1 /*
2  * Copyright (C) 2019 The Android Open Source Project
3  *
4  * Licensed under the Apache License, Version 2.0 (the "License");
5  * you may not use this file except in compliance with the License.
6  * You may obtain a copy of the License at
7  *
8  *      http://www.apache.org/licenses/LICENSE-2.0
9  *
10  * Unless required by applicable law or agreed to in writing, software
11  * distributed under the License is distributed on an "AS IS" BASIS,
12  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13  * See the License for the specific language governing permissions and
14  * limitations under the License.
15  */
16 
17 package android.net.ipsec.ike;
18 
19 import android.annotation.NonNull;
20 import android.annotation.SystemApi;
21 
22 import com.android.internal.net.ipsec.ike.exceptions.AuthenticationFailedException;
23 
24 import java.net.Inet6Address;
25 import java.net.UnknownHostException;
26 import java.security.cert.X509Certificate;
27 import java.util.Objects;
28 
29 /**
30  * IkeIpv6AddrIdentification represents an IKE entity identification based on IPv6 address.
31  *
32  * @hide
33  */
34 @SystemApi
35 public class IkeIpv6AddrIdentification extends IkeIdentification {
36     /** The IPv6 Address. */
37     @NonNull public final Inet6Address ipv6Address;
38 
39     /**
40      * Construct an instance of IkeIpv6AddrIdentification from a decoded inbound packet.
41      *
42      * @param ipv6AddrBytes IPv6 address in byte array.
43      * @throws AuthenticationFailedException for decoding bytes error.
44      * @hide
45      */
IkeIpv6AddrIdentification(byte[] ipv6AddrBytes)46     public IkeIpv6AddrIdentification(byte[] ipv6AddrBytes) throws AuthenticationFailedException {
47         super(ID_TYPE_IPV6_ADDR);
48         try {
49             ipv6Address = (Inet6Address) (Inet6Address.getByAddress(ipv6AddrBytes));
50         } catch (ClassCastException | UnknownHostException e) {
51             throw new AuthenticationFailedException(e);
52         }
53     }
54 
55     /**
56      * Construct an instance of {@link IkeIpv6AddrIdentification} with a IPv6 address.
57      *
58      * @param address the IPv6 address.
59      */
IkeIpv6AddrIdentification(@onNull Inet6Address address)60     public IkeIpv6AddrIdentification(@NonNull Inet6Address address) {
61         super(ID_TYPE_IPV6_ADDR);
62         ipv6Address = address;
63     }
64 
65     /** @hide */
66     @Override
hashCode()67     public int hashCode() {
68         // idType is also hashed to prevent collisions with other IkeAuthentication subtypes
69         return Objects.hash(idType, ipv6Address);
70     }
71 
72     /** @hide */
73     @Override
equals(Object o)74     public boolean equals(Object o) {
75         if (!(o instanceof IkeIpv6AddrIdentification)) return false;
76 
77         // idType already verified based on class type; no need to check again.
78         return ipv6Address.equals(((IkeIpv6AddrIdentification) o).ipv6Address);
79     }
80 
81     /** @hide */
82     @Override
getIdTypeString()83     public String getIdTypeString() {
84         return "IPv6 Address";
85     }
86 
87     /** @hide */
88     @Override
validateEndCertIdOrThrow(X509Certificate endCert)89     public void validateEndCertIdOrThrow(X509Certificate endCert)
90             throws AuthenticationFailedException {
91         // The corresponding SAN type is IP Address as per RFC 7296
92         validateEndCertSanOrThrow(endCert, SAN_TYPE_IP_ADDRESS, ipv6Address.getHostAddress());
93     }
94 
95     /**
96      * Retrieve the byte-representation of the IPv6 address.
97      *
98      * @return the byte-representation of the IPv6 address.
99      * @hide
100      */
101     @Override
getEncodedIdData()102     public byte[] getEncodedIdData() {
103         return ipv6Address.getAddress();
104     }
105 }
106