1 /*
2  * Copyright (C) 2019 The Android Open Source Project
3  *
4  * Licensed under the Apache License, Version 2.0 (the "License");
5  * you may not use this file except in compliance with the License.
6  * You may obtain a copy of the License at
7  *
8  *      http://www.apache.org/licenses/LICENSE-2.0
9  *
10  * Unless required by applicable law or agreed to in writing, software
11  * distributed under the License is distributed on an "AS IS" BASIS,
12  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13  * See the License for the specific language governing permissions and
14  * limitations under the License.
15  */
16 
17 package android.net.ipsec.ike;
18 
19 import android.annotation.NonNull;
20 import android.annotation.SystemApi;
21 
22 import com.android.internal.net.ipsec.ike.exceptions.AuthenticationFailedException;
23 
24 import java.nio.charset.Charset;
25 import java.security.cert.X509Certificate;
26 import java.util.Objects;
27 
28 /**
29  * IkeRfc822AddrIdentification represents an IKE entity identification based on a fully-qualified
30  * RFC 822 email address ID (e.g. ike@android.com).
31  *
32  * @hide
33  */
34 @SystemApi
35 public final class IkeRfc822AddrIdentification extends IkeIdentification {
36     private static final Charset UTF8 = Charset.forName("UTF-8");
37 
38     /** The fully-qualified RFC 822 email addres. */
39     @NonNull public final String rfc822Name;
40 
41     /**
42      * Construct an instance of IkeRfc822AddrIdentification from a decoded inbound packet.
43      *
44      * @param rfc822NameBytes fully-qualified RFC 822 email address in byte array.
45      * @hide
46      */
IkeRfc822AddrIdentification(byte[] rfc822NameBytes)47     public IkeRfc822AddrIdentification(byte[] rfc822NameBytes) {
48         super(ID_TYPE_RFC822_ADDR);
49         rfc822Name = new String(rfc822NameBytes, UTF8);
50     }
51 
52     /**
53      * Construct an instance of {@link IkeRfc822AddrIdentification} with a fully-qualified RFC 822
54      * email address.
55      *
56      * @param rfc822Name the fully-qualified RFC 822 email address.
57      */
IkeRfc822AddrIdentification(@onNull String rfc822Name)58     public IkeRfc822AddrIdentification(@NonNull String rfc822Name) {
59         super(ID_TYPE_RFC822_ADDR);
60         this.rfc822Name = rfc822Name;
61     }
62 
63     /** @hide */
64     @Override
hashCode()65     public int hashCode() {
66         // idType is also hashed to prevent collisions with other IkeAuthentication subtypes
67         return Objects.hash(idType, rfc822Name);
68     }
69 
70     /** @hide */
71     @Override
equals(Object o)72     public boolean equals(Object o) {
73         if (!(o instanceof IkeRfc822AddrIdentification)) return false;
74 
75         // idType already verified based on class type; no need to check again.
76         return rfc822Name.equals(((IkeRfc822AddrIdentification) o).rfc822Name);
77     }
78 
79     /** @hide */
80     @Override
getIdTypeString()81     public String getIdTypeString() {
82         return "RFC822 Address";
83     }
84 
85     /** @hide */
86     @Override
validateEndCertIdOrThrow(X509Certificate endCert)87     public void validateEndCertIdOrThrow(X509Certificate endCert)
88             throws AuthenticationFailedException {
89         // The corresponding SAN type is RFC822 Name as per RFC 7296
90         validateEndCertSanOrThrow(endCert, SAN_TYPE_RFC822_NAME, rfc822Name);
91     }
92 
93     /**
94      * Retrieve the byte-representation of the the RFC 822 email address.
95      *
96      * @return the byte-representation of the RFC 822 email address.
97      * @hide
98      */
99     @Override
getEncodedIdData()100     public byte[] getEncodedIdData() {
101         return rfc822Name.getBytes(UTF8);
102     }
103 }
104