asm.add(where, opc_newarray, T_FLOAT);     break;
             case TC_DOUBLE:
-                asm.add(where, opc_newarray, new Integer(T_DOUBLE));    break;
+                asm.add(where, opc_newarray, T_DOUBLE);    break;
             case TC_ARRAY:
                 asm.add(where, opc_anewarray, type.getElementType());   break;
             case TC_CLASS:
--- a/src/share/classes/sun/tools/tree/NotExpression.java	Wed Jul 16 16:02:51 2014 +0400
+++ b/src/share/classes/sun/tools/tree/NotExpression.java	Wed Jul 16 15:12:24 2014 -0700
@@ -139,7 +139,7 @@
      */
     public void codeValue(Environment env, Context ctx, Assembler asm) {
         right.codeValue(env, ctx, asm);
-        asm.add(where, opc_ldc, new Integer(1));
+        asm.add(where, opc_ldc, 1);
         asm.add(where, opc_ixor);
     }
 
--- a/src/share/classes/sun/tools/tree/Statement.java	Wed Jul 16 16:02:51 2014 +0400
+++ b/src/share/classes/sun/tools/tree/Statement.java	Wed Jul 16 15:12:24 2014 -0700
@@ -249,7 +249,7 @@
                 // Save the return value in the register which should have
                 // been reserved.
                 LocalMember lf = ctx.getLocalField(idFinallyReturnValue);
-                num = new Integer(lf.number);
+                num = lf.number;
                 asm.add(where, opc_istore + save.getTypeCodeOffset(), num);
             } else {
                 // Pop the return value.
--- a/src/share/classes/sun/tools/tree/SynchronizedStatement.java	Wed Jul 16 16:02:51 2014 +0400
+++ b/src/share/classes/sun/tools/tree/SynchronizedStatement.java	Wed Jul 16 15:12:24 2014 -0700
@@ -125,8 +125,8 @@
 
         LocalMember f1 = new LocalMember(where, clazz, 0, Type.tObject, null);
         LocalMember f2 = new LocalMember(where, clazz, 0, Type.tInt, null);
-        Integer num1 = new Integer(ctx.declare(env, f1));
-        Integer num2 = new Integer(ctx.declare(env, f2));
+        Integer num1 = ctx.declare(env, f1);
+        Integer num2 = ctx.declare(env, f2);
 
         Label endLabel = new Label();
 
--- a/src/share/classes/sun/tools/tree/ThisExpression.java	Wed Jul 16 16:02:51 2014 +0400
+++ b/src/share/classes/sun/tools/tree/ThisExpression.java	Wed Jul 16 15:12:24 2014 -0700
@@ -169,7 +169,7 @@
      * Code
      */
     public void codeValue(Environment env, Context ctx, Assembler asm) {
-        asm.add(where, opc_aload, new Integer(field.number));
+        asm.add(where, opc_aload, field.number);
     }
 
     /**
--- a/src/share/classes/sun/tracing/ProviderSkeleton.java	Wed Jul 16 16:02:51 2014 +0400
+++ b/src/share/classes/sun/tracing/ProviderSkeleton.java	Wed Jul 16 15:12:24 2014 -0700
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2008, 2013, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2008, 2014, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -154,7 +154,7 @@
      * @return always null, if the method is a user-defined probe
      */
     public Object invoke(Object proxy, Method method, Object[] args) {
-        Class declaringClass = method.getDeclaringClass();
+        Class<?> declaringClass = method.getDeclaringClass();
         // not a provider subtype's own method
         if (declaringClass != providerType) {
             try {
--- a/src/share/classes/sun/tracing/dtrace/DTraceProvider.java	Wed Jul 16 16:02:51 2014 +0400
+++ b/src/share/classes/sun/tracing/dtrace/DTraceProvider.java	Wed Jul 16 15:12:24 2014 -0700
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2008, 2013, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2008, 2014, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -50,7 +50,7 @@
     private Object proxy;
 
     // For proxy generation
-    private final static Class[] constructorParams = { InvocationHandler.class };
+    private final static Class<?>[] constructorParams = { InvocationHandler.class };
     private final String proxyClassNamePrefix = "$DTraceTracingProxy";
 
     static final String DEFAULT_MODULE = "java_tracing";
@@ -135,7 +135,7 @@
          * Invoke its constructor with the designated invocation handler.
          */
         try {
-            Constructor cons = proxyClass.getConstructor(constructorParams);
+            Constructor<?> cons = proxyClass.getConstructor(constructorParams);
             return (T)cons.newInstance(new Object[] { this });
         } catch (ReflectiveOperationException e) {
             throw new InternalError(e.toString(), e);
--- a/src/share/classes/sun/util/locale/provider/DictionaryBasedBreakIterator.java	Wed Jul 16 16:02:51 2014 +0400
+++ b/src/share/classes/sun/util/locale/provider/DictionaryBasedBreakIterator.java	Wed Jul 16 15:12:24 2014 -0700
@@ -461,10 +461,10 @@
                         if ((currentBreakPositions.size() == 0 ||
                              currentBreakPositions.peek().intValue() != text.getIndex())
                             && text.getIndex() != startPos) {
-                            currentBreakPositions.push(new Integer(text.getIndex()));
+                            currentBreakPositions.push(text.getIndex());
                         }
                         getNext();
-                        currentBreakPositions.push(new Integer(text.getIndex()));
+                        currentBreakPositions.push(text.getIndex());
                     }
                 }
 
--- a/src/share/javavm/export/jvm.h	Wed Jul 16 16:02:51 2014 +0400
+++ b/src/share/javavm/export/jvm.h	Wed Jul 16 15:12:24 2014 -0700
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 1997, 2013, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 1997, 2014, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -426,9 +426,6 @@
 JNIEXPORT jobjectArray JNICALL
 JVM_GetClassInterfaces(JNIEnv *env, jclass cls);
 
-JNIEXPORT jobject JNICALL
-JVM_GetClassLoader(JNIEnv *env, jclass cls);
-
 JNIEXPORT jboolean JNICALL
 JVM_IsInterface(JNIEnv *env, jclass cls);
 
@@ -447,9 +444,6 @@
 JNIEXPORT jboolean JNICALL
 JVM_IsPrimitiveClass(JNIEnv *env, jclass cls);
 
-JNIEXPORT jclass JNICALL
-JVM_GetComponentType(JNIEnv *env, jclass cls);
-
 JNIEXPORT jint JNICALL
 JVM_GetClassModifiers(JNIEnv *env, jclass cls);
 
--- a/src/share/lib/security/BlacklistedCertsConverter.java	Wed Jul 16 16:02:51 2014 +0400
+++ /dev/null	Thu Jan 01 00:00:00 1970 +0000
@@ -1,89 +0,0 @@
-/*
- * Copyright (c) 2013, Oracle and/or its affiliates. All rights reserved.
- * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
- *
- * This code is free software; you can redistribute it and/or modify it
- * under the terms of the GNU General Public License version 2 only, as
- * published by the Free Software Foundation.
- *
- * This code is distributed in the hope that it will be useful, but WITHOUT
- * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
- * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
- * version 2 for more details (a copy is included in the LICENSE file that
- * accompanied this code).
- *
- * You should have received a copy of the GNU General Public License version
- * 2 along with this work; if not, write to the Free Software Foundation,
- * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
- *
- * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
- * or visit www.oracle.com if you need additional information or have any
- * questions.
- */
-
-import java.security.MessageDigest;
-import java.security.NoSuchAlgorithmException;
-import java.security.cert.Certificate;
-import java.security.cert.CertificateEncodingException;
-import java.security.cert.CertificateFactory;
-import java.security.cert.X509Certificate;
-import java.util.Collection;
-
-/**
- * This is the tool to convert blacklisted.certs.pem to blacklisted.certs.
- * Every time a new blacklisted certs is added, please append the PEM format
- * to the end of blacklisted.certs.pem (with proper comments) and then use
- * this tool to generate an updated blacklisted.certs. Make sure to include
- * changes to both in a changeset.
- */
-public class BlacklistedCertsConverter {
-    public static void main(String[] args) throws Exception {
-        if (args.length == 0) {
-            System.out.println("Usage: java BlacklistedCertsConverter SHA-256" +
-                    " < blacklisted.certs.pem > blacklisted.certs");
-            System.exit(1);
-        }
-        String mdAlg = args[0];
-        CertificateFactory cf = CertificateFactory.getInstance("X.509");
-        Collection<? extends Certificate> certs
-                = cf.generateCertificates(System.in);
-        System.out.println("Algorithm=" + mdAlg);
-        for (Certificate cert: certs) {
-            System.out.println(
-                    getCertificateFingerPrint(mdAlg, (X509Certificate)cert));
-        }
-    }
-
-    /**
-     * Converts a byte to hex digit and writes to the supplied buffer
-     */
-    private static void byte2hex(byte b, StringBuffer buf) {
-        char[] hexChars = { '0', '1', '2', '3', '4', '5', '6', '7', '8',
-                '9', 'A', 'B', 'C', 'D', 'E', 'F' };
-        int high = ((b & 0xf0) >> 4);
-        int low = (b & 0x0f);
-        buf.append(hexChars[high]);
-        buf.append(hexChars[low]);
-    }
-
-    /**
-     * Gets the requested finger print of the certificate.
-     */
-    private static String getCertificateFingerPrint(String mdAlg,
-                                                    X509Certificate cert) {
-        String fingerPrint = "";
-        try {
-            byte[] encCertInfo = cert.getEncoded();
-            MessageDigest md = MessageDigest.getInstance(mdAlg);
-            byte[] digest = md.digest(encCertInfo);
-            StringBuffer buf = new StringBuffer();
-            for (int i = 0; i < digest.length; i++) {
-                byte2hex(digest[i], buf);
-            }
-            fingerPrint = buf.toString();
-        } catch (NoSuchAlgorithmException | CertificateEncodingException e) {
-            // ignored
-        }
-        return fingerPrint;
-    }
-}
--- a/src/share/lib/security/blacklisted.certs	Wed Jul 16 16:02:51 2014 +0400
+++ /dev/null	Thu Jan 01 00:00:00 1970 +0000
@@ -1,19 +0,0 @@
-Algorithm=SHA-256
-76A45A496031E4DD2D7ED23E8F6FF97DBDEA980BAAC8B0BA94D7EDB551348645
-4CBBF8256BC9888A8007B2F386940A2E394378B0D903CBB3863C5A6394B889CE
-D24566BF315F4E597D6E381C87119FB4198F5E9E2607F5F4AB362EF7E2E7672F
-14E6D2764A4B06701C6CBC376A253775F79C782FBCB6C0EE6F99DE4BA1024ADD
-D3A936E1A7775A45217C8296A1F22AC5631DCDEC45594099E78EEEBBEDCBA967
-5E83124D68D24E8E177E306DF643D5EA99C5A94D6FC34B072F7544A1CABB7C7B
-9ED8F9B0E8E42A1656B8E1DD18F42BA42DC06FE52686173BA2FC70E756F207DC
-FDEDB5BDFCB67411513A61AEE5CB5B5D7C52AF06028EFC996CC1B05B1D6CEA2B
-A686FEE577C88AB664D0787ECDFFF035F4806F3DE418DC9E4D516324FFF02083
-4FEE0163686ECBD65DB968E7494F55D84B25486D438E9DE558D629D28CD4D176
-8A1BD21661C60015065212CC98B1ABB50DFD14C872A208E66BAE890F25C448AF
-B8686723E415534BC0DBD16326F9486F85B0B0799BF6639334E61DAAE67F36CD
-3946901F46B0071E90D78279E82FABABCA177231A704BE72C5B0E8918566EA66
-31C8FD37DB9B56E708B03D1F01848B068C6DA66F36FB5D82C008C6040FA3E133
-450F1B421BB05C8609854884559C323319619E8B06B001EA2DCBB74A23AA3BE2
-FC02FD48DB92D4DCE6F11679D38354CF750CFC7F584A520EB90BDE80E241F2BD
-DF21016B00FC54F9FE3BC8B039911BB216E9162FAD2FD14D990AB96E951B49BE
-F5B6F88F75D391A4B1EB336F9E201239FB6B1377DB8CFA7B84736216E5AFFFD7
--- a/src/share/lib/security/blacklisted.certs.pem	Wed Jul 16 16:02:51 2014 +0400
+++ /dev/null	Thu Jan 01 00:00:00 1970 +0000
@@ -1,721 +0,0 @@
-// Subject: CN=Digisign Server ID (Enrich),
-//          OU=457608-K,
-//          O=Digicert Sdn. Bhd.,
-//          C=MY
-// Issuer:  CN=GTE CyberTrust Global Root,
-//          OU=GTE CyberTrust Solutions, Inc.,
-//          O=GTE Corporation,
-//          C=US
-// Serial:  120001705 (07:27:14:a9)
------BEGIN CERTIFICATE-----
-MIIDyzCCAzSgAwIBAgIEBycUqTANBgkqhkiG9w0BAQUFADB1MQswCQYDVQQGEwJV
-UzEYMBYGA1UEChMPR1RFIENvcnBvcmF0aW9uMScwJQYDVQQLEx5HVEUgQ3liZXJU
-cnVzdCBTb2x1dGlvbnMsIEluYy4xIzAhBgNVBAMTGkdURSBDeWJlclRydXN0IEds
-b2JhbCBSb290MB4XDTA3MDcxNzE1MTc0OFoXDTEyMDcxNzE1MTY1NFowYzELMAkG
-A1UEBhMCTVkxGzAZBgNVBAoTEkRpZ2ljZXJ0IFNkbi4gQmhkLjERMA8GA1UECxMI
-NDU3NjA4LUsxJDAiBgNVBAMTG0RpZ2lzaWduIFNlcnZlciBJRCAoRW5yaWNoKTCB
-nzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEArahkS02Hx4RZufuQRqCmicDx/tXa
-VII3DZkrRSYK6Fawf8qo9I5HhAGCKeOzarWR8/uVhbxyqGToCkCcxfRxrnt7agfq
-kBRPjYmvlKuyBtQCanuYH1m5Os1U+iDfsioK6bjdaZDAKdNO0JftZszFGUkGf/pe
-LHx7hRsyQt97lSUCAwEAAaOCAXgwggF0MBIGA1UdEwEB/wQIMAYBAf8CAQAwXAYD
-VR0gBFUwUzBIBgkrBgEEAbE+AQAwOzA5BggrBgEFBQcCARYtaHR0cDovL2N5YmVy
-dHJ1c3Qub21uaXJvb3QuY29tL3JlcG9zaXRvcnkuY2ZtMAcGBWCDSgEBMA4GA1Ud
-DwEB/wQEAwIB5jCBiQYDVR0jBIGBMH+heaR3MHUxCzAJBgNVBAYTAlVTMRgwFgYD
-VQQKEw9HVEUgQ29ycG9yYXRpb24xJzAlBgNVBAsTHkdURSBDeWJlclRydXN0IFNv
-bHV0aW9ucywgSW5jLjEjMCEGA1UEAxMaR1RFIEN5YmVyVHJ1c3QgR2xvYmFsIFJv
-b3SCAgGlMEUGA1UdHwQ+MDwwOqA4oDaGNGh0dHA6Ly93d3cucHVibGljLXRydXN0
-LmNvbS9jZ2ktYmluL0NSTC8yMDE4L2NkcC5jcmwwHQYDVR0OBBYEFMYWk04WF+wW
-royUdvOGbcV0boR3MA0GCSqGSIb3DQEBBQUAA4GBAHYAe6Z4K2Ydjl42xqSOBfIj
-knyTZ9P0wAp9iy3Z6tVvGvPhSilaIoRNUC9LDPL/hcJ7VdREgr5trGeOvLQfkpxR
-gBoU9m6rYYgLrRx/90tQUdZlG6ZHcRVesHHzNRTyN71jyNXwk1o0X9g96F33xR7A
-5c8fhiSpPAdmzcHSNmNZ
------END CERTIFICATE-----
-
-// Subject: CN=Digisign Server ID - (Enrich),
-//          OU=457608-K,
-//          O=Digicert Sdn. Bhd.,
-//          C=MY
-// Issuer:  CN=Entrust.net Certification Authority (2048)
-//          OU=(c) 1999 Entrust.net Limited,
-//          OU=www.entrust.net/CPS_2048 incorp. by ref. (limits liab.),
-//          O=Entrust.net
-// Serial:  1184644297 (4c:0e:63:6a)
------BEGIN CERTIFICATE-----
-MIIEzjCCA7agAwIBAgIETA5jajANBgkqhkiG9w0BAQUFADCBtDEUMBIGA1UEChML
-RW50cnVzdC5uZXQxQDA+BgNVBAsUN3d3dy5lbnRydXN0Lm5ldC9DUFNfMjA0OCBp
-bmNvcnAuIGJ5IHJlZi4gKGxpbWl0cyBsaWFiLikxJTAjBgNVBAsTHChjKSAxOTk5
-IEVudHJ1c3QubmV0IExpbWl0ZWQxMzAxBgNVBAMTKkVudHJ1c3QubmV0IENlcnRp
-ZmljYXRpb24gQXV0aG9yaXR5ICgyMDQ4KTAeFw0xMDA3MTYxNzIzMzdaFw0xNTA3
-MTYxNzUzMzdaMGUxCzAJBgNVBAYTAk1ZMRswGQYDVQQKExJEaWdpY2VydCBTZG4u
-IEJoZC4xETAPBgNVBAsTCDQ1NzYwOC1LMSYwJAYDVQQDEx1EaWdpc2lnbiBTZXJ2
-ZXIgSUQgLSAoRW5yaWNoKTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEB
-AMWJ5PQNBkCSWccaszXRDkwqM/n4r8qef+65p21g9FTob9Wb8xtjMQRoctE0Foy0
-FyyX3nPF2JAVoBor9cuzSIZE8B2ITM5BQhrv9Qze/kDaOSD3BlU6ap1GwdJvpbLI
-Vz4po5zg6YV3ZuiYpyR+vsBZIOVEb7ZX2L7OwmV3WMZhQdF0BMh/SULFcqlyFu6M
-3RJdtErU0a9Qt9iqdXZorT5dqjBtYairEFs+E78z4K9EnTgiW+9ML6ZxJhUmyiiM
-2fqOjqmiFDXimySItPR/hZ2DTwehthSQNsQ0HI0mYW0Tb3i+6I8nx0uElqOGaAwj
-vgvsjJQAqQSKE5D334VsDLECAwEAAaOCATQwggEwMA4GA1UdDwEB/wQEAwIBBjAS
-BgNVHRMBAf8ECDAGAQH/AgEAMCcGA1UdJQQgMB4GCCsGAQUFBwMBBggrBgEFBQcD
-AgYIKwYBBQUHAwQwMwYIKwYBBQUHAQEEJzAlMCMGCCsGAQUFBzABhhdodHRwOi8v
-b2NzcC5lbnRydXN0Lm5ldDBEBgNVHSAEPTA7MDkGBWCDSgEBMDAwLgYIKwYBBQUH
-AgEWImh0dHA6Ly93d3cuZGlnaWNlcnQuY29tLm15L2Nwcy5odG0wMgYDVR0fBCsw
-KTAnoCWgI4YhaHR0cDovL2NybC5lbnRydXN0Lm5ldC8yMDQ4Y2EuY3JsMBEGA1Ud
-DgQKBAhMTswlKAMpgTAfBgNVHSMEGDAWgBRV5IHREYC+2Im5CKMx+aEkCRa5cDAN
-BgkqhkiG9w0BAQUFAAOCAQEAl0zvSjpJrHL8MCBrtClbp8WVBJD5MtXChWreA6E3
-+YkAsFqsVX7bQzX/yQH4Ub7MJsrIaqTEVD4mHucMo82XZ5TdpkLrXM2POXlrM3kh
-Bnn6gkQVmczBtznTRmJ8snDrb84gqj4Zt+l0gpy0pUtNYQA35IfS8hQ6ZHy4qXth
-4JMi59WfPkfmNnagU9gAAzoPtTP+lsrT0oI6Lt3XSOHkp2nMHOmZSufKcEXXCwcO
-mnUb0C+Sb/akB8O9HEumhLZ9qJqp0qcp8QtXaR6XVybsK0Os1EWDBQDp4/BGQAf6
-6rFRc5Mcpd1TETfIKqcVJx20qsx/qjEw/LhFn0gJ7RDixQ==
------END CERTIFICATE-----
-
-// Subject: CN=Java Media APIs,
-//          OU=Java Signed Extensions,
-//          OU=Corporate Object Signing,
-//          O=Sun Microsystems Inc
-// Issuer:  CN=Object Signing CA,
-//          OU=Class 2 OnSite Subscriber CA,
-//          OU=VeriSign Trust Network,
-//          O=Sun Microsystems Inc
-// Serial:  6a:8b:99:91:37:59:4f:89:53:e2:97:18:9f:19:1e:4e
------BEGIN CERTIFICATE-----
-MIIFdzCCBF+gAwIBAgIQaouZkTdZT4lT4pcYnxkeTjANBgkqhkiG9w0BAQUFADCB
-gzEdMBsGA1UEChMUU3VuIE1pY3Jvc3lzdGVtcyBJbmMxHzAdBgNVBAsTFlZlcmlT
-aWduIFRydXN0IE5ldHdvcmsxJTAjBgNVBAsTHENsYXNzIDIgT25TaXRlIFN1YnNj
-cmliZXIgQ0ExGjAYBgNVBAMTEU9iamVjdCBTaWduaW5nIENBMB4XDTA5MDUxMjAw
-MDAwMFoXDTEyMDUxMTIzNTk1OVowfTEdMBsGA1UEChQUU3VuIE1pY3Jvc3lzdGVt
-cyBJbmMxITAfBgNVBAsUGENvcnBvcmF0ZSBPYmplY3QgU2lnbmluZzEfMB0GA1UE
-CxQWSmF2YSBTaWduZWQgRXh0ZW5zaW9uczEYMBYGA1UEAxQPSmF2YSBNZWRpYSBB
-UElzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl5blzoKTVE8y4Hpz
-q6E15RZz1bF5HnYEyYqgHkZXnAKedmYCoMzm1XK8s+gQWShLEvGEAvs5yqarx9gE
-nnC21N28aEZgIJMa2/arKxCUkS4pxdGPYGexL9UzSRkUpoBShCZKEGdmX7gfJE2K
-/sd9MFvGV5/yZtWXrADzvm0Kd/9mg1KRv1gfrZIq0TJbupoXPYYqb73AkI9eT2ZD
-q9MdwD4E5+oojsDFXt8GU/D00fUhtXpYwuplU7D667WHYdJhIah0ST6JywyqcLXG
-XSuFTXOgITT2idSHluZVmx3dqJ72u9kPkO4JdJTMDfaK8zgNLaRkiU8Qcj+qhLYH
-ytaqcwIDAQABo4IB6jCCAeYwCQYDVR0TBAIwADAOBgNVHQ8BAf8EBAMCB4AwfwYD
-VR0fBHgwdjB0oHKgcIZuaHR0cDovL29uc2l0ZWNybC52ZXJpc2lnbi5jb20vU3Vu
-TWljcm9zeXN0ZW1zSW5jQ29ycG9yYXRlT2JqZWN0U2lnbmluZ0phdmFTaWduZWRF
-eHRlbnNpb25zQ2xhc3NCL0xhdGVzdENSTC5jcmwwHwYDVR0jBBgwFoAUs0crgn5T
-tHPKuLsZt76BTQeVx+0wHQYDVR0OBBYEFKS32mVx0gNWTeS4ProHEaeSpvvIMDsG
-CCsGAQUFBwEBBC8wLTArBggrBgEFBQcwAYYfaHR0cDovL29uc2l0ZS1vY3NwLnZl
-cmlzaWduLmNvbTCBtQYDVR0gBIGtMIGqMDkGC2CGSAGG+EUBBxcCMCowKAYIKwYB
-BQUHAgEWHGh0dHBzOi8vd3d3LnZlcmlzaWduLmNvbS9ycGEwbQYLYIZIAYb3AIN9
-nD8wXjAnBggrBgEFBQcCARYbaHR0cHM6Ly93d3cuc3VuLmNvbS9wa2kvY3BzMDMG
-CCsGAQUFBwICMCcaJVZhbGlkYXRlZCBGb3IgU3VuIEJ1c2luZXNzIE9wZXJhdGlv
-bnMwEwYDVR0lBAwwCgYIKwYBBQUHAwMwDQYJKoZIhvcNAQEFBQADggEBAAe6BO4W
-3TSNWfezyelJs6kE3HfulT6Bdyz4UUoh9ykXcV8nRwT+kh25I5MdyG2GfkJoADPR
-VhC5DYo13UFpIsTNVjq+hGYe2hML93bN7ad9SxCCyjHUo3yMz2qgBbHZI3VA9ZHA
-aWM4Tx0saMwbcnVvlbuGh+PXvStfypJqYT6lzcdFfjNVX4FI/QQNGhBswMY51tC8
-GTBCL2qhJon0gSCU4zaawDOf7+XxJWirLamYL1Aal1/h2z2sFrvA/1ftxtU3kZ6I
-7De8DyoHeZg7pYGdrj7g+lPhCga/WvEhN152I+aP08YbFcJHYmK05ngl/Ye4c6Bd
-cdrdfbw6QzEUIYY=
------END CERTIFICATE-----
-
-// Subject: CN=JavaFX 1.0 Runtime,
-//          OU=Java Signed Extensions,
-//          OU=Corporate Object Signing,
-//          O=Sun Microsystems Inc
-// Issuer:  CN=Object Signing CA,
-//          OU=Class 2 OnSite Subscriber CA,
-//          OU=VeriSign Trust Network,
-//          O=Sun Microsystems Inc
-// Serial:  55:c0:e6:44:59:59:79:9e:d9:26:f1:b0:4a:1e:f0:27
------BEGIN CERTIFICATE-----
-MIIFezCCBGOgAwIBAgIQVcDmRFlZeZ7ZJvGwSh7wJzANBgkqhkiG9w0BAQUFADCB
-gzEdMBsGA1UEChMUU3VuIE1pY3Jvc3lzdGVtcyBJbmMxHzAdBgNVBAsTFlZlcmlT
-aWduIFRydXN0IE5ldHdvcmsxJTAjBgNVBAsTHENsYXNzIDIgT25TaXRlIFN1YnNj
-cmliZXIgQ0ExGjAYBgNVBAMTEU9iamVjdCBTaWduaW5nIENBMB4XDTA4MTAwOTAw
-MDAwMFoXDTExMTAwOTIzNTk1OVowgYAxHTAbBgNVBAoUFFN1biBNaWNyb3N5c3Rl
-bXMgSW5jMSEwHwYDVQQLFBhDb3Jwb3JhdGUgT2JqZWN0IFNpZ25pbmcxHzAdBgNV
-BAsUFkphdmEgU2lnbmVkIEV4dGVuc2lvbnMxGzAZBgNVBAMUEkphdmFGWCAxLjAg
-UnVudGltZTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAM+WDc6+bu+4
-tmAcS/lBtUc02WOt9QZpVsXg9cG2pu/8bUtmDELa8iiYBVFpIs8DU58HLrGQtCUY
-SIAGOVPsOJoN29UKCDWfY9j5JeVhfhMGqk9DwrWhzgsjy4cpZ1pIp+k/fJ8zT8Ul
-aYLpow1vg3UNddsmwz02tN7cOrMw9WYIG4CRYnY1OrtJSfe2pYzheC4zyvR+aiVl
-nang2OtqikSQsNFOFHsLOJFxngy9LrO8evDSu25VTKI6zlWU6/bMeqtztJPN0VOn
-NyUrJZvkxZ207Jg0T693BGSxNC1n+ihztXogql8950M/pEuUbDjylv5FFvlp6DSB
-dDT2MkutmyMCAwEAAaOCAeowggHmMAkGA1UdEwQCMAAwDgYDVR0PAQH/BAQDAgeA
-MH8GA1UdHwR4MHYwdKByoHCGbmh0dHA6Ly9vbnNpdGVjcmwudmVyaXNpZ24uY29t
-L1N1bk1pY3Jvc3lzdGVtc0luY0NvcnBvcmF0ZU9iamVjdFNpZ25pbmdKYXZhU2ln
-bmVkRXh0ZW5zaW9uc0NsYXNzQi9MYXRlc3RDUkwuY3JsMB8GA1UdIwQYMBaAFLNH
-K4J+U7Rzyri7Gbe+gU0HlcftMB0GA1UdDgQWBBTjgufVi3XJ3gx1ewsA6Rr7BR4Z
-zjA7BggrBgEFBQcBAQQvMC0wKwYIKwYBBQUHMAGGH2h0dHA6Ly9vbnNpdGUtb2Nz
-cC52ZXJpc2lnbi5jb20wgbUGA1UdIASBrTCBqjA5BgtghkgBhvhFAQcXAjAqMCgG
-CCsGAQUFBwIBFhxodHRwczovL3d3dy52ZXJpc2lnbi5jb20vcnBhMG0GC2CGSAGG
-9wCDfZw/MF4wJwYIKwYBBQUHAgEWG2h0dHBzOi8vd3d3LnN1bi5jb20vcGtpL2Nw
-czAzBggrBgEFBQcCAjAnGiVWYWxpZGF0ZWQgRm9yIFN1biBCdXNpbmVzcyBPcGVy
-YXRpb25zMBMGA1UdJQQMMAoGCCsGAQUFBwMDMA0GCSqGSIb3DQEBBQUAA4IBAQAB
-YVJTTVe7rzyTO4jc3zajErOT/COkdQTfNo0eIX1QbNynFieJvwY/jRzUZwjktIFR
-2p4JtbpHGAtKtjOAOTieQ8xdDOoC1djzpE7/AbMvuvlTavtUKT+F7tPdhfXgWXJV
-6Wbt8jryKyk3zZGiEhauIwZUkfjRkEtffEmZWLUd8c8rURJjfC/XHH2oyurscoxc
-CjX29c9ynxSiS/VvQp1an0HvErGh69N48wj7cj8mtZ1yHzd2XCzSSR1OfTPfk0Pt
-yg51p7yJaFiH21PTZegEL6zyVNOYBTKwwIi2OzpwYalD3uvK6e3OKDrfFCOxu17u
-4PveESbrdyrmvLe7IVez
------END CERTIFICATE-----
-
-// Subject: CN=JavaFX Runtime,
-//          OU=Java Signed Extensions,
-//          OU=Corporate Object Signing,
-//          O=Sun Microsystems Inc
-// Issuer:  CN=Object Signing CA,
-//          OU=Class 2 OnSite Subscriber CA,
-//          OU=VeriSign Trust Network,
-//          O=Sun Microsystems Inc
-// Serial:  47:f4:55:f1:da:4a:5e:f9:e3:f7:a8:03:62:17:c0:ff
------BEGIN CERTIFICATE-----
-MIIFdjCCBF6gAwIBAgIQR/RV8dpKXvnj96gDYhfA/zANBgkqhkiG9w0BAQUFADCB
-gzEdMBsGA1UEChMUU3VuIE1pY3Jvc3lzdGVtcyBJbmMxHzAdBgNVBAsTFlZlcmlT
-aWduIFRydXN0IE5ldHdvcmsxJTAjBgNVBAsTHENsYXNzIDIgT25TaXRlIFN1YnNj
-cmliZXIgQ0ExGjAYBgNVBAMTEU9iamVjdCBTaWduaW5nIENBMB4XDTA5MDEyOTAw
-MDAwMFoXDTEyMDEyOTIzNTk1OVowfDEdMBsGA1UEChQUU3VuIE1pY3Jvc3lzdGVt
-cyBJbmMxITAfBgNVBAsUGENvcnBvcmF0ZSBPYmplY3QgU2lnbmluZzEfMB0GA1UE
-CxQWSmF2YSBTaWduZWQgRXh0ZW5zaW9uczEXMBUGA1UEAxQOSmF2YUZYIFJ1bnRp
-bWUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCIzd0fAk8mI9ONc6RJ
-aGieioK2FLdXEwj8zL3vdGDVmBwyR1zwYkaOIFFgF9IW/8qc4iAYA5sGUY+0g8q3
-5DuYAxfTzBB5KdaYvbuq6GGnoHIWmTirXY+1friFp8lyXSvtuEaGB1VHaBoZchEg
-k+UgeVDA43dHwcT1Ov3DePczJRUes8T/QHzLX+BxUDG43vjyncCEO/AjqLZxXEz2
-xrNbKLcH3lGMJK7hdbfssUfF5BjC38Hn71HauYlA43b2no+2y0Sjulwzez2YPbDC
-0GLR3TnKtA8dqOrnl5t3DniDbfOBNtBE3VOydJO0XW57Ng1HRXD023nm9ECPY2xp
-0N/pAgMBAAGjggHqMIIB5jAJBgNVHRMEAjAAMA4GA1UdDwEB/wQEAwIHgDB/BgNV
-HR8EeDB2MHSgcqBwhm5odHRwOi8vb25zaXRlY3JsLnZlcmlzaWduLmNvbS9TdW5N
-aWNyb3N5c3RlbXNJbmNDb3Jwb3JhdGVPYmplY3RTaWduaW5nSmF2YVNpZ25lZEV4
-dGVuc2lvbnNDbGFzc0IvTGF0ZXN0Q1JMLmNybDAfBgNVHSMEGDAWgBSzRyuCflO0
-c8q4uxm3voFNB5XH7TAdBgNVHQ4EFgQUvOdd0cKPj+Yik/iOBwTdphh5A+gwOwYI
-KwYBBQUHAQEELzAtMCsGCCsGAQUFBzABhh9odHRwOi8vb25zaXRlLW9jc3AudmVy
-aXNpZ24uY29tMIG1BgNVHSAEga0wgaowOQYLYIZIAYb4RQEHFwIwKjAoBggrBgEF
-BQcCARYcaHR0cHM6Ly93d3cudmVyaXNpZ24uY29tL3JwYTBtBgtghkgBhvcAg32c
-PzBeMCcGCCsGAQUFBwIBFhtodHRwczovL3d3dy5zdW4uY29tL3BraS9jcHMwMwYI
-KwYBBQUHAgIwJxolVmFsaWRhdGVkIEZvciBTdW4gQnVzaW5lc3MgT3BlcmF0aW9u
-czATBgNVHSUEDDAKBggrBgEFBQcDAzANBgkqhkiG9w0BAQUFAAOCAQEAbGcf2NjL
-AI93HG6ny2BbepaZA1a8xa/R6uUc7xV+Qw6MgLwFD4Q4i6LWUztQDvg9l68MM2/i
-Y9LEi1KM4lcNbK5+D+t9x98wXBiuojXhVdp5ZmC03EyEBbriopdBsmXVLDSu/Y3+
-zowOO5xwpMK3dbgsSDs2Vt0UosD3FTcRaD3GNfOhXMp+o1grHNiXF9YgkmdQbPPZ
-DQ2KBhFPCRJXBGvyKOqno/DTg0sQ3crGH/C4/4t7mnQXWldZotmJUZ0ONc9oD+Q1
-JAaguUKqIwn9yZ093ie+JWHbYNid9IIIPXYgtRxmf9a376WBhqhu56uJftBJ7x9g
-eQ7Lot6CSWCiFw==
------END CERTIFICATE-----
-
-// Subject: CN=Solaris INTERNAL DEVELOPMENT USE ONLY,
-//          OU=Solaris Cryptographic Framework,
-//          OU=Corporate Object Signing,
-//          O=Sun Microsystems Inc
-// Issuer:  CN=Object Signing CA,
-//          OU=Class 2 OnSite Subscriber CA,
-//          OU=VeriSign Trust Network,
-//          O=Sun Microsystems Inc
-// Serial:  77:29:77:52:6a:19:7b:9a:a6:a2:c7:99:a0:e1:cd:8c
------BEGIN CERTIFICATE-----
-MIIFHjCCBAagAwIBAgIQdyl3UmoZe5qmoseZoOHNjDANBgkqhkiG9w0BAQUFADCB
-gzEdMBsGA1UEChMUU3VuIE1pY3Jvc3lzdGVtcyBJbmMxHzAdBgNVBAsTFlZlcmlT
-aWduIFRydXN0IE5ldHdvcmsxJTAjBgNVBAsTHENsYXNzIDIgT25TaXRlIFN1YnNj
-cmliZXIgQ0ExGjAYBgNVBAMTEU9iamVjdCBTaWduaW5nIENBMB4XDTA3MDEwNDAw
-MDAwMFoXDTEwMDEwMzIzNTk1OVowgZwxHTAbBgNVBAoUFFN1biBNaWNyb3N5c3Rl
-bXMgSW5jMSEwHwYDVQQLFBhDb3Jwb3JhdGUgT2JqZWN0IFNpZ25pbmcxKDAmBgNV
-BAsUH1NvbGFyaXMgQ3J5cHRvZ3JhcGhpYyBGcmFtZXdvcmsxLjAsBgNVBAMUJVNv
-bGFyaXMgSU5URVJOQUwgREVWRUxPUE1FTlQgVVNFIE9OTFkwgZ8wDQYJKoZIhvcN
-AQEBBQADgY0AMIGJAoGBALbNU4hf3mD5ArDI9pjgioAyvV3bjMPRQdCZniIeGJBp
-odFlSEH+Mh64W1DsY8coeZ7FvvGJkx9IpTMJW9k8w1oJK9UNqHyAQfaYjQyXi3xQ
-LJp62EvYdGfDlwOZejEcR/MbzZG+GOPMMvQj5+xyFDvLXNGfQNTnxw2qnBgCJXjj
-AgMBAAGjggH1MIIB8TAJBgNVHRMEAjAAMA4GA1UdDwEB/wQEAwIHgDCBiQYDVR0f
-BIGBMH8wfaB7oHmGd2h0dHA6Ly9vbnNpdGVjcmwudmVyaXNpZ24uY29tL1N1bk1p
-Y3Jvc3lzdGVtc0luY0NvcnBvcmF0ZU9iamVjdFNpZ25pbmdTb2xhcmlzQ3J5cHRv
-Z3JhcGhpY0ZyYW1ld29ya0NsYXNzQi9MYXRlc3RDUkwuY3JsMB8GA1UdIwQYMBaA
-FLNHK4J+U7Rzyri7Gbe+gU0HlcftMB0GA1UdDgQWBBRpfiGYkehTnsIzuN2H6AFb
-VCZG8jA7BggrBgEFBQcBAQQvMC0wKwYIKwYBBQUHMAGGH2h0dHA6Ly9vbnNpdGUt
-b2NzcC52ZXJpc2lnbi5jb20wgbUGA1UdIASBrTCBqjA5BgtghkgBhvhFAQcXAjAq
-MCgGCCsGAQUFBwIBFhxodHRwczovL3d3dy52ZXJpc2lnbi5jb20vcnBhMG0GC2CG
-SAGG9wCDfZw/MF4wJwYIKwYBBQUHAgEWG2h0dHBzOi8vd3d3LnN1bi5jb20vcGtp
-L2NwczAzBggrBgEFBQcCAjAnFiVWYWxpZGF0ZWQgRm9yIFN1biBCdXNpbmVzcyBP
-cGVyYXRpb25zMBMGA1UdJQQMMAoGCCsGAQUFBwMDMA0GCSqGSIb3DQEBBQUAA4IB
-AQCG5soy3LFHTFbA8/5SzDRhQoJkHUnOP0t3b6nvX6vZYRp649fje7TQOPRm1pFd
-CZ17J+tggdZwgzTqY4aYpJ00jZaK6pV37q/vgFC/ia6jDs8Q+ly9cEcadBZ5loYg
-cmxp9p57W2MNWx8VA8oFdNtKfF0jUNXbLNtvwGHmgR6YcwLrGN1b6/9Lt9bO3ODl
-FO+ZDwkfQz5ClUVrTx2dGBvKRYFqSG5S8JAfsgYhPvcacUQkA7ExyKvfRXLWVrce
-ZiPpcElbx+819H2sAPvVvparVeAruZGMAtejHZp9NFoowKen5drJp9VxePS4eM49
-3DepB6lKRrNRw66LNQol4ZBz
------END CERTIFICATE-----
-
-// Subject: EMAILADDRESS=info@diginotar.nl, CN=DigiNotar Cyber CA,
-//          O=DigiNotar, C=NL
-// Issuer:  CN=GTE CyberTrust Global Root,
-//          OU=GTE CyberTrust Solutions, Inc.,
-//          O=GTE Corporation,
-//          C=US
-// Serial:  120000525 (07:27:10:0D)
------BEGIN CERTIFICATE-----
-MIIFWjCCBMOgAwIBAgIEBycQDTANBgkqhkiG9w0BAQUFADB1MQswCQYDVQQGEwJV
-UzEYMBYGA1UEChMPR1RFIENvcnBvcmF0aW9uMScwJQYDVQQLEx5HVEUgQ3liZXJU
-cnVzdCBTb2x1dGlvbnMsIEluYy4xIzAhBgNVBAMTGkdURSBDeWJlclRydXN0IEds
-b2JhbCBSb290MB4XDTA2MTAwNDEwNTQxMVoXDTExMTAwNDEwNTMxMVowYDELMAkG
-A1UEBhMCTkwxEjAQBgNVBAoTCURpZ2lOb3RhcjEbMBkGA1UEAxMSRGlnaU5vdGFy
-IEN5YmVyIENBMSAwHgYJKoZIhvcNAQkBFhFpbmZvQGRpZ2lub3Rhci5ubDCCAiIw
-DQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIBANLOFQotqF6EZ639vu9Gx8i5z3P8
-9DS5+SxD52ATPXrjss87Z2yQrcC5P4RS8DVC3HTcKDu9UrSnrHJFF8bwieu0qiXy
-XUte0dmHutZ9fPXOMp8QM8WxSrtekTHC0OlBwpFkfglBO9uLCDdqqspS3rU5HsCI
-A6U/i5kTYUO1m4Kz7iBvz6FEouova0CfjytXraFTwoUiaZ2gP1HfC0GRDaXhqKpc
-SQhdvd5wQbEPyWNr0380dAIvNFp4dRxoeoFnivPaQPBgY/SSINcDpj2jHmfEhBtB
-pcmM5r3qSLYFFgizNxJa92E89zhvLpfgb1Y4VNMota0Ubi5LZLUnZbd1JQm2Bz2V
-VgIKgmCyc0XgMyZRdJq51FAc9k1bW1JSE1qmf6cO4ehBVGeYjIfVydNsy9NUkgYJ
-NEH3gW8/nsl8dVWw58Gzd+jDxAA1lUBwEEoF3iW7n1mlZLxHYL9g43aLE1Xd4XR6
-uc8kpmp/3mQiRFhogmoQ+T3lPhu5vfwi9GAEibtVbShV+t6OjRshFNc3izR7Tfay
-shDPM7F9HGKZSMsrbHaWVb8ZDR0fu2WqG46ZtcYokOWCLXhQIJr9eS8kf/CJKWn0
-fc1zvrPtTsHR7VJej/e4142HrbLZG1ES/1az4a80fVykeIgQnp0DxqWqoiRR90kU
-xbHuWUOV36toKDA/AgMBAAGjggGGMIIBgjASBgNVHRMBAf8ECDAGAQH/AgEBMFMG
-A1UdIARMMEowSAYJKwYBBAGxPgEAMDswOQYIKwYBBQUHAgEWLWh0dHA6Ly93d3cu
-cHVibGljLXRydXN0LmNvbS9DUFMvT21uaVJvb3QuaHRtbDAOBgNVHQ8BAf8EBAMC
-AQYwgaAGA1UdIwSBmDCBlYAUpgwdn2H/Bxe1vzhG20Mw1Y6wUgaheaR3MHUxCzAJ
-BgNVBAYTAlVTMRgwFgYDVQQKEw9HVEUgQ29ycG9yYXRpb24xJzAlBgNVBAsTHkdU
-RSBDeWJlclRydXN0IFNvbHV0aW9ucywgSW5jLjEjMCEGA1UEAxMaR1RFIEN5YmVy
-VHJ1c3QgR2xvYmFsIFJvb3SCAgGlMEUGA1UdHwQ+MDwwOqA4oDaGNGh0dHA6Ly93
-d3cucHVibGljLXRydXN0LmNvbS9jZ2ktYmluL0NSTC8yMDE4L2NkcC5jcmwwHQYD
-VR0OBBYEFKv5aN/PSjfXe0WMX3LeQETDZbvCMA0GCSqGSIb3DQEBBQUAA4GBAI9o
-a6VbB7pEZg4cqFwwezPkCiYE/O+eGjjWLqEf0JlHwnVkJP2eOyh2uSYoYZEMbSz4
-BJ98UAHV42mv7xXSRZskCSpmBU8lgcpdvqrBWSeuM46C9990sFWzjvjnN8huqlZE
-9r1TgSOWPbT6MopTZkQloiXGpjwljPDgKAYityZB
------END CERTIFICATE-----
-
-// Subject: CN=DigiNotar Cyber CA, O=DigiNotar, C=NL
-// Issuer:  CN=GTE CyberTrust Global Root,
-//          OU=GTE CyberTrust Solutions, Inc.,
-//          O=GTE Corporation,
-//          C=US
-// Serial:  120000505 (07:27:0F:F9)
------BEGIN CERTIFICATE-----
-MIIFODCCBKGgAwIBAgIEBycP+TANBgkqhkiG9w0BAQUFADB1MQswCQYDVQQGEwJV
-UzEYMBYGA1UEChMPR1RFIENvcnBvcmF0aW9uMScwJQYDVQQLEx5HVEUgQ3liZXJU
-cnVzdCBTb2x1dGlvbnMsIEluYy4xIzAhBgNVBAMTGkdURSBDeWJlclRydXN0IEds
-b2JhbCBSb290MB4XDTA2MDkyMDA5NDUzMloXDTEzMDkyMDA5NDQwNlowPjELMAkG
-A1UEBhMCTkwxEjAQBgNVBAoTCURpZ2lOb3RhcjEbMBkGA1UEAxMSRGlnaU5vdGFy
-IEN5YmVyIENBMIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEA0s4VCi2o
-XoRnrf2+70bHyLnPc/z0NLn5LEPnYBM9euOyzztnbJCtwLk/hFLwNULcdNwoO71S
-tKesckUXxvCJ67SqJfJdS17R2Ye61n189c4ynxAzxbFKu16RMcLQ6UHCkWR+CUE7
-24sIN2qqylLetTkewIgDpT+LmRNhQ7WbgrPuIG/PoUSi6i9rQJ+PK1etoVPChSJp
-naA/Ud8LQZENpeGoqlxJCF293nBBsQ/JY2vTfzR0Ai80Wnh1HGh6gWeK89pA8GBj
-9JIg1wOmPaMeZ8SEG0GlyYzmvepItgUWCLM3Elr3YTz3OG8ul+BvVjhU0yi1rRRu
-LktktSdlt3UlCbYHPZVWAgqCYLJzReAzJlF0mrnUUBz2TVtbUlITWqZ/pw7h6EFU
-Z5iMh9XJ02zL01SSBgk0QfeBbz+eyXx1VbDnwbN36MPEADWVQHAQSgXeJbufWaVk
-vEdgv2DjdosTVd3hdHq5zySman/eZCJEWGiCahD5PeU+G7m9/CL0YASJu1VtKFX6
-3o6NGyEU1zeLNHtN9rKyEM8zsX0cYplIyytsdpZVvxkNHR+7Zaobjpm1xiiQ5YIt
-eFAgmv15LyR/8IkpafR9zXO+s+1OwdHtUl6P97jXjYetstkbURL/VrPhrzR9XKR4
-iBCenQPGpaqiJFH3SRTFse5ZQ5Xfq2goMD8CAwEAAaOCAYYwggGCMBIGA1UdEwEB
-/wQIMAYBAf8CAQEwUwYDVR0gBEwwSjBIBgkrBgEEAbE+AQAwOzA5BggrBgEFBQcC
-ARYtaHR0cDovL3d3dy5wdWJsaWMtdHJ1c3QuY29tL0NQUy9PbW5pUm9vdC5odG1s
-MA4GA1UdDwEB/wQEAwIBBjCBoAYDVR0jBIGYMIGVgBSmDB2fYf8HF7W/OEbbQzDV
-jrBSBqF5pHcwdTELMAkGA1UEBhMCVVMxGDAWBgNVBAoTD0dURSBDb3Jwb3JhdGlv
-bjEnMCUGA1UECxMeR1RFIEN5YmVyVHJ1c3QgU29sdXRpb25zLCBJbmMuMSMwIQYD
-VQQDExpHVEUgQ3liZXJUcnVzdCBHbG9iYWwgUm9vdIICAaUwRQYDVR0fBD4wPDA6
-oDigNoY0aHR0cDovL3d3dy5wdWJsaWMtdHJ1c3QuY29tL2NnaS1iaW4vQ1JMLzIw
-MTgvY2RwLmNybDAdBgNVHQ4EFgQUq/lo389KN9d7RYxfct5ARMNlu8IwDQYJKoZI
-hvcNAQEFBQADgYEACcpiD427SuDUejUrBi3RKGG2rAH7g0m8rtQvLYauGYOl1h0T
-4he+/jJ06XoUOMqUXvcpAWlxG5Ea/aO7qh3Ke+IW/aGjDvMMX7LhIDGUK16Sdu36
-6bUjpr8KOwOpb1JgVM1f6bcvfKIn/UGDdbYN+3gm87FF6TKVKho1IZXFonU=
------END CERTIFICATE-----
-
-// Subject: CN=DigiNotar Cyber CA, O=DigiNotar, C=NL
-// Issuer:  CN=GTE CyberTrust Global Root,
-//          OU=GTE CyberTrust Solutions, Inc.,
-//          O=GTE Corporation,
-//          C=US
-// Serial:  120000515 (07:27:10:03)
------BEGIN CERTIFICATE-----
-MIIFODCCBKGgAwIBAgIEBycQAzANBgkqhkiG9w0BAQUFADB1MQswCQYDVQQGEwJV
-UzEYMBYGA1UEChMPR1RFIENvcnBvcmF0aW9uMScwJQYDVQQLEx5HVEUgQ3liZXJU
-cnVzdCBTb2x1dGlvbnMsIEluYy4xIzAhBgNVBAMTGkdURSBDeWJlclRydXN0IEds
-b2JhbCBSb290MB4XDTA2MDkyNzEwNTMzMloXDTExMDkyNzEwNTIzMFowPjELMAkG
-A1UEBhMCTkwxEjAQBgNVBAoTCURpZ2lOb3RhcjEbMBkGA1UEAxMSRGlnaU5vdGFy
-IEN5YmVyIENBMIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEA0s4VCi2o
-XoRnrf2+70bHyLnPc/z0NLn5LEPnYBM9euOyzztnbJCtwLk/hFLwNULcdNwoO71S
-tKesckUXxvCJ67SqJfJdS17R2Ye61n189c4ynxAzxbFKu16RMcLQ6UHCkWR+CUE7
-24sIN2qqylLetTkewIgDpT+LmRNhQ7WbgrPuIG/PoUSi6i9rQJ+PK1etoVPChSJp
-naA/Ud8LQZENpeGoqlxJCF293nBBsQ/JY2vTfzR0Ai80Wnh1HGh6gWeK89pA8GBj
-9JIg1wOmPaMeZ8SEG0GlyYzmvepItgUWCLM3Elr3YTz3OG8ul+BvVjhU0yi1rRRu
-LktktSdlt3UlCbYHPZVWAgqCYLJzReAzJlF0mrnUUBz2TVtbUlITWqZ/pw7h6EFU
-Z5iMh9XJ02zL01SSBgk0QfeBbz+eyXx1VbDnwbN36MPEADWVQHAQSgXeJbufWaVk
-vEdgv2DjdosTVd3hdHq5zySman/eZCJEWGiCahD5PeU+G7m9/CL0YASJu1VtKFX6
-3o6NGyEU1zeLNHtN9rKyEM8zsX0cYplIyytsdpZVvxkNHR+7Zaobjpm1xiiQ5YIt
-eFAgmv15LyR/8IkpafR9zXO+s+1OwdHtUl6P97jXjYetstkbURL/VrPhrzR9XKR4
-iBCenQPGpaqiJFH3SRTFse5ZQ5Xfq2goMD8CAwEAAaOCAYYwggGCMBIGA1UdEwEB
-/wQIMAYBAf8CAQEwUwYDVR0gBEwwSjBIBgkrBgEEAbE+AQAwOzA5BggrBgEFBQcC
-ARYtaHR0cDovL3d3dy5wdWJsaWMtdHJ1c3QuY29tL0NQUy9PbW5pUm9vdC5odG1s
-MA4GA1UdDwEB/wQEAwIBBjCBoAYDVR0jBIGYMIGVgBSmDB2fYf8HF7W/OEbbQzDV
-jrBSBqF5pHcwdTELMAkGA1UEBhMCVVMxGDAWBgNVBAoTD0dURSBDb3Jwb3JhdGlv
-bjEnMCUGA1UECxMeR1RFIEN5YmVyVHJ1c3QgU29sdXRpb25zLCBJbmMuMSMwIQYD
-VQQDExpHVEUgQ3liZXJUcnVzdCBHbG9iYWwgUm9vdIICAaUwRQYDVR0fBD4wPDA6
-oDigNoY0aHR0cDovL3d3dy5wdWJsaWMtdHJ1c3QuY29tL2NnaS1iaW4vQ1JMLzIw
-MTgvY2RwLmNybDAdBgNVHQ4EFgQUq/lo389KN9d7RYxfct5ARMNlu8IwDQYJKoZI
-hvcNAQEFBQADgYEAWcyGZhizJlRP1jjNupZey+yZG6oMDW4Z11boriMHbYPCndBE
-bVh07zmPbZsihOw9w/vm5KbVX5CgxUv4Rhzh/20Faixf3P3bpWg0qgzHVVusNVR/
-P50aKkpdK3hp+QLl56e+lWOddSAINIpmcuyDI1hyuzB+GJEASm9tNU/6rs8=
------END CERTIFICATE-----
-
-// Subject: EMAILADDRESS=info@diginotar.nl,
-//          CN=DigiNotar Root CA,
-//          O=DigiNotar, C=NL
-// Issuer:  CN=Entrust.net Secure Server Certification Authority
-//          OU=(c) 1999 Entrust.net Limited,
-//          OU=www.entrust.net/CPS incorp. by ref. (limits liab.),
-//          O=Entrust.net,
-//          C=US,
-// Serial:  1184644297 (46:9C:3C:C9)
------BEGIN CERTIFICATE-----
-MIIFSDCCBLGgAwIBAgIERpw8yTANBgkqhkiG9w0BAQUFADCBwzELMAkGA1UEBhMC
-VVMxFDASBgNVBAoTC0VudHJ1c3QubmV0MTswOQYDVQQLEzJ3d3cuZW50cnVzdC5u
-ZXQvQ1BTIGluY29ycC4gYnkgcmVmLiAobGltaXRzIGxpYWIuKTElMCMGA1UECxMc
-KGMpIDE5OTkgRW50cnVzdC5uZXQgTGltaXRlZDE6MDgGA1UEAxMxRW50cnVzdC5u
-ZXQgU2VjdXJlIFNlcnZlciBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eTAeFw0wNzA0
-MjYwNTAwMDBaFw0xMzA4MTQyMDEyMzZaMF8xCzAJBgNVBAYTAk5MMRIwEAYDVQQK
-EwlEaWdpTm90YXIxGjAYBgNVBAMTEURpZ2lOb3RhciBSb290IENBMSAwHgYJKoZI
-hvcNAQkBFhFpbmZvQGRpZ2lub3Rhci5ubDCCAiIwDQYJKoZIhvcNAQEBBQADggIP
-ADCCAgoCggIBAKywWMEAvdghCAsrmv5uVjAFnxt3kBBBXMMNhxF3joHxynzpjGrt
-OHQ1u9rf+bvACTe0lnOBfTMamDn3k2+Vfz25sXWHulFI6ItwPpUExdi2wxbZiLCx
-hx1w2oa0DxSLes8Q0XQ2ohJ7d4ZKeeZ73wIRaKVOhq40WJskE3hWIiUeAYtLUXH7
-gsxZlmmIWmhTxbkNAjfLS7xmSpB+KgsFB+0WX1WQddhGyRuD4gi+8SPMmR3WKg+D
-IBVYJ4Iu+uIiwkmxuQGBap1tnUB3aHZOISpthECFTnaZfILz87cCWdQmARuO361T
-BtGuGN3isjrL14g4jqxbKbkZ05j5GAPPSIKGZgsbaQ/J6ziIeiYaBUyS1yTUlvKs
-Ui2jR9VS9j/+zoQGcKaqPqLytlY0GFei5IFt58rwatPHkWsCg0F8Fe9rmmRe49A8
-5bHre12G+8vmd0nNo2Xc97mcuOQLX5PPzDAaMhzOHGOVpfnq4XSLnukrqTB7oBgf
-DhgL5Vup09FsHgdnj5FLqYq80maqkwGIspH6MVzVpsFSCAnNCmOi0yKm6KHZOQaX
-9W6NApCMFHs/gM0bnLrEWHIjr7ZWn8Z6QjMpBz+CyeYfBQ3NTCg2i9PIPhzGiO9e
-7olk6R3r2ol+MqZp0d3MiJ/R0MlmIdwGZ8WUepptYkx9zOBkgLKeR46jAgMBAAGj
-ggEmMIIBIjASBgNVHRMBAf8ECDAGAQH/AgEBMCcGA1UdJQQgMB4GCCsGAQUFBwMB
-BggrBgEFBQcDAgYIKwYBBQUHAwQwEQYDVR0gBAowCDAGBgRVHSAAMDMGCCsGAQUF
-BwEBBCcwJTAjBggrBgEFBQcwAYYXaHR0cDovL29jc3AuZW50cnVzdC5uZXQwMwYD
-VR0fBCwwKjAooCagJIYiaHR0cDovL2NybC5lbnRydXN0Lm5ldC9zZXJ2ZXIxLmNy
-bDAdBgNVHQ4EFgQUiGi/4I41xDs4a2L3KDuEgcgM100wCwYDVR0PBAQDAgEGMB8G
-A1UdIwQYMBaAFPAXYhNVPbP/CgBr+1CEl/PtYtAaMBkGCSqGSIb2fQdBAAQMMAob
-BFY3LjEDAgCBMA0GCSqGSIb3DQEBBQUAA4GBAI979rBep8tu3TeLunapgsZ0jtXp
-GDFjKWSk87dj1jCyYi+q/GyDyZ6ZQZNRP0sF+6twscq05lClWNy3TROMp7QeuoLO
-G7Utw3OJaswUtp4YglANMRTHEe3g9ltifUXRH5tSuy7u6yi4LD4WTm5ULP6r/g6l
-0CnjXYb0+b1Fmz6U
------END CERTIFICATE-----
-
-// Subject: EMAILADDRESS=info@diginotar.nl,
-//          CN=DigiNotar Root CA,
-//          O=DigiNotar, C=NL
-// Issuer:  CN=Entrust.net Secure Server Certification Authority
-//          OU=(c) 1999 Entrust.net Limited,
-//          OU=www.entrust.net/CPS incorp. by ref. (limits liab.),
-//          O=Entrust.net,
-//          C=US,
-// Serial:  1184640175 (46:9C:2C:AF)
------BEGIN CERTIFICATE-----
-MIIFSDCCBLGgAwIBAgIERpwsrzANBgkqhkiG9w0BAQUFADCBwzELMAkGA1UEBhMC
-VVMxFDASBgNVBAoTC0VudHJ1c3QubmV0MTswOQYDVQQLEzJ3d3cuZW50cnVzdC5u
-ZXQvQ1BTIGluY29ycC4gYnkgcmVmLiAobGltaXRzIGxpYWIuKTElMCMGA1UECxMc
-KGMpIDE5OTkgRW50cnVzdC5uZXQgTGltaXRlZDE6MDgGA1UEAxMxRW50cnVzdC5u
-ZXQgU2VjdXJlIFNlcnZlciBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eTAeFw0wNzA3
-MjYxNTU3MzlaFw0xMzA4MjYxNjI3MzlaMF8xCzAJBgNVBAYTAk5MMRIwEAYDVQQK
-EwlEaWdpTm90YXIxGjAYBgNVBAMTEURpZ2lOb3RhciBSb290IENBMSAwHgYJKoZI
-hvcNAQkBFhFpbmZvQGRpZ2lub3Rhci5ubDCCAiIwDQYJKoZIhvcNAQEBBQADggIP
-ADCCAgoCggIBAKywWMEAvdghCAsrmv5uVjAFnxt3kBBBXMMNhxF3joHxynzpjGrt
-OHQ1u9rf+bvACTe0lnOBfTMamDn3k2+Vfz25sXWHulFI6ItwPpUExdi2wxbZiLCx
-hx1w2oa0DxSLes8Q0XQ2ohJ7d4ZKeeZ73wIRaKVOhq40WJskE3hWIiUeAYtLUXH7
-gsxZlmmIWmhTxbkNAjfLS7xmSpB+KgsFB+0WX1WQddhGyRuD4gi+8SPMmR3WKg+D
-IBVYJ4Iu+uIiwkmxuQGBap1tnUB3aHZOISpthECFTnaZfILz87cCWdQmARuO361T
-BtGuGN3isjrL14g4jqxbKbkZ05j5GAPPSIKGZgsbaQ/J6ziIeiYaBUyS1yTUlvKs
-Ui2jR9VS9j/+zoQGcKaqPqLytlY0GFei5IFt58rwatPHkWsCg0F8Fe9rmmRe49A8
-5bHre12G+8vmd0nNo2Xc97mcuOQLX5PPzDAaMhzOHGOVpfnq4XSLnukrqTB7oBgf
-DhgL5Vup09FsHgdnj5FLqYq80maqkwGIspH6MVzVpsFSCAnNCmOi0yKm6KHZOQaX
-9W6NApCMFHs/gM0bnLrEWHIjr7ZWn8Z6QjMpBz+CyeYfBQ3NTCg2i9PIPhzGiO9e
-7olk6R3r2ol+MqZp0d3MiJ/R0MlmIdwGZ8WUepptYkx9zOBkgLKeR46jAgMBAAGj
-ggEmMIIBIjASBgNVHRMBAf8ECDAGAQH/AgEBMCcGA1UdJQQgMB4GCCsGAQUFBwMB
-BggrBgEFBQcDAgYIKwYBBQUHAwQwEQYDVR0gBAowCDAGBgRVHSAAMDMGCCsGAQUF
-BwEBBCcwJTAjBggrBgEFBQcwAYYXaHR0cDovL29jc3AuZW50cnVzdC5uZXQwMwYD
-VR0fBCwwKjAooCagJIYiaHR0cDovL2NybC5lbnRydXN0Lm5ldC9zZXJ2ZXIxLmNy
-bDAdBgNVHQ4EFgQUiGi/4I41xDs4a2L3KDuEgcgM100wCwYDVR0PBAQDAgEGMB8G
-A1UdIwQYMBaAFPAXYhNVPbP/CgBr+1CEl/PtYtAaMBkGCSqGSIb2fQdBAAQMMAob
-BFY3LjEDAgCBMA0GCSqGSIb3DQEBBQUAA4GBAEa6RcDNcEIGUlkDJUY/pWTds4zh
-xbVkp3wSmpwPFhx5fxTyF4HD2L60jl3aqjTB7gPpsL2Pk5QZlNsi3t4UkCV70UOd
-ueJRN3o/LOtk4+bjXY2lC0qTHbN80VMLqPjmaf9ghSA9hwhskdtMgRsgfd90q5QP
-ZFdYf+hthc3m6IcJ
------END CERTIFICATE-----
-
-// Subject: CN=DigiNotar PKIoverheid CA Organisatie - G2,
-//          O=DigiNotar B.V.,
-//          C=NL
-// Issuer:  CN=Staat der Nederlanden Organisatie CA - G2,
-//          O=Staat der Nederlanden,
-//          C=NL
-// Serial:  20001983 (01:31:34:bf)
------BEGIN CERTIFICATE-----
-MIIGnDCCBISgAwIBAgIEATE0vzANBgkqhkiG9w0BAQsFADBhMQswCQYDVQQGEwJO
-TDEeMBwGA1UECgwVU3RhYXQgZGVyIE5lZGVybGFuZGVuMTIwMAYDVQQDDClTdGFh
-dCBkZXIgTmVkZXJsYW5kZW4gT3JnYW5pc2F0aWUgQ0EgLSBHMjAeFw0xMDA1MTIw
-ODUxMzhaFw0yMDAzMjMwOTUwMDRaMFoxCzAJBgNVBAYTAk5MMRcwFQYDVQQKDA5E
-aWdpTm90YXIgQi5WLjEyMDAGA1UEAwwpRGlnaU5vdGFyIFBLSW92ZXJoZWlkIENB
-IE9yZ2FuaXNhdGllIC0gRzIwggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoIC
-AQCxExkPJ+Zs1FWGS9DsiYpFkXisR71HK+T8RetPtCZzWzfTw3/2497Xo/gtaMUI
-PkuU1uSHJTZrhLUYdPMoWHMvm2rPvAQe9t7dr/xLqvXbZmIlASWC3vKXWhBu3V2p
-IrEEqSNzOvhxrR3PhETrR9Gvbch8KKvH8jd6dF9fxQIUiqNa4xtsAeNdjtlo1vQJ
-GzLckbUs9SDrjANtJkm4k8SFXdjSm69WaswFM8ygQp40VUSca6DUEtArVM23iQ3l
-9uvo+4UBM096a/GdcjOWDveyhKWlJ8Qn8VFzKXe6Z27+TNy04qGhgS85SY1DOBPO
-0KVcwoc6AGdlQiPxNlkKHaNRyLyjlCox3+M88p0aPASw77EKMBNzttfzo0wBdRSF
-eMDXijlYhVD6LubFvs+LP6+PNtQlCS3SD6xyk/K/i9RQs/kVUJuZ9RTZ+4uRozIm
-JqD43ztggYaDeVsr6xM9KTrBbd29no6H1kquNJcF7hSm9tw4fkrpJFQHPZdoN0Zr
-DceoIa8TVOQJavFNRgrJXfubT73e+7dUy7g4nKc5+2otwHuNq6WnV+xKkoozxeEg
-XHPYkJIrgNUPhhhpfDlPhIa890xb89W0yqDC8DciynlSH1PmqvOQsDvd8ij9rOvF
-BiSgydQvD1j9tZ7sD8+yWdCiBHo4aq5y+73wJWKUCacFCwIDAQABo4IBYTCCAV0w
-SAYDVR0gBEEwPzA9BgRVHSAAMDUwMwYIKwYBBQUHAgEWJ2h0dHA6Ly93d3cuZGln
-aW5vdGFyLm5sL2Nwcy9wa2lvdmVyaGVpZDAPBgNVHRMBAf8EBTADAQH/MA4GA1Ud
-DwEB/wQEAwIBBjCBhQYDVR0jBH4wfIAUORCLSZJc22ESIM1JnRqO2pxnQLmhXqRc
-MFoxCzAJBgNVBAYTAk5MMR4wHAYDVQQKDBVTdGFhdCBkZXIgTmVkZXJsYW5kZW4x
-KzApBgNVBAMMIlN0YWF0IGRlciBOZWRlcmxhbmRlbiBSb290IENBIC0gRzKCBACY
-lvQwSQYDVR0fBEIwQDA+oDygOoY4aHR0cDovL2NybC5wa2lvdmVyaGVpZC5ubC9E
-b21PcmdhbmlzYXRpZUxhdGVzdENSTC1HMi5jcmwwHQYDVR0OBBYEFLxdlDvZq3sD
-JXNhwtst7vyrj2WhMA0GCSqGSIb3DQEBCwUAA4ICAQCP/C1Mt9kt1R+978v0t2gX
-dZ1O1ffdnPEqJu2forYcA9VTs+wIzzTi48P0tRYvyMO+19NzqwA2+RpKftZj6V5G
-uqW2jhW3oyrYQx3vXcgfgYWzi/f/PPTZ9EYIP5y8HaDZqEzNJVJOCrEg9x/pQ9lU
-RoETmsBedGwqmDLq/He7DaWiMZgifnx859qkrey3LhoZcfhIUNpDjyyE3cFAJ+O1
-8BVOltT4XOOGKUYr1zsH6zh/yIZXl9PvKjPEF1DVZGlrK2tFXl0vF8paTs/D1zk8
-9TufRrmb5w5Jl53W1eMbD+qPAU6aE5RZCgIHSEsaYKt/T+0L2FUNaG9VnGllFULs
-wNzdbKzDFs4LHVabpMTE0i7gD+JEJytQaaTcYuiKISlCbMwAOpZ2m+9AwKRed4Qy
-bCYqOWauXeO5ubIsaB8empADOfCqs6TMSYsYNOk3yXspx4R8b0QVL+xhWQTJRcui
-1lKifH8pktZKxYtCqNT+6tjHhyMY5J16fXNAUpigrm7jBT8FD+Clxm1N7YM3iJzH
-89xCmmq21yFJNnfy7xhPxXDZnunetyuL9Lx+KN8NQMmFXK6dxTH/0FwOtah+8Okv
-uq+IruW10Vilr5xxpykBkINpN4IFuvwJwQhujHg7wzMCgD9EhQgd31VWCK0shS1d
-sQPhrqp0xaTzTro3mHuCuQ==
------END CERTIFICATE-----
-
-// Subject: CN=DigiNotar PKIoverheid CA Overheid en Bedrijven,
-//          O=DigiNotar B.V.,
-//          C=NL
-// Issuer:  CN=Staat der Nederlanden Overheid CA
-//          O=Staat der Nederlanden,
-//          C=NL
-// Serial:  20015536 (01:31:69:b0)
------BEGIN CERTIFICATE-----
-MIIEiDCCA3CgAwIBAgIEATFpsDANBgkqhkiG9w0BAQUFADBZMQswCQYDVQQGEwJO
-TDEeMBwGA1UEChMVU3RhYXQgZGVyIE5lZGVybGFuZGVuMSowKAYDVQQDEyFTdGFh
-dCBkZXIgTmVkZXJsYW5kZW4gT3ZlcmhlaWQgQ0EwHhcNMDcwNzA1MDg0MjA3WhcN
-MTUwNzI3MDgzOTQ2WjBfMQswCQYDVQQGEwJOTDEXMBUGA1UEChMORGlnaU5vdGFy
-IEIuVi4xNzA1BgNVBAMTLkRpZ2lOb3RhciBQS0lvdmVyaGVpZCBDQSBPdmVyaGVp
-ZCBlbiBCZWRyaWp2ZW4wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDc
-vdKnTmoKuzuiheF/AK2+tDBomAfNoHrElM9x+Yo35FPrV3bMi+Zs/u6HVcg+uwQ5
-AKeAeKxbT370vbhUuHE7BzFJOZNUfCA7eSuPu2GQfbGs5h+QLp1FAalkLU3DL7nn
-UNVOKlyrdnY3Rtd57EKZ96LspIlw3Dgrh6aqJOadkiQbvvb91C8ZF3rmMgeUVAVT
-Q+lsvK9Hy7zL/b07RBKB8WtLu+20z6slTxjSzAL8o0+1QjPLWc0J3NNQ/aB2jKx+
-ZopC9q0ckvO2+xRG603XLzDgbe5bNr5EdLcgBVeFTegAGaL2DOauocBC36esgl3H
-aLcY5olLmmv6znn58yynAgMBAAGjggFQMIIBTDBIBgNVHSAEQTA/MD0GBFUdIAAw
-NTAzBggrBgEFBQcCARYnaHR0cDovL3d3dy5kaWdpbm90YXIubmwvY3BzL3BraW92
-ZXJoZWlkMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0PAQH/BAQDAgEGMIGABgNVHSME
-eTB3gBQLhtYPd6NosftkCcOIblwEHFfpPaFZpFcwVTELMAkGA1UEBhMCTkwxHjAc
-BgNVBAoTFVN0YWF0IGRlciBOZWRlcmxhbmRlbjEmMCQGA1UEAxMdU3RhYXQgZGVy
-IE5lZGVybGFuZGVuIFJvb3QgQ0GCBACYmnkwPQYDVR0fBDYwNDAyoDCgLoYsaHR0
-cDovL2NybC5wa2lvdmVyaGVpZC5ubC9Eb21PdkxhdGVzdENSTC5jcmwwHQYDVR0O
-BBYEFEwIyY128ZjHPt881y91DbF2eZfMMA0GCSqGSIb3DQEBBQUAA4IBAQAMlIca
-v03jheLu19hjeQ5Q38aEW9K72fUxCho1l3TfFPoqDz7toOMI9tVOW6+mriXiRWsi
-D7dUKH6S3o0UbNEc5W50BJy37zRERd/Jgx0ZH8Apad+J1T/CsFNt5U4X5HNhIxMm
-cUP9TFnLw98iqiEr2b+VERqKpOKrp11Lbyn1UtHk0hWxi/7wA8+nfemZhzizDXMU
-5HIs4c71rQZIZPrTKbmi2Lv01QulQERDjqC/zlqlUkxk0xcxYczopIro5Ij76eUv
-BjMzm5RmZrGrUDqhCYF0U1onuabSJc/Tw6f/ltAv6uAejVLpGBwgCkegllYOQJBR
-RKwa/fHuhR/3Qlpl
------END CERTIFICATE-----
-
-// Subject: CN=DigiNotar PKIoverheid CA Overheid
-//          O=DigiNotar B.V.,
-//          C=NL
-// Issuer:  CN=Staat der Nederlanden Overheid CA
-//          O=Staat der Nederlanden,
-//          C=NL
-// Serial:  20006006 (01:31:44:76)
------BEGIN CERTIFICATE-----
-MIIEezCCA2OgAwIBAgIEATFEdjANBgkqhkiG9w0BAQUFADBZMQswCQYDVQQGEwJO
-TDEeMBwGA1UEChMVU3RhYXQgZGVyIE5lZGVybGFuZGVuMSowKAYDVQQDEyFTdGFh
-dCBkZXIgTmVkZXJsYW5kZW4gT3ZlcmhlaWQgQ0EwHhcNMDQwNjI0MDgxOTMyWhcN
-MTAwNjIzMDgxNzM2WjBSMQswCQYDVQQGEwJOTDEXMBUGA1UEChMORGlnaU5vdGFy
-IEIuVi4xKjAoBgNVBAMTIURpZ2lOb3RhciBQS0lvdmVyaGVpZCBDQSBPdmVyaGVp
-ZDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBANSlrubta5tlOjVCi/gb
-yLCvRqfBjxG8H594VcKHu0WAYc99SPZF9cycj5mw2GyfQvy/WIrGrL4iyNq1gSqR
-0QA/mTXKZIaPqzpDhdm+VvrKkmjrbZfaQxgMSs3ChtBsjcP9Lc0X1zXZ4Q8nBe3k
-BTp+zehINfmbjoEgXLxsMR5RQ6GxzKjuC04PQpbJQgTIakglKaqYcDDZbEscWgPV
-Hgj/2aoHlj6leW/ThHZ+O41jUguEmBLZA3mu3HrCfrHntb5dPt0ihzSx7GtD/SaX
-5HBLxnP189YuqMk5iRA95CtiSdKauvon/xRKRLNgG6XAz0ctSoY7xLDdiBVU5kJd
-FScCAwEAAaOCAVAwggFMMEgGA1UdIARBMD8wPQYEVR0gADA1MDMGCCsGAQUFBwIB
-FidodHRwOi8vd3d3LmRpZ2lub3Rhci5ubC9jcHMvcGtpb3ZlcmhlaWQwDwYDVR0T
-AQH/BAUwAwEB/zAOBgNVHQ8BAf8EBAMCAQYwgYAGA1UdIwR5MHeAFAuG1g93o2ix
-+2QJw4huXAQcV+k9oVmkVzBVMQswCQYDVQQGEwJOTDEeMBwGA1UEChMVU3RhYXQg
-ZGVyIE5lZGVybGFuZGVuMSYwJAYDVQQDEx1TdGFhdCBkZXIgTmVkZXJsYW5kZW4g
-Um9vdCBDQYIEAJiaeTA9BgNVHR8ENjA0MDKgMKAuhixodHRwOi8vY3JsLnBraW92
-ZXJoZWlkLm5sL0RvbU92TGF0ZXN0Q1JMLmNybDAdBgNVHQ4EFgQUvRaYQh2+kdE9
-wpcl4CjXWOC1f+IwDQYJKoZIhvcNAQEFBQADggEBAGhQsCWLiaN2EOhPAW+JQP6o
-XBOrLv5w6joahzBFVn1BiefzmlMKjibqKYxURRvMAsMkh82/MfL8V0w6ugxl81lu
-i42dcxl9cKSVXKMw4bbBzJ2VQI5HTIABwefeNuy/eX6idVwYdt3ajAH7fUA8Q9Cq
-vr6H8B+8mwoEqTVTEVlCSsC/EXsokYEUr06PPzRudKjDmijgj7zFaIioZNc8hk7g
-ufEgrs/tmcNGylrwRHgCXjCRBt2NHlZ08l7A1AGU8HcHlSbG9Un/2q9kVHUkps0D
-gtUaEK+x6jpAu/R8Ojezu/+ZEcwwjI/KOhG+84+ejFmtyEkrUdsAdEdLf/2dKsw=
------END CERTIFICATE-----
-
-// Subject: EMAILADDRESS=info@diginotar.nl,
-//          CN=DigiNotar Services 1024 CA
-//          O=DigiNotar, C=NL
-// Issuer:  CN=Entrust.net Secure Server Certification Authority,
-//          OU=(c) 1999 Entrust.net Limited,
-//          OU=www.entrust.net/CPS incorp. by ref. (limits liab.),
-//          O=Entrust.net,
-//          C=US
-// Serial:  1184640176 (46:9c:2c:b0)
------BEGIN CERTIFICATE-----
-MIIDzTCCAzagAwIBAgIERpwssDANBgkqhkiG9w0BAQUFADCBwzELMAkGA1UEBhMC
-VVMxFDASBgNVBAoTC0VudHJ1c3QubmV0MTswOQYDVQQLEzJ3d3cuZW50cnVzdC5u
-ZXQvQ1BTIGluY29ycC4gYnkgcmVmLiAobGltaXRzIGxpYWIuKTElMCMGA1UECxMc
-KGMpIDE5OTkgRW50cnVzdC5uZXQgTGltaXRlZDE6MDgGA1UEAxMxRW50cnVzdC5u
-ZXQgU2VjdXJlIFNlcnZlciBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eTAeFw0wNzA3
-MjYxNTU5MDBaFw0xMzA4MjYxNjI5MDBaMGgxCzAJBgNVBAYTAk5MMRIwEAYDVQQK
-EwlEaWdpTm90YXIxIzAhBgNVBAMTGkRpZ2lOb3RhciBTZXJ2aWNlcyAxMDI0IENB
-MSAwHgYJKoZIhvcNAQkBFhFpbmZvQGRpZ2lub3Rhci5ubDCBnzANBgkqhkiG9w0B
-AQEFAAOBjQAwgYkCgYEA2ptNXTz50eKLxsYIIMXZHkjsZlhneWIrQWP0iY1o2q+4
-lDaLGSSkoJPSmQ+yrS01Tc0vauH5mxkrvAQafi09UmTN8T5nD4ku6PJPrqYIoYX+
-oakJ5sarPkP8r3oDkdqmOaZh7phPGKjTs69mgumfvN1y+QYEvRLZGCTnq5NTi1kC
-AwEAAaOCASYwggEiMBIGA1UdEwEB/wQIMAYBAf8CAQAwJwYDVR0lBCAwHgYIKwYB
-BQUHAwEGCCsGAQUFBwMCBggrBgEFBQcDBDARBgNVHSAECjAIMAYGBFUdIAAwMwYI
-KwYBBQUHAQEEJzAlMCMGCCsGAQUFBzABhhdodHRwOi8vb2NzcC5lbnRydXN0Lm5l
-dDAzBgNVHR8ELDAqMCigJqAkhiJodHRwOi8vY3JsLmVudHJ1c3QubmV0L3NlcnZl
-cjEuY3JsMB0GA1UdDgQWBBT+3JRJDG/vXH/G8RKZTxZJrfuCZTALBgNVHQ8EBAMC
-AQYwHwYDVR0jBBgwFoAU8BdiE1U9s/8KAGv7UISX8+1i0BowGQYJKoZIhvZ9B0EA
-BAwwChsEVjcuMQMCAIEwDQYJKoZIhvcNAQEFBQADgYEAY3RqN6k/lpxmyFisCcnv
-9WWUf6MCxDgxvV0jh+zUVrLJsm7kBQb87PX6iHBZ1O7m3bV6oKNgLwIMq94SXa/w
-NUuqikeRGvWFLELHHe+VQ7NeuJWTpdrFKKqtci0xrZlrbP+MISevrZqRK8fdWMNu
-B8WfedLHjFW/TMcnXlEWKz4=
------END CERTIFICATE-----
-
-// Subject: CN=Buster Paper Comercial Ltda,
-//          O=Buster Paper Comercial Ltda,
-//          L=S?o Jos? Dos Campos,
-//          ST=S?o Paulo,
-//          C=BR
-// Issuer:  CN=DigiCert Assured ID Code Signing CA-1,
-//          OU=www.digicert.com,
-//          O=DigiCert Inc,
-//          C=US
-// Serial:  07:b4:4c:db:ff:fb:78:de:05:f4:26:16:72:a6:73:12
------BEGIN CERTIFICATE-----
-MIIGwzCCBaugAwIBAgIQB7RM2//7eN4F9CYWcqZzEjANBgkqhkiG9w0BAQUFADBv
-MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3
-d3cuZGlnaWNlcnQuY29tMS4wLAYDVQQDEyVEaWdpQ2VydCBBc3N1cmVkIElEIENv
-ZGUgU2lnbmluZyBDQS0xMB4XDTEzMDExNzAwMDAwMFoXDTE0MDEyMjEyMDAwMFow
-gY4xCzAJBgNVBAYTAkJSMRMwEQYDVQQIDApTw6NvIFBhdWxvMR4wHAYDVQQHDBVT
-w6NvIEpvc8OpIERvcyBDYW1wb3MxJDAiBgNVBAoTG0J1c3RlciBQYXBlciBDb21l
-cmNpYWwgTHRkYTEkMCIGA1UEAxMbQnVzdGVyIFBhcGVyIENvbWVyY2lhbCBMdGRh
-MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzO0l6jWIpEfO2oUpVHpL
-HETj5lzivNb0S9jKHgGJax917czh81PnGTxwxFXd6gLJuy/XFHvmiSi8g8jzlymn
-2Ji5zQ3CPaz7nomJokSUDlMVJ2qYWtctw4jrdjuI4qtn+koXXUFkWjkf8h8251I4
-tUs7S49HE2Go5owCYP3byajj7fsFAYR/Xb7TdVtndkZsUB/YgOjHovyACjouaNCi
-mDiRyQ6zLLjZGiyeD65Yiseuhp5b8/BL5h1p7w76QYMYMVQNAdtDKut2R8MBpuWf
-Ny7Eoi0x/gm1p9X5Rcl5aN7K0G4UtTAJKbkuUfXddsyFoM0Nx8uo8SgNQ8Y/X5Jx
-BwIDAQABo4IDOTCCAzUwHwYDVR0jBBgwFoAUe2jOKarAF75JeuHlP9an90WPNTIw
-HQYDVR0OBBYEFFLZ3n5nt/Eer7n1bvtOqMb1qKO5MA4GA1UdDwEB/wQEAwIHgDAT
-BgNVHSUEDDAKBggrBgEFBQcDAzBzBgNVHR8EbDBqMDOgMaAvhi1odHRwOi8vY3Js
-My5kaWdpY2VydC5jb20vYXNzdXJlZC1jcy0yMDExYS5jcmwwM6AxoC+GLWh0dHA6
-Ly9jcmw0LmRpZ2ljZXJ0LmNvbS9hc3N1cmVkLWNzLTIwMTFhLmNybDCCAcQGA1Ud
-IASCAbswggG3MIIBswYJYIZIAYb9bAMBMIIBpDA6BggrBgEFBQcCARYuaHR0cDov
-L3d3dy5kaWdpY2VydC5jb20vc3NsLWNwcy1yZXBvc2l0b3J5Lmh0bTCCAWQGCCsG
-AQUFBwICMIIBVh6CAVIAQQBuAHkAIAB1AHMAZQAgAG8AZgAgAHQAaABpAHMAIABD
-AGUAcgB0AGkAZgBpAGMAYQB0AGUAIABjAG8AbgBzAHQAaQB0AHUAdABlAHMAIABh
-AGMAYwBlAHAAdABhAG4AYwBlACAAbwBmACAAdABoAGUAIABEAGkAZwBpAEMAZQBy
-AHQAIABDAFAALwBDAFAAUwAgAGEAbgBkACAAdABoAGUAIABSAGUAbAB5AGkAbgBn
-ACAAUABhAHIAdAB5ACAAQQBnAHIAZQBlAG0AZQBuAHQAIAB3AGgAaQBjAGgAIABs
-AGkAbQBpAHQAIABsAGkAYQBiAGkAbABpAHQAeQAgAGEAbgBkACAAYQByAGUAIABp
-AG4AYwBvAHIAcABvAHIAYQB0AGUAZAAgAGgAZQByAGUAaQBuACAAYgB5ACAAcgBl
-AGYAZQByAGUAbgBjAGUALjCBggYIKwYBBQUHAQEEdjB0MCQGCCsGAQUFBzABhhho
-dHRwOi8vb2NzcC5kaWdpY2VydC5jb20wTAYIKwYBBQUHMAKGQGh0dHA6Ly9jYWNl
-cnRzLmRpZ2ljZXJ0LmNvbS9EaWdpQ2VydEFzc3VyZWRJRENvZGVTaWduaW5nQ0Et
-MS5jcnQwDAYDVR0TAQH/BAIwADANBgkqhkiG9w0BAQUFAAOCAQEAPTTQvpOIikXI
-hTLnNbajaFRR5GhQpTzUNgBfF9VYSlNw/wMjpGsrh5RxaJCip52jbehmTgjMRhft
-jRYyml44PAVsCcR9uEoDpCZYpI1fHI1R+F8jd1C9rqprbSwwOG4xlg4SmvTHYs6e
-gBItQ/1p9XY+Sf4Wv1qOuOFL1qvV/5VyR2zdlOQCmKCeMgxt6a/tHLBDiAA67D44
-/vfdoNJl0CU2It0PO60jdCPFNWIRcxL+OSDqAoePeUC7xQ+JsTEIxuUE8+d6w6fc
-BV2mYb1flh22t46GLjh4gyo7xw3aL6L0L0jzlTT6IcEw6NIbaPbIKj/npQnHobYj
-XMuKLxbh7g==
------END CERTIFICATE-----
-
-// Subject: CN=BUSTER ASSISTENCIA TECNICA ELETRONICA LTDA - ME,
-//          O=BUSTER ASSISTENCIA TECNICA ELETRONICA LTDA - ME,
-//          L=S?o Paulo,
-//          ST=S?o Paulo,
-//          C=BR
-// Issuer:  CN=DigiCert Assured ID Code Signing CA-1,
-//          OU=www.digicert.com,
-//          O=DigiCert Inc,
-//          C=US
-// Serial:  0a:38:9b:95:ee:73:6d:d1:3b:c0:ed:74:3f:d7:4d:2f
------BEGIN CERTIFICATE-----
-MIIG4DCCBcigAwIBAgIQCjible5zbdE7wO10P9dNLzANBgkqhkiG9w0BAQUFADBv
-MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3
-d3cuZGlnaWNlcnQuY29tMS4wLAYDVQQDEyVEaWdpQ2VydCBBc3N1cmVkIElEIENv
-ZGUgU2lnbmluZyBDQS0xMB4XDTEyMTEwOTAwMDAwMFoXDTEzMTExNDEyMDAwMFow
-gasxCzAJBgNVBAYTAkJSMRMwEQYDVQQIDApTw6NvIFBhdWxvMRMwEQYDVQQHDApT
-w6NvIFBhdWxvMTgwNgYDVQQKEy9CVVNURVIgQVNTSVNURU5DSUEgVEVDTklDQSBF
-TEVUUk9OSUNBIExUREEgLSBNRTE4MDYGA1UEAxMvQlVTVEVSIEFTU0lTVEVOQ0lB
-IFRFQ05JQ0EgRUxFVFJPTklDQSBMVERBIC0gTUUwggEiMA0GCSqGSIb3DQEBAQUA
-A4IBDwAwggEKAoIBAQDAqNeEs5/B2CTXGjTOkUIdu6jV6qulOZwdw4sefHWYj1UR
-4z6zPk9kjpUgbnb402RFq88QtfInwddZ/wXn9OxMtDd/3TnC7HrhNS7ga79ZFL2V
-JnmzKHum2Yvh0q82QEJ9tHBR2X9VdKpUIH08Zs3k6cWWM1H0YX0cxA/HohhesQJW
-kwJ3urOIJiH/HeByDk8a1NS8safcCxk5vxvW4WvCg43iT09LeHY5Aa8abKw8lqVb
-0tD5ZSIjdmdj3TT1U37iAHLLRM2DXbxfdbhouUX1c5U1ZHAMA67HwjKiseOiDaHj
-NUGbC37C+cgbc9VVM/cURD8WvS0Kj6fQv7F2QtJDAgMBAAGjggM5MIIDNTAfBgNV
-HSMEGDAWgBR7aM4pqsAXvkl64eU/1qf3RY81MjAdBgNVHQ4EFgQU88EXKAyDsh30
-o9+Gu9a4xUy+FSMwDgYDVR0PAQH/BAQDAgeAMBMGA1UdJQQMMAoGCCsGAQUFBwMD
-MHMGA1UdHwRsMGowM6AxoC+GLWh0dHA6Ly9jcmwzLmRpZ2ljZXJ0LmNvbS9hc3N1
-cmVkLWNzLTIwMTFhLmNybDAzoDGgL4YtaHR0cDovL2NybDQuZGlnaWNlcnQuY29t
-L2Fzc3VyZWQtY3MtMjAxMWEuY3JsMIIBxAYDVR0gBIIBuzCCAbcwggGzBglghkgB
-hv1sAwEwggGkMDoGCCsGAQUFBwIBFi5odHRwOi8vd3d3LmRpZ2ljZXJ0LmNvbS9z
-c2wtY3BzLXJlcG9zaXRvcnkuaHRtMIIBZAYIKwYBBQUHAgIwggFWHoIBUgBBAG4A
-eQAgAHUAcwBlACAAbwBmACAAdABoAGkAcwAgAEMAZQByAHQAaQBmAGkAYwBhAHQA
-ZQAgAGMAbwBuAHMAdABpAHQAdQB0AGUAcwAgAGEAYwBjAGUAcAB0AGEAbgBjAGUA
-IABvAGYAIAB0AGgAZQAgAEQAaQBnAGkAQwBlAHIAdAAgAEMAUAAvAEMAUABTACAA
-YQBuAGQAIAB0AGgAZQAgAFIAZQBsAHkAaQBuAGcAIABQAGEAcgB0AHkAIABBAGcA
-cgBlAGUAbQBlAG4AdAAgAHcAaABpAGMAaAAgAGwAaQBtAGkAdAAgAGwAaQBhAGIA
-aQBsAGkAdAB5ACAAYQBuAGQAIABhAHIAZQAgAGkAbgBjAG8AcgBwAG8AcgBhAHQA
-ZQBkACAAaABlAHIAZQBpAG4AIABiAHkAIAByAGUAZgBlAHIAZQBuAGMAZQAuMIGC
-BggrBgEFBQcBAQR2MHQwJAYIKwYBBQUHMAGGGGh0dHA6Ly9vY3NwLmRpZ2ljZXJ0
-LmNvbTBMBggrBgEFBQcwAoZAaHR0cDovL2NhY2VydHMuZGlnaWNlcnQuY29tL0Rp
-Z2lDZXJ0QXNzdXJlZElEQ29kZVNpZ25pbmdDQS0xLmNydDAMBgNVHRMBAf8EAjAA
-MA0GCSqGSIb3DQEBBQUAA4IBAQAei1QmiXepje8OIfo/WonD4MIXgpPr2dfRaquQ
-A8q63OpTRSveyqdQDCSPpDRF/nvO1Y30yksZvIH1tNBsW5LBdxAKN3lFdBlqBwtE
-Q3jHc0KVVYRJ0FBaGE/PJHmRajscdAhYIcMPhTga0u0tDK+wOHEq3993dfl6yHjA
-XHU2iW5pnk75ZoE39zALD5eKXT8ZXrET5c3XUFJKWA+XuGmdmyzqo0Au49PanBv9
-UlZnabYfqoMArqMS0tGSX4cGgi9/2E+pHG9BX4sFW+ZDumroOA2pxyMWEKjxePEL
-zCOfhbsRWdMLYepauaNZOIMZXmFwcrIl0TGMkTAtATz+XmZc
------END CERTIFICATE-----
-
-// Subject: CN=CLEARESULT CONSULTING INC., OU=Corporate IT,
-//          O=CLEARESULT CONSULTING INC., L=Austin, ST=TX, C=US
-// Issuer:  SERIALNUMBER=07969287,
-//          CN=Go Daddy Secure Certification Authority,
-//          OU=http://certificates.godaddy.com/repository,
-//          O="GoDaddy.com, Inc.",
-//          L=Scottsdale,
-//          ST=Arizona,
-//          C=US
-// Serial:  2b:73:43:2a:a8:4f:44
------BEGIN CERTIFICATE-----
-MIIFYjCCBEqgAwIBAgIHK3NDKqhPRDANBgkqhkiG9w0BAQUFADCByjELMAkGA1UE
-BhMCVVMxEDAOBgNVBAgTB0FyaXpvbmExEzARBgNVBAcTClNjb3R0c2RhbGUxGjAY
-BgNVBAoTEUdvRGFkZHkuY29tLCBJbmMuMTMwMQYDVQQLEypodHRwOi8vY2VydGlm
-aWNhdGVzLmdvZGFkZHkuY29tL3JlcG9zaXRvcnkxMDAuBgNVBAMTJ0dvIERhZGR5
-IFNlY3VyZSBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eTERMA8GA1UEBRMIMDc5Njky
-ODcwHhcNMTIwMjE1MjEwOTA2WhcNMTQwMjE1MjEwOTA2WjCBjDELMAkGA1UEBgwC
-VVMxCzAJBgNVBAgMAlRYMQ8wDQYDVQQHDAZBdXN0aW4xIzAhBgNVBAoMGkNMRUFS
-RVNVTFQgQ09OU1VMVElORyBJTkMuMRUwEwYDVQQLDAxDb3Jwb3JhdGUgSVQxIzAh
-BgNVBAMMGkNMRUFSRVNVTFQgQ09OU1VMVElORyBJTkMuMIIBIjANBgkqhkiG9w0B
-AQEFAAOCAQ8AMIIBCgKCAQEAtIOjCKeAicull+7ZIzt0/4ya3IeXUFlfypqKMLkU
-IbKjn0P5uMj6VE3rlbZr44RCegxvdnR6umBh1c0ZXoN3o+yc0JKcKcLiApmJJ277
-p7IbLwYDhBXRQNoIJm187IOMRPIxsKN4hL91txn9jGBmW+9zKlJlNhR5R7vjwU2E
-jrH/6oqsc9EM2yYpfjlNv6+3jSwAYZCkSWr+27PQOV+YHKmIxtJjX0upFz5FdIrV
-9CCX+L2Kji1THOkSgG4QTbYxmEcHqGViWz8hXLeNXjcbEsPuIiAu3hknxRHfUTE/
-U0Lh0Ug1e3LrJu+WnxM2SmUY4krsZ22c0yWUW9hzWITIjQIDAQABo4IBhzCCAYMw
-DwYDVR0TAQH/BAUwAwEBADATBgNVHSUEDDAKBggrBgEFBQcDAzAOBgNVHQ8BAf8E
-BAMCB4AwMwYDVR0fBCwwKjAooCagJIYiaHR0cDovL2NybC5nb2RhZGR5LmNvbS9n
-ZHM1LTE2LmNybDBTBgNVHSAETDBKMEgGC2CGSAGG/W0BBxcCMDkwNwYIKwYBBQUH
-AgEWK2h0dHA6Ly9jZXJ0aWZpY2F0ZXMuZ29kYWRkeS5jb20vcmVwb3NpdG9yeS8w
-gYAGCCsGAQUFBwEBBHQwcjAkBggrBgEFBQcwAYYYaHR0cDovL29jc3AuZ29kYWRk
-eS5jb20vMEoGCCsGAQUFBzAChj5odHRwOi8vY2VydGlmaWNhdGVzLmdvZGFkZHku
-Y29tL3JlcG9zaXRvcnkvZ2RfaW50ZXJtZWRpYXRlLmNydDAfBgNVHSMEGDAWgBT9
-rGEyk2xF1uLuhV+auud2mWjM5zAdBgNVHQ4EFgQUDtdeKqeN2QkcbEp1HovFieNB
-XiowDQYJKoZIhvcNAQEFBQADggEBAD74Agw5tvi2aBl4/f/s7/VE/BClzDsKMb9K
-v9qpeC45ZA/jelxV11HKbQnVF194gDb7D2H9OsAsRUy8HVKbXEcc/8dKvwOqb+BC
-2i/EmfjLgmCfezNFtLq8xcPxF3zIRc44vPrK0z4YZsaHdH+yTEJ51p5EMdTqaLaP
-4n5m8LX3RfqlQB9dYFe6dUoYZjKm9d/pIRww3VqfOzjl42Edi1w6dWmBVMx1NZuR
-DBabJH1vJ9Gd+KwxMCmBZ6pQPl28JDimhJhI2LNqU349uADQVV0HJosddN/ARyyI
-LSIQO7BnNVKVG9Iujf33bvPNeg0qNz5qw+rKKq97Pqeum+L5oKU=
------END CERTIFICATE-----
--- a/src/share/lib/security/java.policy	Wed Jul 16 16:02:51 2014 +0400
+++ b/src/share/lib/security/java.policy	Wed Jul 16 15:12:24 2014 -0700
@@ -26,15 +26,36 @@
 };
 
 grant codeBase "file:${java.home}/lib/ext/sunec.jar" {
-        permission java.security.AllPermission;
+        permission java.lang.RuntimePermission "accessClassInPackage.sun.security.*";
+        permission java.lang.RuntimePermission "loadLibrary.sunec";
+        permission java.util.PropertyPermission "*", "read";
+        permission java.security.SecurityPermission "putProviderProperty.SunEC";
+        permission java.security.SecurityPermission "clearProviderProperties.SunEC";
+        permission java.security.SecurityPermission "removeProviderProperty.SunEC";
 };
 
 grant codeBase "file:${java.home}/lib/ext/sunjce_provider.jar" {
-        permission java.security.AllPermission;
+        permission java.lang.RuntimePermission "accessClassInPackage.sun.misc";
+        permission java.lang.RuntimePermission "accessClassInPackage.sun.security.*";
+        permission java.util.PropertyPermission "*", "read";
+        permission java.security.SecurityPermission "putProviderProperty.SunJCE";
+        permission java.security.SecurityPermission "clearProviderProperties.SunJCE";
+        permission java.security.SecurityPermission "removeProviderProperty.SunJCE";
 };
 
 grant codeBase "file:${java.home}/lib/ext/sunpkcs11.jar" {
-        permission java.security.AllPermission;
+        permission java.lang.RuntimePermission "accessClassInPackage.sun.security.*";
+        permission java.lang.RuntimePermission "accessClassInPackage.sun.nio.ch";
+        permission java.lang.RuntimePermission "loadLibrary.j2pkcs11";
+        // needs "security.pkcs11.allowSingleThreadedModules"
+        permission java.util.PropertyPermission "*", "read";
+        permission java.security.SecurityPermission "putProviderProperty.*";
+        permission java.security.SecurityPermission "clearProviderProperties.*";
+        permission java.security.SecurityPermission "removeProviderProperty.*";
+        permission java.security.SecurityPermission "getProperty.auth.login.defaultCallbackHandler";
+        permission java.security.SecurityPermission "authProvider.*";
+        // Needed for reading PKCS11 config file and NSS library check
+        permission java.io.FilePermission "<<ALL FILES>>", "read";
 };
 
 // default permissions granted to all domains
--- a/src/share/lib/security/java.security-linux	Wed Jul 16 16:02:51 2014 +0400
+++ b/src/share/lib/security/java.security-linux	Wed Jul 16 15:12:24 2014 -0700
@@ -209,8 +209,8 @@
                org.jcp.xml.dsig.internal.,\
                jdk.internal.,\
                jdk.nashorn.internal.,\
-               jdk.nashorn.tools.
-
+               jdk.nashorn.tools.,\
+               com.sun.activation.registries.
 
 #
 # List of comma-separated packages that start with or equal this string
@@ -255,8 +255,8 @@
                    org.jcp.xml.dsig.internal.,\
                    jdk.internal.,\
                    jdk.nashorn.internal.,\
-                   jdk.nashorn.tools.
-
+                   jdk.nashorn.tools.,\
+                   com.sun.activation.registries.
 
 #
 # Determines whether this properties file can be appended to
--- a/src/share/lib/security/java.security-macosx	Wed Jul 16 16:02:51 2014 +0400
+++ b/src/share/lib/security/java.security-macosx	Wed Jul 16 15:12:24 2014 -0700
@@ -211,6 +211,7 @@
                jdk.internal.,\
                jdk.nashorn.internal.,\
                jdk.nashorn.tools.,\
+               com.sun.activation.registries.,\
                apple.
 
 #
@@ -257,6 +258,7 @@
                    jdk.internal.,\
                    jdk.nashorn.internal.,\
                    jdk.nashorn.tools.,\
+                   com.sun.activation.registries.,\
                    apple.
 
 #
--- a/src/share/lib/security/java.security-solaris	Wed Jul 16 16:02:51 2014 +0400
+++ b/src/share/lib/security/java.security-solaris	Wed Jul 16 15:12:24 2014 -0700
@@ -211,7 +211,8 @@
                org.jcp.xml.dsig.internal.,\
                jdk.internal.,\
                jdk.nashorn.internal.,\
-               jdk.nashorn.tools.
+               jdk.nashorn.tools.,\
+               com.sun.activation.registries.
 
 #
 # List of comma-separated packages that start with or equal this string
@@ -256,7 +257,8 @@
                    org.jcp.xml.dsig.internal.,\
                    jdk.internal.,\
                    jdk.nashorn.internal.,\
-                   jdk.nashorn.tools.
+                   jdk.nashorn.tools.,\
+                   com.sun.activation.registries.
 
 #
 # Determines whether this properties file can be appended to
--- a/src/share/lib/security/java.security-windows	Wed Jul 16 16:02:51 2014 +0400
+++ b/src/share/lib/security/java.security-windows	Wed Jul 16 15:12:24 2014 -0700
@@ -211,6 +211,7 @@
                jdk.internal.,\
                jdk.nashorn.internal.,\
                jdk.nashorn.tools.,\
+               com.sun.activation.registries.,\
                com.sun.java.accessibility.
 
 #
@@ -257,6 +258,7 @@
                    jdk.internal.,\
                    jdk.nashorn.internal.,\
                    jdk.nashorn.tools.,\
+                   com.sun.activation.registries.,\
                    com.sun.java.accessibility.
 
 #
--- a/src/share/native/com/sun/java/util/jar/pack/defines.h	Wed Jul 16 16:02:51 2014 +0400
+++ b/src/share/native/com/sun/java/util/jar/pack/defines.h	Wed Jul 16 15:12:24 2014 -0700
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2001, 2012, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2001, 2014, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -79,6 +79,7 @@
 #define ERROR_RESOURCE  "Cannot extract resource file"
 #define ERROR_OVERFLOW  "Internal buffer overflow"
 #define ERROR_INTERNAL  "Internal error"
+#define ERROR_INIT      "cannot init class members"
 
 #define LOGFILE_STDOUT "-"
 #define LOGFILE_STDERR ""
--- a/src/share/native/com/sun/java/util/jar/pack/jni.cpp	Wed Jul 16 16:02:51 2014 +0400
+++ b/src/share/native/com/sun/java/util/jar/pack/jni.cpp	Wed Jul 16 15:12:24 2014 -0700
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2003, 2012, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2003, 2014, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -56,6 +56,45 @@
 
 #define THROW_IOE(x) JNU_ThrowIOException(env,x)
 
+#define CHECK_EXCEPTION_RETURN_VOID_THROW_IOE(CERVTI_exception, CERVTI_message) \
+    do { \
+        if ((env)->ExceptionOccurred()) { \
+            THROW_IOE(CERVTI_message); \
+            return; \
+        } \
+        if ((CERVTI_exception) == NULL) { \
+                THROW_IOE(CERVTI_message); \
+                return; \
+        } \
+    } while (JNI_FALSE)
+
+
+#define CHECK_EXCEPTION_RETURN_VALUE(CERL_exception, CERL_return_value) \
+    do { \
+        if ((env)->ExceptionOccurred()) { \
+            return CERL_return_value; \
+        } \
+        if ((CERL_exception) == NULL) { \
+            return CERL_return_value; \
+        } \
+    } while (JNI_FALSE)
+
+
+// If these useful macros aren't defined in jni_util.h then define them here
+#ifndef CHECK_NULL_RETURN
+#define CHECK_NULL_RETURN(x, y) \
+    do { \
+        if ((x) == NULL) return (y); \
+    } while (JNI_FALSE)
+#endif
+
+#ifndef CHECK_EXCEPTION_RETURN
+#define CHECK_EXCEPTION_RETURN(env, y) \
+    do { \
+        if ((*env)->ExceptionCheck(env)) return (y); \
+    } while (JNI_FALSE)
+#endif
+
 static jlong read_input_via_jni(unpacker* self,
                                 void* buf, jlong minlen, jlong maxlen);
 
@@ -92,9 +131,11 @@
   vm->GetEnv(&envRaw, JNI_VERSION_1_1);
   JNIEnv* env = (JNIEnv*) envRaw;
   //fprintf(stderr, "get_unpacker() env=%p\n", env);
-  if (env == null)
-    return null;
+  CHECK_NULL_RETURN(env, NULL);
   jobject pObj = env->CallStaticObjectMethod(NIclazz, currentInstMID);
+  // We should check upon the known non-null variable because here we want to check
+  // only for pending exceptions. If pObj is null we'll deal with it later.
+  CHECK_EXCEPTION_RETURN_VALUE(env, NULL);
   //fprintf(stderr, "get_unpacker0() pObj=%p\n", pObj);
   if (pObj != null) {
     // Got pObj and env; now do it the easy way.
@@ -137,20 +178,20 @@
   while( dbg != null) { sleep(10); }
 #endif
   NIclazz = (jclass) env->NewGlobalRef(clazz);
+
   unpackerPtrFID = env->GetFieldID(clazz, "unpackerPtr", "J");
+  CHECK_EXCEPTION_RETURN_VOID_THROW_IOE(unpackerPtrFID, ERROR_INIT);
+
   currentInstMID = env->GetStaticMethodID(clazz, "currentInstance",
                                           "()Ljava/lang/Object;");
+  CHECK_EXCEPTION_RETURN_VOID_THROW_IOE(currentInstMID, ERROR_INIT);
+
   readInputMID = env->GetMethodID(clazz, "readInputFn",
                                   "(Ljava/nio/ByteBuffer;J)J");
+  CHECK_EXCEPTION_RETURN_VOID_THROW_IOE(readInputMID, ERROR_INIT);
+
   getUnpackerPtrMID = env->GetMethodID(clazz, "getUnpackerPtr", "()J");
-
-  if (unpackerPtrFID == null ||
-      currentInstMID == null ||
-      readInputMID == null ||
-      NIclazz == null ||
-      getUnpackerPtrMID == null) {
-    THROW_IOE("cannot init class members");
-  }
+  CHECK_EXCEPTION_RETURN_VOID_THROW_IOE(getUnpackerPtrMID, ERROR_INIT);
 }
 
 JNIEXPORT jlong JNICALL
@@ -160,9 +201,7 @@
   // valid object pointers and env is intact, if not now is good time to bail.
   unpacker* uPtr = get_unpacker();
   //fprintf(stderr, "start(%p) uPtr=%p initializing\n", pObj, uPtr);
-  if (uPtr == null) {
-      return -1;
-  }
+  CHECK_EXCEPTION_RETURN_VALUE(uPtr, -1);
   // redirect our io to the default log file or whatever.
   uPtr->redirect_stdio();
 
@@ -200,6 +239,7 @@
                                          jobjectArray pParts) {
 
   unpacker* uPtr = get_unpacker(env, pObj);
+  CHECK_EXCEPTION_RETURN_VALUE(uPtr, false);
   unpacker::file* filep = uPtr->get_next_file();
 
   if (uPtr->aborting()) {
@@ -207,32 +247,38 @@
     return false;
   }
 
-  if (filep == null) {
-    return false;   // end of the sequence
-  }
+  CHECK_NULL_RETURN(filep, false);
   assert(filep == &uPtr->cur_file);
 
   int pidx = 0, iidx = 0;
   jintArray pIntParts = (jintArray) env->GetObjectArrayElement(pParts, pidx++);
+  CHECK_EXCEPTION_RETURN_VALUE(pIntParts, false);
   jint*     intParts  = env->GetIntArrayElements(pIntParts, null);
   intParts[iidx++] = (jint)( (julong)filep->size >> 32 );
   intParts[iidx++] = (jint)( (julong)filep->size >>  0 );
   intParts[iidx++] = filep->modtime;
   intParts[iidx++] = filep->deflate_hint() ? 1 : 0;
   env->ReleaseIntArrayElements(pIntParts, intParts, JNI_COMMIT);
-
-  env->SetObjectArrayElement(pParts, pidx++, env->NewStringUTF(filep->name));
-
+  jstring filename = env->NewStringUTF(filep->name);
+  CHECK_EXCEPTION_RETURN_VALUE(filename, false);
+  env->SetObjectArrayElement(pParts, pidx++, filename);
+  CHECK_EXCEPTION_RETURN_VALUE(uPtr, false);
   jobject pDataBuf = null;
-  if (filep->data[0].len > 0)
+  if (filep->data[0].len > 0) {
     pDataBuf = env->NewDirectByteBuffer(filep->data[0].ptr,
                                         filep->data[0].len);
+    CHECK_EXCEPTION_RETURN_VALUE(pDataBuf, false);
+  }
   env->SetObjectArrayElement(pParts, pidx++, pDataBuf);
+  CHECK_EXCEPTION_RETURN_VALUE(uPtr, false);
   pDataBuf = null;
-  if (filep->data[1].len > 0)
+  if (filep->data[1].len > 0) {
     pDataBuf = env->NewDirectByteBuffer(filep->data[1].ptr,
                                         filep->data[1].len);
+    CHECK_EXCEPTION_RETURN_VALUE(pDataBuf, false);
+  }
   env->SetObjectArrayElement(pParts, pidx++, pDataBuf);
+  CHECK_EXCEPTION_RETURN_VALUE(uPtr, false);
 
   return true;
 }
@@ -241,6 +287,7 @@
 JNIEXPORT jobject JNICALL
 Java_com_sun_java_util_jar_pack_NativeUnpack_getUnusedInput(JNIEnv *env, jobject pObj) {
   unpacker* uPtr = get_unpacker(env, pObj);
+  CHECK_EXCEPTION_RETURN_VALUE(uPtr, NULL);
   unpacker::file* filep = &uPtr->cur_file;
 
   if (uPtr->aborting()) {
@@ -263,7 +310,7 @@
 JNIEXPORT jlong JNICALL
 Java_com_sun_java_util_jar_pack_NativeUnpack_finish(JNIEnv *env, jobject pObj) {
   unpacker* uPtr = get_unpacker(env, pObj, false);
-  if (uPtr == null)  return 0;
+  CHECK_EXCEPTION_RETURN_VALUE(uPtr, NULL);
   size_t consumed = uPtr->input_consumed();
   free_unpacker(env, pObj, uPtr);
   return consumed;
@@ -274,7 +321,9 @@
                                        jstring pProp, jstring pValue) {
   unpacker*   uPtr  = get_unpacker(env, pObj);
   const char* prop  = env->GetStringUTFChars(pProp, JNI_FALSE);
+  CHECK_EXCEPTION_RETURN_VALUE(prop, false);
   const char* value = env->GetStringUTFChars(pValue, JNI_FALSE);
+  CHECK_EXCEPTION_RETURN_VALUE(value, false);
   jboolean   retval = uPtr->set_option(prop, value);
   env->ReleaseStringUTFChars(pProp,  prop);
   env->ReleaseStringUTFChars(pValue, value);
@@ -286,9 +335,11 @@
                                        jstring pProp) {
 
   unpacker*   uPtr  = get_unpacker(env, pObj);
+  CHECK_EXCEPTION_RETURN_VALUE(uPtr, NULL);
   const char* prop  = env->GetStringUTFChars(pProp, JNI_FALSE);
+  CHECK_EXCEPTION_RETURN_VALUE(prop, NULL);
   const char* value = uPtr->get_option(prop);
+  CHECK_EXCEPTION_RETURN_VALUE(value, NULL);
   env->ReleaseStringUTFChars(pProp, prop);
-  if (value == null)  return null;
   return env->NewStringUTF(value);
 }
--- a/src/share/native/common/check_code.c	Wed Jul 16 16:02:51 2014 +0400
+++ b/src/share/native/common/check_code.c	Wed Jul 16 15:12:24 2014 -0700
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 1994, 2013, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 1994, 2014, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -1357,16 +1357,9 @@
                 }
                 (*env)->DeleteLocalRef(env, super);
 
-                /* The optimizer make cause this to happen on local code */
+                /* The optimizer may cause this to happen on local code */
                 if (not_found) {
-#ifdef BROKEN_JAVAC
-                    jobject loader = JVM_GetClassLoader(env, context->class);
-                    int has_loader = (loader != 0);
-                    (*env)->DeleteLocalRef(env, loader);
-                    if (has_loader)
-#endif /* BROKEN_JAVAC */
-                        CCerror(context,
-                                "Illegal use of nonvirtual function call");
+                    CCerror(context, "Illegal use of nonvirtual function call");
                 }
             }
         }
--- a/src/share/native/java/lang/Class.c	Wed Jul 16 16:02:51 2014 +0400
+++ b/src/share/native/java/lang/Class.c	Wed Jul 16 15:12:24 2014 -0700
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 1994, 2013, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 1994, 2014, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -45,7 +45,6 @@
 #define CLS "Ljava/lang/Class;"
 #define CPL "Lsun/reflect/ConstantPool;"
 #define STR "Ljava/lang/String;"
-#define JCL "Ljava/lang/ClassLoader;"
 #define FLD "Ljava/lang/reflect/Field;"
 #define MHD "Ljava/lang/reflect/Method;"
 #define CTR "Ljava/lang/reflect/Constructor;"
@@ -56,13 +55,11 @@
     {"getName0",         "()" STR,          (void *)&JVM_GetClassName},
     {"getSuperclass",    "()" CLS,          NULL},
     {"getInterfaces0",   "()[" CLS,         (void *)&JVM_GetClassInterfaces},
-    {"getClassLoader0",  "()" JCL,          (void *)&JVM_GetClassLoader},
     {"isInterface",      "()Z",             (void *)&JVM_IsInterface},
     {"getSigners",       "()[" OBJ,         (void *)&JVM_GetClassSigners},
     {"setSigners",       "([" OBJ ")V",     (void *)&JVM_SetClassSigners},
     {"isArray",          "()Z",             (void *)&JVM_IsArrayClass},
     {"isPrimitive",      "()Z",             (void *)&JVM_IsPrimitiveClass},
-    {"getComponentType", "()" CLS,          (void *)&JVM_GetComponentType},
     {"getModifiers",     "()I",             (void *)&JVM_GetClassModifiers},
     {"getDeclaredFields0","(Z)[" FLD,       (void *)&JVM_GetClassDeclaredFields},
     {"getDeclaredMethods0","(Z)[" MHD,      (void *)&JVM_GetClassDeclaredMethods},
@@ -81,7 +78,6 @@
 #undef OBJ
 #undef CLS
 #undef STR
-#undef JCL
 #undef FLD
 #undef MHD
 #undef CTR
--- a/src/share/native/java/lang/java_props.h	Wed Jul 16 16:02:51 2014 +0400
+++ b/src/share/native/java/lang/java_props.h	Wed Jul 16 15:12:24 2014 -0700
@@ -117,7 +117,7 @@
 
     char *exceptionList;
 
-    char *awt_headless  /* java.awt.headless setting, if NULL (default) will not be set */
+    char *awt_headless;  /* java.awt.headless setting, if NULL (default) will not be set */
 #endif
 
 } java_props_t;
--- a/src/share/native/sun/awt/medialib/awt_ImagingLib.c	Wed Jul 16 16:02:51 2014 +0400
+++ b/src/share/native/sun/awt/medialib/awt_ImagingLib.c	Wed Jul 16 15:12:24 2014 -0700
@@ -373,14 +373,14 @@
 
 
     /* Parse the source image */
-    if ((status = awt_parseImage(env, jsrc, &srcImageP, FALSE)) <= 0) {
+    if (awt_parseImage(env, jsrc, &srcImageP, FALSE) <= 0) {
         /* Can't handle any custom images */
         free(dkern);
         return 0;
     }
 
     /* Parse the destination image */
-    if ((status = awt_parseImage(env, jdst, &dstImageP, FALSE)) <= 0) {
+    if (awt_parseImage(env, jdst, &dstImageP, FALSE) <= 0) {
         /* Can't handle any custom images */
         awt_freeParsedImage(srcImageP, TRUE);
         free(dkern);
@@ -627,7 +627,7 @@
     }
 
     /* Parse the source raster */
-    if ((status = awt_parseRaster(env, jsrc, srcRasterP)) <= 0) {
+    if (awt_parseRaster(env, jsrc, srcRasterP) <= 0) {
         /* Can't handle any custom rasters */
         free(srcRasterP);
         free(dstRasterP);
@@ -636,7 +636,7 @@
     }
 
     /* Parse the destination raster */
-    if ((status = awt_parseRaster(env, jdst, dstRasterP)) <= 0) {
+    if (awt_parseRaster(env, jdst, dstRasterP) <= 0) {
         /* Can't handle any custom images */
         awt_freeParsedRaster(srcRasterP, TRUE);
         free(dstRasterP);
@@ -839,13 +839,13 @@
     (*env)->ReleasePrimitiveArrayCritical(env, jmatrix, matrix, JNI_ABORT);
 
     /* Parse the source image */
-    if ((status = awt_parseImage(env, jsrc, &srcImageP, FALSE)) <= 0) {
+    if (awt_parseImage(env, jsrc, &srcImageP, FALSE) <= 0) {
         /* Can't handle any custom images */
         return 0;
     }
 
     /* Parse the destination image */
-    if ((status = awt_parseImage(env, jdst, &dstImageP, FALSE)) <= 0) {
+    if (awt_parseImage(env, jdst, &dstImageP, FALSE) <= 0) {
         /* Can't handle any custom images */
         awt_freeParsedImage(srcImageP, TRUE);
         return 0;
@@ -1059,7 +1059,7 @@
     (*env)->ReleasePrimitiveArrayCritical(env, jmatrix, matrix, JNI_ABORT);
 
     /* Parse the source raster */
-    if ((status = awt_parseRaster(env, jsrc, srcRasterP)) <= 0) {
+    if (awt_parseRaster(env, jsrc, srcRasterP) <= 0) {
         /* Can't handle any custom rasters */
         free(srcRasterP);
         free(dstRasterP);
@@ -1067,7 +1067,7 @@
     }
 
     /* Parse the destination raster */
-    if ((status = awt_parseRaster(env, jdst, dstRasterP)) <= 0) {
+    if (awt_parseRaster(env, jdst, dstRasterP) <= 0) {
         /* Can't handle any custom images */
         awt_freeParsedRaster(srcRasterP, TRUE);
         free(dstRasterP);
@@ -1306,13 +1306,13 @@
     if (s_timeIt) (*start_timer)(3600);
 
     /* Parse the source image */
-    if ((status = awt_parseImage(env, jsrc, &srcImageP, FALSE)) <= 0) {
+    if (awt_parseImage(env, jsrc, &srcImageP, FALSE) <= 0) {
         /* Can't handle any custom images */
         return 0;
     }
 
     /* Parse the destination image */
-    if ((status = awt_parseImage(env, jdst, &dstImageP, FALSE)) <= 0) {
+    if (awt_parseImage(env, jdst, &dstImageP, FALSE) <= 0) {
         /* Can't handle any custom images */
         awt_freeParsedImage(srcImageP, TRUE);
         return 0;
@@ -1554,14 +1554,14 @@
     }
 
     /* Parse the source raster - reject custom images */
-    if ((status = awt_parseRaster(env, jsrc, srcRasterP)) <= 0) {
+    if (awt_parseRaster(env, jsrc, srcRasterP) <= 0) {
         free(srcRasterP);
         free(dstRasterP);
         return 0;
     }
 
     /* Parse the destination image - reject custom images */
-    if ((status = awt_parseRaster(env, jdst, dstRasterP)) <= 0) {
+    if (awt_parseRaster(env, jdst, dstRasterP) <= 0) {
         awt_freeParsedRaster(srcRasterP, TRUE);
         free(dstRasterP);
         return 0;
--- a/src/share/native/sun/font/freetypeScaler.c	Wed Jul 16 16:02:51 2014 +0400
+++ b/src/share/native/sun/font/freetypeScaler.c	Wed Jul 16 15:12:24 2014 -0700
@@ -177,18 +177,10 @@
     if (numBytes > FILEDATACACHESIZE) {
         bBuffer = (*env)->NewDirectByteBuffer(env, destBuffer, numBytes);
         if (bBuffer != NULL) {
-            /* Loop until the read succeeds (or EOF).
-             * This should improve robustness in the event of a problem in
-             * the I/O system. If we find that we ever end up spinning here
-             * we are going to have to do some serious work to recover.
-             * Just returning without reading the data will cause a crash.
-             */
-            while (bread == 0) {
-                bread = (*env)->CallIntMethod(env,
-                                              scalerInfo->font2D,
-                                              sunFontIDs.ttReadBlockMID,
-                                              bBuffer, offset, numBytes);
-            }
+            bread = (*env)->CallIntMethod(env,
+                                          scalerInfo->font2D,
+                                          sunFontIDs.ttReadBlockMID,
+                                          bBuffer, offset, numBytes);
             return bread;
         } else {
             /* We probably hit bug bug 4845371. For reasons that
@@ -224,19 +216,10 @@
                  (offset + FILEDATACACHESIZE > scalerInfo->fileSize) ?
                  scalerInfo->fileSize - offset : FILEDATACACHESIZE;
         bBuffer = scalerInfo->directBuffer;
-        /* Loop until all the read succeeds (or EOF).
-         * This should improve robustness in the event of a problem in
-         * the I/O system. If we find that we ever end up spinning here
-         * we are going to have to do some serious work to recover.
-         * Just returning without reading the data will cause a crash.
-         */
-        while (bread == 0) {
-            bread = (*env)->CallIntMethod(env, scalerInfo->font2D,
-                                          sunFontIDs.ttReadBlockMID,
-                                          bBuffer, offset,
-                                          scalerInfo->fontDataLength);
-        }
-
+        bread = (*env)->CallIntMethod(env, scalerInfo->font2D,
+                                      sunFontIDs.ttReadBlockMID,
+                                      bBuffer, offset,
+                                      scalerInfo->fontDataLength);
         memcpy(destBuffer, scalerInfo->fontData, numBytes);
         return numBytes;
     }
--- a/src/share/native/sun/security/ec/ECC_JNI.cpp	Wed Jul 16 16:02:51 2014 +0400
+++ b/src/share/native/sun/security/ec/ECC_JNI.cpp	Wed Jul 16 15:12:24 2014 -0700
@@ -66,22 +66,39 @@
         free(ecparams);
 }
 
+jbyteArray getEncodedBytes(JNIEnv *env, SECItem *hSECItem)
+{
+    SECItem *s = (SECItem *)hSECItem;
+
+    jbyteArray jEncodedBytes = env->NewByteArray(s->len);
+    if (jEncodedBytes == NULL) {
+        return NULL;
+    }
+    // Copy bytes from a native SECItem buffer to Java byte array
+    env->SetByteArrayRegion(jEncodedBytes, 0, s->len, (jbyte *)s->data);
+    if (env->ExceptionCheck()) { // should never happen
+        return NULL;
+    }
+    return jEncodedBytes;
+}
+
 /*
  * Class:     sun_security_ec_ECKeyPairGenerator
  * Method:    generateECKeyPair
- * Signature: (I[B[B)[J
+ * Signature: (I[B[B)[[B
  */
-JNIEXPORT jlongArray
+JNIEXPORT jobjectArray
 JNICALL Java_sun_security_ec_ECKeyPairGenerator_generateECKeyPair
   (JNIEnv *env, jclass clazz, jint keySize, jbyteArray encodedParams, jbyteArray seed)
 {
-    ECPrivateKey *privKey = NULL; /* contains both public and private values */
+    ECPrivateKey *privKey = NULL; // contains both public and private values
     ECParams *ecparams = NULL;
     SECKEYECParams params_item;
     jint jSeedLength;
     jbyte* pSeedBuffer = NULL;
-    jlongArray result = NULL;
-    jlong* resultElements = NULL;
+    jobjectArray result = NULL;
+    jclass baCls = NULL;
+    jbyteArray jba;
 
     // Initialize the ECParams struct
     params_item.len = env->GetArrayLength(encodedParams);
@@ -111,71 +128,62 @@
     }
 
     jboolean isCopy;
-    result = env->NewLongArray(2);
+    baCls = env->FindClass("[B");
+    if (baCls == NULL) {
+        goto cleanup;
+    }
+    result = env->NewObjectArray(2, baCls, NULL);
     if (result == NULL) {
         goto cleanup;
     }
-
-    resultElements = env->GetLongArrayElements(result, &isCopy);
-    if (resultElements == NULL) {
+    jba = getEncodedBytes(env, &(privKey->privateValue));
+    if (jba == NULL) {
+        result = NULL;
+        goto cleanup;
+    }
+    env->SetObjectArrayElement(result, 0, jba); // big integer
+    if (env->ExceptionCheck()) { // should never happen
+        result = NULL;
         goto cleanup;
     }
 
-    resultElements[0] = (jlong) &(privKey->privateValue); // private big integer
-    resultElements[1] = (jlong) &(privKey->publicValue); // encoded ec point
-
-    // If the array is a copy then we must write back our changes
-    if (isCopy == JNI_TRUE) {
-        env->ReleaseLongArrayElements(result, resultElements, 0);
+    jba = getEncodedBytes(env, &(privKey->publicValue));
+    if (jba == NULL) {
+        result = NULL;
+        goto cleanup;
+    }
+    env->SetObjectArrayElement(result, 1, jba); // encoded ec point
+    if (env->ExceptionCheck()) { // should never happen
+        result = NULL;
+        goto cleanup;
     }
 
 cleanup:
     {
-        if (params_item.data)
+        if (params_item.data) {
             env->ReleaseByteArrayElements(encodedParams,
                 (jbyte *) params_item.data, JNI_ABORT);
-
-        if (ecparams)
+        }
+        if (ecparams) {
             FreeECParams(ecparams, true);
-
+        }
         if (privKey) {
             FreeECParams(&privKey->ecParams, false);
             SECITEM_FreeItem(&privKey->version, B_FALSE);
-            // Don't free privKey->privateValue and privKey->publicValue
+            SECITEM_FreeItem(&privKey->privateValue, B_FALSE);
+            SECITEM_FreeItem(&privKey->publicValue, B_FALSE);
+            free(privKey);
         }
 
-        if (pSeedBuffer)
+        if (pSeedBuffer) {
             delete [] pSeedBuffer;
+        }
     }
 
     return result;
 }
 
 /*
- * Class:     sun_security_ec_ECKeyPairGenerator
- * Method:    getEncodedBytes
- * Signature: (J)[B
- */
-JNIEXPORT jbyteArray
-JNICALL Java_sun_security_ec_ECKeyPairGenerator_getEncodedBytes
-  (JNIEnv *env, jclass clazz, jlong hSECItem)
-{
-    SECItem *s = (SECItem *)hSECItem;
-    jbyteArray jEncodedBytes = env->NewByteArray(s->len);
-    if (jEncodedBytes == NULL) {
-        return NULL;
-    }
-
-    // Copy bytes from a native SECItem buffer to Java byte array
-    env->SetByteArrayRegion(jEncodedBytes, 0, s->len, (jbyte *)s->data);
-
-    // Use B_FALSE to free only the SECItem->data
-    SECITEM_FreeItem(s, B_FALSE);
-
-    return jEncodedBytes;
-}
-
-/*
  * Class:     sun_security_ec_ECDSASignature
  * Method:    signDigest
  * Signature: ([B[B[B[B)[B
@@ -258,21 +266,26 @@
 
 cleanup:
     {
-        if (params_item.data)
+        if (params_item.data) {
             env->ReleaseByteArrayElements(encodedParams,
                 (jbyte *) params_item.data, JNI_ABORT);
-
-        if (pDigestBuffer)
+        }
+        if (privKey.privateValue.data) {
+            env->ReleaseByteArrayElements(privateKey,
+                (jbyte *) privKey.privateValue.data, JNI_ABORT);
+        }
+        if (pDigestBuffer) {
             delete [] pDigestBuffer;
-
-        if (pSignedDigestBuffer)
+        }
+        if (pSignedDigestBuffer) {
             delete [] pSignedDigestBuffer;
-
-        if (pSeedBuffer)
+        }
+        if (pSeedBuffer) {
             delete [] pSeedBuffer;
-
-        if (ecparams)
+        }
+        if (ecparams) {
             FreeECParams(ecparams, true);
+        }
     }
 
     return jSignedDigest;
--- a/src/solaris/classes/sun/net/www/protocol/http/ntlm/NTLMAuthentication.java	Wed Jul 16 16:02:51 2014 +0400
+++ b/src/solaris/classes/sun/net/www/protocol/http/ntlm/NTLMAuthentication.java	Wed Jul 16 15:12:24 2014 -0700
@@ -77,8 +77,7 @@
 
     static {
         defaultDomain = java.security.AccessController.doPrivileged(
-            new sun.security.action.GetPropertyAction("http.auth.ntlm.domain",
-                                                      "domain"));
+            new sun.security.action.GetPropertyAction("http.auth.ntlm.domain", ""));
     };
 
     public static boolean supportsTransparentAuth () {
@@ -100,17 +99,13 @@
             public String run() {
                 String localhost;
                 try {
-                    localhost = InetAddress.getLocalHost().getHostName().toUpperCase();
+                    localhost = InetAddress.getLocalHost().getHostName();
                 } catch (UnknownHostException e) {
                      localhost = "localhost";
                 }
                 return localhost;
             }
         });
-        int x = hostname.indexOf ('.');
-        if (x != -1) {
-            hostname = hostname.substring (0, x);
-        }
     };
 
     PasswordAuthentication pw;
--- a/src/solaris/native/java/lang/locale_str.h	Wed Jul 16 16:02:51 2014 +0400
+++ b/src/solaris/native/java/lang/locale_str.h	Wed Jul 16 15:12:24 2014 -0700
@@ -135,7 +135,7 @@
     "sr_SP", "sr_YU",
     "tchinese", "zh_TW",
 #endif
-    ""
+    "", "",
  };
 
 /*
@@ -188,7 +188,7 @@
     "japanese", "ja",
     "korean", "ko",
 #endif
-    "",
+    "", "",
 };
 
 /*
@@ -201,7 +201,7 @@
     "iqtelif", "Latn",
     "latin", "Latn",
 #endif
-    "",
+    "", "",
 };
 
 /*
@@ -212,7 +212,7 @@
     "RN", "US", // used on Linux, not clear what it stands for
 #endif
     "YU", "CS", // YU has been removed from ISO 3166
-    "",
+    "", "",
 };
 
 /*
@@ -220,5 +220,5 @@
  */
 static char *variant_names[] = {
     "nynorsk", "NY",
-    "",
+    "", "",
 };
--- a/src/windows/bin/java_md.c	Wed Jul 16 16:02:51 2014 +0400
+++ b/src/windows/bin/java_md.c	Wed Jul 16 15:12:24 2014 -0700
@@ -1306,6 +1306,14 @@
             /* save path length */
             jrePathLen = JLI_StrLen(libraryPath);
 
+            if (jrePathLen + JLI_StrLen("\\bin\\verify.dll") >= MAXPATHLEN) {
+              /* jre path is too long, the library path will not fit there;
+               * report and abort preloading
+               */
+              JLI_ReportErrorMessage(JRE_ERROR11);
+              break;
+            }
+
             /* load msvcrt 1st */
             LoadMSVCRT();
 
--- a/src/windows/classes/sun/awt/shell/Win32ShellFolder2.java	Wed Jul 16 16:02:51 2014 +0400
+++ b/src/windows/classes/sun/awt/shell/Win32ShellFolder2.java	Wed Jul 16 15:12:24 2014 -0700
@@ -583,11 +583,18 @@
 
     // Needs to be accessible to Win32ShellFolderManager2
     static String getFileSystemPath(final int csidl) throws IOException, InterruptedException {
-        return invoke(new Callable<String>() {
+        String path = invoke(new Callable<String>() {
             public String call() throws IOException {
                 return getFileSystemPath0(csidl);
             }
         }, IOException.class);
+        if (path != null) {
+            SecurityManager security = System.getSecurityManager();
+            if (security != null) {
+                security.checkRead(path);
+            }
+        }
+        return path;
     }
 
     // NOTE: this method uses COM and must be called on the 'COM thread'. See ComInvoker for the details
--- a/src/windows/classes/sun/awt/shell/Win32ShellFolderManager2.java	Wed Jul 16 16:02:51 2014 +0400
+++ b/src/windows/classes/sun/awt/shell/Win32ShellFolderManager2.java	Wed Jul 16 15:12:24 2014 -0700
@@ -136,6 +136,8 @@
         if (desktop == null) {
             try {
                 desktop = new Win32ShellFolder2(DESKTOP);
+            } catch (SecurityException e) {
+                // Ignore error
             } catch (IOException e) {
                 // Ignore error
             } catch (InterruptedException e) {
@@ -149,6 +151,8 @@
         if (drives == null) {
             try {
                 drives = new Win32ShellFolder2(DRIVES);
+            } catch (SecurityException e) {
+                // Ignore error
             } catch (IOException e) {
                 // Ignore error
             } catch (InterruptedException e) {
@@ -165,6 +169,8 @@
                 if (path != null) {
                     recent = createShellFolder(getDesktop(), new File(path));
                 }
+            } catch (SecurityException e) {
+                // Ignore error
             } catch (InterruptedException e) {
                 // Ignore error
             } catch (IOException e) {
@@ -178,6 +184,8 @@
         if (network == null) {
             try {
                 network = new Win32ShellFolder2(NETWORK);
+            } catch (SecurityException e) {
+                // Ignore error
             } catch (IOException e) {
                 // Ignore error
             } catch (InterruptedException e) {
@@ -201,6 +209,8 @@
                         personal.setIsPersonal();
                     }
                 }
+            } catch (SecurityException e) {
+                // Ignore error
             } catch (InterruptedException e) {
                 // Ignore error
             } catch (IOException e) {
--- a/src/windows/classes/sun/awt/windows/WToolkit.java	Wed Jul 16 16:02:51 2014 +0400
+++ b/src/windows/classes/sun/awt/windows/WToolkit.java	Wed Jul 16 15:12:24 2014 -0700
@@ -39,6 +39,7 @@
 import sun.awt.AppContext;
 import sun.awt.AWTAutoShutdown;
 import sun.awt.AWTPermissions;
+import sun.awt.AppContext;
 import sun.awt.LightweightFrame;
 import sun.awt.SunToolkit;
 import sun.awt.util.ThreadGroupUtils;
--- a/src/windows/lib/security/java.policy	Wed Jul 16 16:02:51 2014 +0400
+++ b/src/windows/lib/security/java.policy	Wed Jul 16 15:12:24 2014 -0700
@@ -1,3 +1,8 @@
 grant codeBase "file:${java.home}/lib/ext/sunmscapi.jar" {
-        permission java.security.AllPermission;
+        Permission java.lang.RuntimePermission "accessClassInPackage.sun.security.*";
+        permission java.lang.RuntimePermission "loadLibrary.sunmscapi";
+        permission java.util.PropertyPermission "*", "read";
+        permission java.security.SecurityPermission "putProviderProperty.SunMSCAPI";
+        permission java.security.SecurityPermission "clearProviderProperties.SunMSCAPI";
+        permission java.security.SecurityPermission "removeProviderProperty.SunMSCAPI";
 };
--- a/src/windows/native/java/net/DualStackPlainDatagramSocketImpl.c	Wed Jul 16 16:02:51 2014 +0400
+++ b/src/windows/native/java/net/DualStackPlainDatagramSocketImpl.c	Wed Jul 16 15:12:24 2014 -0700
@@ -467,7 +467,7 @@
  */
 JNIEXPORT void JNICALL Java_java_net_DualStackPlainDatagramSocketImpl_socketSetIntOption
   (JNIEnv *env, jclass clazz, jint fd , jint cmd, jint value) {
-    int level, opt;
+    int level = 0, opt = 0;
 
     if (NET_MapSocketOption(cmd, &level, &opt) < 0) {
         JNU_ThrowByNameWithLastError(env, JNU_JAVANETPKG "SocketException",
@@ -487,7 +487,7 @@
  */
 JNIEXPORT jint JNICALL Java_java_net_DualStackPlainDatagramSocketImpl_socketGetIntOption
   (JNIEnv *env, jclass clazz, jint fd, jint cmd) {
-    int level, opt, result=0;
+    int level = 0, opt = 0, result=0;
     int result_len = sizeof(result);
 
     if (NET_MapSocketOption(cmd, &level, &opt) < 0) {
--- a/src/windows/native/java/net/DualStackPlainSocketImpl.c	Wed Jul 16 16:02:51 2014 +0400
+++ b/src/windows/native/java/net/DualStackPlainSocketImpl.c	Wed Jul 16 15:12:24 2014 -0700
@@ -367,8 +367,8 @@
 JNIEXPORT void JNICALL Java_java_net_DualStackPlainSocketImpl_setIntOption
   (JNIEnv *env, jclass clazz, jint fd, jint cmd, jint value) {
 
-    int level, opt;
-    struct linger linger;
+    int level = 0, opt = 0;
+    struct linger linger = {0, 0};
     char *parg;
     int arglen;
 
@@ -407,9 +407,9 @@
 JNIEXPORT jint JNICALL Java_java_net_DualStackPlainSocketImpl_getIntOption
   (JNIEnv *env, jclass clazz, jint fd, jint cmd) {
 
-    int level, opt;
+    int level = 0, opt = 0;
     int result=0;
-    struct linger linger;
+    struct linger linger = {0, 0};
     char *arg;
     int arglen;
 
--- a/src/windows/native/java/net/TwoStacksPlainDatagramSocketImpl.c	Wed Jul 16 16:02:51 2014 +0400
+++ b/src/windows/native/java/net/TwoStacksPlainDatagramSocketImpl.c	Wed Jul 16 15:12:24 2014 -0700
@@ -335,6 +335,8 @@
     SOCKETADDRESS rmtaddr;
     int addrlen = sizeof(rmtaddr);
 
+    memset((char *)&rmtaddr, 0, sizeof(rmtaddr));
+
     /*
      * A no-op if this OS doesn't support it.
      */
@@ -431,9 +433,11 @@
     int ipv6_supported = ipv6_available();
 
     SOCKETADDRESS lcladdr;
-    int lcladdrlen;
+    int lcladdrlen = sizeof(lcladdr);
     int address;
 
+    memset((char *)&lcladdr, 0, sizeof(lcladdr));
+
     family = getInetAddress_family(env, addressObj);
     if (family == IPv6 && !ipv6_supported) {
         JNU_ThrowByName(env, JNU_JAVANETPKG "SocketException",
@@ -614,7 +618,7 @@
     }
     fd = (*env)->GetIntField(env, fdObj, IO_fd_fdID);
 
-    memset(&addr, 0, len);
+    memset((char *)&addr, 0, len);
     connect(fd, (struct sockaddr *)&addr, len);
 
     /*
@@ -622,7 +626,7 @@
      * to disable ICMP port unreachable handling here.
      */
     if (xp_or_later) {
-        DWORD x1, x2; /* ignored result codes */
+        DWORD x1 = 0, x2 = 0; /* ignored result codes */
         int t = FALSE;
         WSAIoctl(fd,SIO_UDP_CONNRESET,&t,sizeof(t),&x1,sizeof(x1),&x2,0,0);
     }
@@ -652,8 +656,9 @@
 
     SOCKETADDRESS rmtaddr;
     SOCKETADDRESS *addrp = &rmtaddr;
-    int addrlen;
+    int addrlen = 0;
 
+    memset((char *)&rmtaddr, 0, sizeof(rmtaddr));
 
     if (IS_NULL(packet)) {
         JNU_ThrowNullPointerException(env, "null packet");
@@ -1412,7 +1417,7 @@
     } else if (n < 0) {
         NET_ThrowCurrent(env, "Datagram receive failed");
     } else {
-        int port;
+        int port = 0;
         jobject packetAddress;
 
         /*
@@ -1791,11 +1796,11 @@
                                                       jint opt,jobject value) {
 
     int fd=-1, fd1=-1;
-    int levelv4, levelv6, optnamev4, optnamev6, optlen;
+    int levelv4 = 0, levelv6 = 0, optnamev4 = 0, optnamev6 = 0, optlen = 0;
     union {
         int i;
         char c;
-    } optval;
+    } optval = { 0 };
     int ipv6_supported = ipv6_available();
     fd = getFD(env, this);
 
@@ -2162,7 +2167,7 @@
     int level, optname, optlen;
     union {
         int i;
-    } optval;
+    } optval = {0};
     int ipv6_supported = ipv6_available();
 
     fd = getFD(env, this);
@@ -2413,12 +2418,15 @@
     struct ipv6_mreq mname6;
 
     struct in_addr in;
-    DWORD ifindex;
+    DWORD ifindex = 0;
 
     int len, family;
     int ipv6_supported = ipv6_available();
     int cmd ;
 
+    memset((char *)&in, 0, sizeof(in));
+    memset((char *)&name, 0, sizeof(name));
+
     if (IS_NULL(fdObj) && IS_NULL(fd1Obj)) {
         JNU_ThrowByName(env, JNU_JAVANETPKG "SocketException",
                         "Socket closed");
--- a/src/windows/native/java/net/TwoStacksPlainSocketImpl.c	Wed Jul 16 16:02:51 2014 +0400
+++ b/src/windows/native/java/net/TwoStacksPlainSocketImpl.c	Wed Jul 16 15:12:24 2014 -0700
@@ -207,6 +207,7 @@
 
     /* The result of the connection */
     int connect_res;
+    memset((char *)&him, 0, sizeof(him));
 
     if (!IS_NULL(fdObj)) {
         fd = (*env)->GetIntField(env, fdObj, IO_fd_fdID);
@@ -399,7 +400,7 @@
     /* fdObj is the FileDescriptor field on this */
     jobject fdObj, fd1Obj;
     /* fd is an int field on fdObj */
-    int fd, fd1, len;
+    int fd, fd1, len = 0;
     int ipv6_supported = ipv6_available();
 
     /* family is an int field of iaObj */
@@ -837,12 +838,13 @@
                                               jint cmd, jboolean on,
                                               jobject value) {
     int fd, fd1;
-    int level, optname, optlen;
+    int level = 0, optname = 0, optlen = 0;
     union {
         int i;
         struct linger ling;
     } optval;
 
+    memset((char *)&optval, 0, sizeof(optval));
     /*
      * Get SOCKET and check that it hasn't been closed
      */
@@ -1003,17 +1005,17 @@
                                               jint opt, jobject iaContainerObj) {
 
     int fd, fd1;
-    int level, optname, optlen;
+    int level = 0, optname = 0, optlen = 0;
     union {
         int i;
         struct linger ling;
     } optval;
-
     /*
      * Get SOCKET and check it hasn't been closed
      */
     fd = getFD(env, this);
     fd1 = getFD1(env, this);
+    memset((char *)&optval, 0, sizeof(optval));
 
     if (fd < 0 &&a