1 /*
2  * Copyright (C) 2019 The Android Open Source Project
3  *
4  * Licensed under the Apache License, Version 2.0 (the "License");
5  * you may not use this file except in compliance with the License.
6  * You may obtain a copy of the License at
7  *
8  *      http://www.apache.org/licenses/LICENSE-2.0
9  *
10  * Unless required by applicable law or agreed to in writing, software
11  * distributed under the License is distributed on an "AS IS" BASIS,
12  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13  * See the License for the specific language governing permissions and
14  * limitations under the License.
15  */
16 
17 package android.net.ipsec.ike;
18 
19 import android.annotation.NonNull;
20 import android.net.InetAddresses;
21 import android.net.ipsec.ike.exceptions.AuthenticationFailedException;
22 import android.os.PersistableBundle;
23 
24 import java.net.Inet4Address;
25 import java.net.UnknownHostException;
26 import java.security.cert.X509Certificate;
27 import java.util.Objects;
28 
29 /** IkeIpv4AddrIdentification represents an IKE entity identification based on IPv4 address. */
30 public final class IkeIpv4AddrIdentification extends IkeIdentification {
31     private static final String IP_ADDRESS_KEY = "ipv4Address";
32     /** The IPv4 address. */
33     @NonNull public final Inet4Address ipv4Address;
34 
35     /**
36      * Construct an instance of IkeIpv4AddrIdentification from a decoded inbound packet.
37      *
38      * @param ipv4AddrBytes IPv4 address in byte array.
39      * @throws AuthenticationFailedException for decoding bytes error.
40      * @hide
41      */
IkeIpv4AddrIdentification(byte[] ipv4AddrBytes)42     public IkeIpv4AddrIdentification(byte[] ipv4AddrBytes) throws AuthenticationFailedException {
43         super(ID_TYPE_IPV4_ADDR);
44         try {
45             ipv4Address = (Inet4Address) (Inet4Address.getByAddress(ipv4AddrBytes));
46         } catch (ClassCastException | UnknownHostException e) {
47             throw new AuthenticationFailedException(e);
48         }
49     }
50 
51     /**
52      * Construct an instance of {@link IkeIpv4AddrIdentification} with an IPv4 address.
53      *
54      * @param address the IPv4 address.
55      */
IkeIpv4AddrIdentification(@onNull Inet4Address address)56     public IkeIpv4AddrIdentification(@NonNull Inet4Address address) {
57         super(ID_TYPE_IPV4_ADDR);
58         ipv4Address = address;
59     }
60 
61     /**
62      * Constructs this object by deserializing a PersistableBundle
63      *
64      * @hide
65      */
66     @NonNull
fromPersistableBundle(@onNull PersistableBundle in)67     public static IkeIpv4AddrIdentification fromPersistableBundle(@NonNull PersistableBundle in) {
68         Objects.requireNonNull(in, "PersistableBundle is null");
69 
70         return new IkeIpv4AddrIdentification(
71                 (Inet4Address) InetAddresses.parseNumericAddress(in.getString(IP_ADDRESS_KEY)));
72     }
73     /**
74      * Serializes this object to a PersistableBundle
75      *
76      * @hide
77      */
78     @Override
79     @NonNull
toPersistableBundle()80     public PersistableBundle toPersistableBundle() {
81         final PersistableBundle result = super.toPersistableBundle();
82         result.putString(IP_ADDRESS_KEY, ipv4Address.getHostAddress());
83         return result;
84     }
85 
86     /** @hide */
87     @Override
hashCode()88     public int hashCode() {
89         // idType is also hashed to prevent collisions with other IkeAuthentication subtypes
90         return Objects.hash(idType, ipv4Address);
91     }
92 
93     /** @hide */
94     @Override
equals(Object o)95     public boolean equals(Object o) {
96         if (!(o instanceof IkeIpv4AddrIdentification)) return false;
97 
98         // idType already verified based on class type; no need to check again.
99         return ipv4Address.equals(((IkeIpv4AddrIdentification) o).ipv4Address);
100     }
101 
102     /** @hide */
103     @Override
getIdTypeString()104     public String getIdTypeString() {
105         return "IPv4 Address";
106     }
107 
108     /** @hide */
109     @Override
validateEndCertIdOrThrow(X509Certificate endCert)110     public void validateEndCertIdOrThrow(X509Certificate endCert)
111             throws AuthenticationFailedException {
112         // The corresponding SAN type is IP Address as per RFC 7296
113         validateEndCertSanOrThrow(endCert, SAN_TYPE_IP_ADDRESS, ipv4Address.getHostAddress());
114     }
115 
116     /**
117      * Retrieve the byte-representation of the IPv4 address.
118      *
119      * @return the byte-representation of the IPv4 address.
120      * @hide
121      */
122     @Override
getEncodedIdData()123     public byte[] getEncodedIdData() {
124         return ipv4Address.getAddress();
125     }
126 }
127