53 import sun.security.util.DerInputStream;

    53 import sun.security.util.DerInputStream;

    54 import sun.security.util.DerOutputStream;

    54 import sun.security.util.DerOutputStream;

    55 import sun.security.util.DerValue;

    55 import sun.security.util.DerValue;

    56 import sun.security.util.DisabledAlgorithmConstraints;

    56 import sun.security.util.DisabledAlgorithmConstraints;

    57 import sun.security.util.HexDumpEncoder;

    57 import sun.security.util.HexDumpEncoder;

    58 import sun.security.util.ObjectIdentifier;

    59 import sun.security.util.ObjectIdentifier;

    59 import sun.security.x509.AlgorithmId;

    60 import sun.security.x509.AlgorithmId;

    60 import sun.security.x509.X500Name;

    61 import sun.security.x509.X500Name;

    61 import sun.security.x509.KeyUsageExtension;

    62 import sun.security.x509.KeyUsageExtension;

    62 

    63 

   397             }

   398             }

   398 

   399 

   399             // check if the public key is restricted

   400             // check if the public key is restricted

   400             if (!JAR_DISABLED_CHECK.permits(SIG_PRIMITIVE_SET, key)) {

   401             if (!JAR_DISABLED_CHECK.permits(SIG_PRIMITIVE_SET, key)) {

   401                 throw new SignatureException("Public key check failed. " +

   402                 throw new SignatureException("Public key check failed. " +

   403             }

   406             }

   404 

   407 

   405             if (cert.hasUnsupportedCriticalExtension()) {

   408             if (cert.hasUnsupportedCriticalExtension()) {

   406                 throw new SignatureException("Certificate has unsupported "

   409                 throw new SignatureException("Certificate has unsupported "

   407                                              + "critical extension(s)");

   410                                              + "critical extension(s)");