android: Add helper function to TrustedCertificateEntry to get subjectAltNames
[strongswan.git] / src / frontends / android / app / src / main / java / org / strongswan / android / security / TrustedCertificateEntry.java
index 143741f..5e9873d 100644 (file)
@@ -1,6 +1,6 @@
 /*
- * Copyright (C) 2012 Tobias Brunner
- * Hochschule fuer Technik Rapperswil
+ * Copyright (C) 2012-2016 Tobias Brunner
+ * HSR Hochschule fuer Technik Rapperswil
  *
  * This program is free software; you can redistribute it and/or modify it
  * under the terms of the GNU General Public License as published by the
 
 package org.strongswan.android.security;
 
-import java.security.cert.X509Certificate;
-
 import android.net.http.SslCertificate;
 
+import java.security.cert.CertificateParsingException;
+import java.security.cert.X509Certificate;
+import java.util.ArrayList;
+import java.util.Collection;
+import java.util.Collections;
+import java.util.List;
+
 public class TrustedCertificateEntry implements Comparable<TrustedCertificateEntry>
 {
        private final X509Certificate mCert;
@@ -87,6 +92,40 @@ public class TrustedCertificateEntry implements Comparable<TrustedCertificateEnt
        }
 
        /**
+        * Get a sorted list of all rfc822Name, dnSName and iPAddress subjectAltNames
+        *
+        * @return sorted list of selected SANs
+        */
+       public List<String> getSubjectAltNames()
+       {
+               List<String> list = new ArrayList<>();
+               try
+               {
+                       Collection<List<?>> sans = mCert.getSubjectAlternativeNames();
+                       if (sans != null)
+                       {
+                               for (List<?> san : sans)
+                               {
+                                       switch ((Integer)san.get(0))
+                                       {
+                                               case 1: /* rfc822Name */
+                                               case 2: /* dnSName */
+                                               case 7: /* iPAddress */
+                                                       list.add((String)san.get(1));
+                                                       break;
+                                       }
+                               }
+                       }
+                       Collections.sort(list);
+               }
+               catch(CertificateParsingException ex)
+               {
+                       ex.printStackTrace();
+               }
+               return list;
+       }
+
+       /**
         * The alias associated with this certificate.
         *
         * @return KeyStore alias of this certificate