private static collection getalternativenames(byte[] extval) throws certificateparsingexception {
    if (extval == null) {
      return null;
    }
    try {
      collection temp = new arraylist();
      enumeration it = asn1sequence.getinstance(extval).getobjects();
      while (it.hasmoreelements()) {
        generalname genname = generalname.getinstance(it.nextelement());
        list list = new arraylist();
        list.add(integers.valueof(genname.gettagno()));
        switch (genname.gettagno()) {
          case generalname.edipartyname:
          case generalname.x400address:
          case generalname.othername:
            list.add(genname.getencoded());
            break;
          case generalname.directoryname:
            list.add(x500name.getinstance(rfc4519style.instance, genname.getname()).tostring());
            break;
          case generalname.dnsname:
          case generalname.rfc822name:
          case generalname.uniformresourceidentifier:
            list.add(((asn1string) genname.getname()).getstring());
            break;
          case generalname.registeredid:
            list.add(asn1objectidentifier.getinstance(genname.getname()).getid());
            break;
          case generalname.ipaddress:
            byte[] addrbytes = deroctetstring.getinstance(genname.getname()).getoctets();
            final string addr;
            try {
              addr = inetaddress.getbyaddress(addrbytes).gethostaddress();
            } catch (unknownhostexception e) {
              continue;
            }
            list.add(addr);
            break;
          default:
            throw new ioexception("bad tag number: " + genname.gettagno());
        }

        temp.add(collections.unmodifiablelist(list));
      }
      if (temp.size() == 0) {
        return null;
      }
      return collections.unmodifiablecollection(temp);
    } catch (exception e) {
      throw new certificateparsingexception(e.getmessage());
    }
  }
  public list getextendedkeyusage() throws certificateparsingexception {
    byte[] bytes = this.getextensionbytes("2.5.29.37");

    if (bytes != null) {
      try {
        asn1inputstream din = new asn1inputstream(bytes);
        asn1sequence seq = (asn1sequence) din.readobject();
        list list = new arraylist();

        for (int i = 0; i != seq.size(); i++) {
          list.add(((asn1objectidentifier) seq.getobjectat(i)).getid());
        }

        return collections.unmodifiablelist(list);
      } catch (exception e) {
        throw new certificateparsingexception("error processing extended key usage extension");
      }
    }

    return null;
  }
 /**
  * adds an additional bouncy castle {@link store} to find crls, certificates, attribute
  * certificates or cross certificates.
  *
  * <p>you should not use this method. this method is used for adding additional x.509 stores,
  * which are used to add (remote) locations, e.g. ldap, found during x.509 object processing, e.g.
  * in certificates or crls. this method is used in pkix certification path processing.
  *
  * <p>if <code>store</code> is <code>null</code> it is ignored.
  *
  * @param store the store to add.
  * @see #getstores()
  */
 public void addadditionalstore(store store) {
   if (store != null) {
     additionalstores.add(store);
   }
 }
 /**
  * adds a bouncy castle {@link store} to find crls, certificates, attribute certificates or cross
  * certificates.
  *
  * <p>this method should be used to add local stores, like collection based x.509 stores, if
  * available. local stores should be considered first, before trying to use additional (remote)
  * locations, because they do not need possible additional network traffic.
  *
  * <p>if <code>store</code> is <code>null</code> it is ignored.
  *
  * @param store the store to add.
  * @see #getstores
  */
 public void addstore(store store) {
   if (store != null) {
     stores.add(store);
   }
 }