X500Name: add method to get all attributes of a given type

To implement a profile default that copies the CN to a SAN dNSName,
we need to examine the CN values present in the Subject DN.
Specifically, we want to look at the "most specific" CN value.  The
'getCommonName' method returns the "least specific" value in the
name, thus is not suitable.

Add the 'getAttributesForOid(ObjectIdentifier)' method, which
returns an ordered list of values of the given name attribute type,
from least specific to most specific.

Part of: https://fedorahosted.org/pki/ticket/1710

1 files changed, 21 insertions, 0 deletions

diff --git a/base/util/src/netscape/security/x509/X500Name.java b/base/util/src/netscape/security/x509/X500Name.java
index 0f75f481c..c8627a93c 100644
--- a/base/util/src/netscape/security/x509/X500Name.java
+++ b/base/util/src/netscape/security/x509/X500Name.java
@@ -19,8 +19,10 @@ package netscape.security.x509;
 
 import java.io.IOException;
 import java.security.Principal;
+import java.util.ArrayList;
 import java.util.Arrays;
 import java.util.Enumeration;
+import java.util.List;
 import java.util.Vector;
 
 import netscape.security.util.DerInputStream;
@@ -451,6 +453,25 @@ public class X500Name implements Principal, GeneralNameInterface {
     }
 
     /**
+     * Return a list of attributes of the given type.
+     *
+     * The "most specific" value comes last.
+     *
+     * If there are no name attributes of the given type, an empty
+     * list is returned.
+     */
+    public List<String> getAttributesForOid(ObjectIdentifier oid)
+            throws IOException {
+        List<String> xs = new ArrayList<>();
+        for (int i = 0; i < names.length; i++) {
+            DerValue v = names[i].findAttribute(oid);
+            if (v != null)
+                xs.add(getString(v));
+        }
+        return xs;
+    }
+
+    /**
      * Returns a Ldap DN String from the X500Name
      * using the specified LdapDNStrconverter.
      * For example, RFC1779String converter can be passed to convert the