+ for (RDN r : parsed.getSubjectName().rdns()) {
+ for (AVA a : r.avas()) {
+ if (a.getObjectIdentifier().equals((Object) PKCS9Attribute.EMAIL_ADDRESS_OID)) {
+ SANs.add(new SubjectAlternateName(SANType.EMAIL, a.getValueString()));
+ } else if (a.getObjectIdentifier().equals((Object) X500Name.commonName_oid)) {
+ CN = a.getValueString();
+ }
+ }
+ }
+
+ for (Extension c : ((CertificateExtensions) b.getAttributeValue()).getAllExtensions()) {
+ if (c instanceof SubjectAlternativeNameExtension) {
+
+ SubjectAlternativeNameExtension san = (SubjectAlternativeNameExtension) c;
+ GeneralNames obj = san.get(SubjectAlternativeNameExtension.SUBJECT_NAME);
+ for (int i = 0; i < obj.size(); i++) {
+ GeneralName generalName = obj.get(i);
+ GeneralNameInterface peeled = generalName.getName();
+ if (peeled instanceof DNSName) {
+ SANs.add(new SubjectAlternateName(SANType.DNS, ((DNSName) peeled).getName()));
+ } else if (peeled instanceof RFC822Name) {
+ SANs.add(new SubjectAlternateName(SANType.EMAIL, ((RFC822Name) peeled).getName()));
+ }
+ }
+ } else if (c instanceof ExtendedKeyUsageExtension) {
+ ExtendedKeyUsageExtension ekue = (ExtendedKeyUsageExtension) c;
+ for (String s : ekue.getExtendedKeyUsage()) {
+ if (s.equals("1.3.6.1.5.5.7.3.1")) {
+ // server
+ } else if (s.equals("1.3.6.1.5.5.7.3.2")) {
+ // client
+ } else if (s.equals("1.3.6.1.5.5.7.3.3")) {
+ // code sign
+ } else if (s.equals("1.3.6.1.5.5.7.3.4")) {
+ // emailProtection
+ } else if (s.equals("1.3.6.1.5.5.7.3.8")) {
+ // timestamp
+ } else if (s.equals("1.3.6.1.5.5.7.3.9")) {
+ // OCSP
+ }
+ }
+ } else {
+ // Unknown requested extension
+ }
+ }
+
+ }