1 /* 2 * Copyright (C) 2019 The Android Open Source Project 3 * 4 * Licensed under the Apache License, Version 2.0 (the "License"); 5 * you may not use this file except in compliance with the License. 6 * You may obtain a copy of the License at 7 * 8 * http://www.apache.org/licenses/LICENSE-2.0 9 * 10 * Unless required by applicable law or agreed to in writing, software 11 * distributed under the License is distributed on an "AS IS" BASIS, 12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 * See the License for the specific language governing permissions and 14 * limitations under the License. 15 */ 16 17 package android.net.ipsec.ike; 18 19 import android.annotation.NonNull; 20 import android.annotation.SystemApi; 21 22 import com.android.internal.net.ipsec.ike.exceptions.AuthenticationFailedException; 23 24 import java.net.Inet6Address; 25 import java.net.UnknownHostException; 26 import java.security.cert.X509Certificate; 27 import java.util.Objects; 28 29 /** 30 * IkeIpv6AddrIdentification represents an IKE entity identification based on IPv6 address. 31 * 32 * @hide 33 */ 34 @SystemApi 35 public class IkeIpv6AddrIdentification extends IkeIdentification { 36 /** The IPv6 Address. */ 37 @NonNull public final Inet6Address ipv6Address; 38 39 /** 40 * Construct an instance of IkeIpv6AddrIdentification from a decoded inbound packet. 41 * 42 * @param ipv6AddrBytes IPv6 address in byte array. 43 * @throws AuthenticationFailedException for decoding bytes error. 44 * @hide 45 */ IkeIpv6AddrIdentification(byte[] ipv6AddrBytes)46 public IkeIpv6AddrIdentification(byte[] ipv6AddrBytes) throws AuthenticationFailedException { 47 super(ID_TYPE_IPV6_ADDR); 48 try { 49 ipv6Address = (Inet6Address) (Inet6Address.getByAddress(ipv6AddrBytes)); 50 } catch (ClassCastException | UnknownHostException e) { 51 throw new AuthenticationFailedException(e); 52 } 53 } 54 55 /** 56 * Construct an instance of {@link IkeIpv6AddrIdentification} with a IPv6 address. 57 * 58 * @param address the IPv6 address. 59 */ IkeIpv6AddrIdentification(@onNull Inet6Address address)60 public IkeIpv6AddrIdentification(@NonNull Inet6Address address) { 61 super(ID_TYPE_IPV6_ADDR); 62 ipv6Address = address; 63 } 64 65 /** @hide */ 66 @Override hashCode()67 public int hashCode() { 68 // idType is also hashed to prevent collisions with other IkeAuthentication subtypes 69 return Objects.hash(idType, ipv6Address); 70 } 71 72 /** @hide */ 73 @Override equals(Object o)74 public boolean equals(Object o) { 75 if (!(o instanceof IkeIpv6AddrIdentification)) return false; 76 77 // idType already verified based on class type; no need to check again. 78 return ipv6Address.equals(((IkeIpv6AddrIdentification) o).ipv6Address); 79 } 80 81 /** @hide */ 82 @Override getIdTypeString()83 public String getIdTypeString() { 84 return "IPv6 Address"; 85 } 86 87 /** @hide */ 88 @Override validateEndCertIdOrThrow(X509Certificate endCert)89 public void validateEndCertIdOrThrow(X509Certificate endCert) 90 throws AuthenticationFailedException { 91 // The corresponding SAN type is IP Address as per RFC 7296 92 validateEndCertSanOrThrow(endCert, SAN_TYPE_IP_ADDRESS, ipv6Address.getHostAddress()); 93 } 94 95 /** 96 * Retrieve the byte-representation of the IPv6 address. 97 * 98 * @return the byte-representation of the IPv6 address. 99 * @hide 100 */ 101 @Override getEncodedIdData()102 public byte[] getEncodedIdData() { 103 return ipv6Address.getAddress(); 104 } 105 } 106