private static collection getalternativenames(byte[] extval) throws certificateparsingexception {
if (extval == null) {
return null;
}
try {
collection temp = new arraylist();
enumeration it = asn1sequence.getinstance(extval).getobjects();
while (it.hasmoreelements()) {
generalname genname = generalname.getinstance(it.nextelement());
list list = new arraylist();
list.add(integers.valueof(genname.gettagno()));
switch (genname.gettagno()) {
case generalname.edipartyname:
case generalname.x400address:
case generalname.othername:
list.add(genname.getencoded());
break;
case generalname.directoryname:
list.add(x500name.getinstance(rfc4519style.instance, genname.getname()).tostring());
break;
case generalname.dnsname:
case generalname.rfc822name:
case generalname.uniformresourceidentifier:
list.add(((asn1string) genname.getname()).getstring());
break;
case generalname.registeredid:
list.add(asn1objectidentifier.getinstance(genname.getname()).getid());
break;
case generalname.ipaddress:
byte[] addrbytes = deroctetstring.getinstance(genname.getname()).getoctets();
final string addr;
try {
addr = inetaddress.getbyaddress(addrbytes).gethostaddress();
} catch (unknownhostexception e) {
continue;
}
list.add(addr);
break;
default:
throw new ioexception("bad tag number: " + genname.gettagno());
}
temp.add(collections.unmodifiablelist(list));
}
if (temp.size() == 0) {
return null;
}
return collections.unmodifiablecollection(temp);
} catch (exception e) {
throw new certificateparsingexception(e.getmessage());
}
}
public list getextendedkeyusage() throws certificateparsingexception {
byte[] bytes = this.getextensionbytes("2.5.29.37");
if (bytes != null) {
try {
asn1inputstream din = new asn1inputstream(bytes);
asn1sequence seq = (asn1sequence) din.readobject();
list list = new arraylist();
for (int i = 0; i != seq.size(); i++) {
list.add(((asn1objectidentifier) seq.getobjectat(i)).getid());
}
return collections.unmodifiablelist(list);
} catch (exception e) {
throw new certificateparsingexception("error processing extended key usage extension");
}
}
return null;
}
/**
* adds an additional bouncy castle {@link store} to find crls, certificates, attribute
* certificates or cross certificates.
*
* <p>you should not use this method. this method is used for adding additional x.509 stores,
* which are used to add (remote) locations, e.g. ldap, found during x.509 object processing, e.g.
* in certificates or crls. this method is used in pkix certification path processing.
*
* <p>if <code>store</code> is <code>null</code> it is ignored.
*
* @param store the store to add.
* @see #getstores()
*/
public void addadditionalstore(store store) {
if (store != null) {
additionalstores.add(store);
}
}
/**
* adds a bouncy castle {@link store} to find crls, certificates, attribute certificates or cross
* certificates.
*
* <p>this method should be used to add local stores, like collection based x.509 stores, if
* available. local stores should be considered first, before trying to use additional (remote)
* locations, because they do not need possible additional network traffic.
*
* <p>if <code>store</code> is <code>null</code> it is ignored.
*
* @param store the store to add.
* @see #getstores
*/
public void addstore(store store) {
if (store != null) {
stores.add(store);
}
}