Add getSubjectAlternativeNames() to certificate JCE

Change-Id: I4a486878447111fa53d0d78ae9c2bf9365e154ed

3 files changed, 50 insertions, 6 deletions

diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/DERT61String.java b/bcprov/src/main/java/org/bouncycastle/asn1/DERT61String.java
index ee2979b..f023e7f 100644
--- a/bcprov/src/main/java/org/bouncycastle/asn1/DERT61String.java
+++ b/bcprov/src/main/java/org/bouncycastle/asn1/DERT61String.java
@@ -70,12 +70,16 @@ public class DERT61String
     public DERT61String(
         String   string)
     {
-        this.string = Strings.toByteArray(string);
+        // BEGIN android-changed
+        this.string = Strings.toUTF8ByteArray(string);
+        // END android-changed
     }
 
     public String getString()
     {
-        return Strings.fromByteArray(string);
+        // BEGIN android-changed
+        return Strings.fromUTF8ByteArray(string);
+        // END android-changed
     }
 
     public String toString()
diff --git a/bcprov/src/main/java/org/bouncycastle/jce/provider/X509CertificateObject.java b/bcprov/src/main/java/org/bouncycastle/jce/provider/X509CertificateObject.java
index e529836..ebd2343 100644
--- a/bcprov/src/main/java/org/bouncycastle/jce/provider/X509CertificateObject.java
+++ b/bcprov/src/main/java/org/bouncycastle/jce/provider/X509CertificateObject.java
@@ -20,6 +20,9 @@ import java.security.cert.CertificateNotYetValidException;
 import java.security.cert.CertificateParsingException;
 import java.security.cert.X509Certificate;
 import java.util.ArrayList;
+// BEGIN android-added
+import java.util.Collection;
+// END android-added
 import java.util.Collections;
 import java.util.Date;
 import java.util.Enumeration;
@@ -57,6 +60,9 @@ import org.bouncycastle.jce.X509Principal;
 import org.bouncycastle.jce.interfaces.PKCS12BagAttributeCarrier;
 import org.bouncycastle.util.Arrays;
 import org.bouncycastle.util.encoders.Hex;
+// BEGIN android-added
+import org.bouncycastle.x509.extension.X509ExtensionUtil;
+// END android-added
 
 public class X509CertificateObject
     extends X509Certificate
@@ -823,4 +829,10 @@ public class X509CertificateObject
         
         return id1.getParameters().equals(id2.getParameters());
     }
+    // BEGIN android-added
+    public Collection<List<?>> getSubjectAlternativeNames() throws CertificateParsingException
+    {
+        return X509ExtensionUtil.getSubjectAlternativeNames(this);
+    }
+    // END android-added
 }
diff --git a/bcprov/src/main/java/org/bouncycastle/x509/extension/X509ExtensionUtil.java b/bcprov/src/main/java/org/bouncycastle/x509/extension/X509ExtensionUtil.java
index 048f31b..0a6a7c4 100644
--- a/bcprov/src/main/java/org/bouncycastle/x509/extension/X509ExtensionUtil.java
+++ b/bcprov/src/main/java/org/bouncycastle/x509/extension/X509ExtensionUtil.java
@@ -1,6 +1,10 @@
 package org.bouncycastle.x509.extension;
 
 import java.io.IOException;
+// BEGIN android-added
+import java.net.InetAddress;
+import java.net.UnknownHostException;
+// END android-added
 import java.security.cert.CertificateParsingException;
 import java.security.cert.X509Certificate;
 import java.util.ArrayList;
@@ -18,6 +22,9 @@ import org.bouncycastle.asn1.DERSequence;
 import org.bouncycastle.asn1.x500.X500Name;
 import org.bouncycastle.asn1.x509.GeneralName;
 import org.bouncycastle.asn1.x509.X509Extension;
+// BEGIN android-added
+import org.bouncycastle.asn1.x509.X509Name;
+// END android-added
 
 
 public class X509ExtensionUtil
@@ -52,7 +59,9 @@ public class X509ExtensionUtil
     {
         if (extVal == null)
         {
-            return Collections.EMPTY_LIST;
+            // BEGIN android-changed
+            return null;
+            // END android-changed
         }
         try
         {
@@ -70,10 +79,15 @@ public class X509ExtensionUtil
                 case GeneralName.ediPartyName:
                 case GeneralName.x400Address:
                 case GeneralName.otherName:
-                    list.add(genName.getName().toASN1Primitive());
+                    // BEGIN android-changed
+                    list.add(genName.getEncoded());
+                    // END android-changed
                     break;
                 case GeneralName.directoryName:
-                    list.add(X500Name.getInstance(genName.getName()).toString());
+                    // BEGIN android-changed
+                    list.add(X509Name.getInstance(genName.getName()).toString(true,
+                            X509Name.DefaultSymbols));
+                    // END android-changed
                     break;
                 case GeneralName.dNSName:
                 case GeneralName.rfc822Name:
@@ -84,7 +98,16 @@ public class X509ExtensionUtil
                     list.add(ASN1ObjectIdentifier.getInstance(genName.getName()).getId());
                     break;
                 case GeneralName.iPAddress:
-                    list.add(DEROctetString.getInstance(genName.getName()).getOctets());
+                    // BEGIN android-changed
+                    byte[] addrBytes = DEROctetString.getInstance(genName.getName()).getOctets();
+                    final String addr;
+                    try {
+                        addr = InetAddress.getByAddress(addrBytes).getHostAddress();
+                    } catch (UnknownHostException e) {
+                        continue;
+                    }
+                    list.add(addr);
+                    // END android-changed
                     break;
                 default:
                     throw new IOException("Bad tag number: " + genName.getTagNo());
@@ -92,6 +115,11 @@ public class X509ExtensionUtil
 
                 temp.add(list);
             }
+            // BEGIN android-added
+            if (temp.size() == 0) {
+                return null;
+            }
+            // END android-added
             return Collections.unmodifiableCollection(temp);
         }
         catch (Exception e)