1 /*
2  * Copyright (C) 2019 The Android Open Source Project
3  *
4  * Licensed under the Apache License, Version 2.0 (the "License");
5  * you may not use this file except in compliance with the License.
6  * You may obtain a copy of the License at
7  *
8  *      http://www.apache.org/licenses/LICENSE-2.0
9  *
10  * Unless required by applicable law or agreed to in writing, software
11  * distributed under the License is distributed on an "AS IS" BASIS,
12  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13  * See the License for the specific language governing permissions and
14  * limitations under the License.
15  */
16 
17 package android.net.ipsec.ike;
18 
19 import android.annotation.NonNull;
20 import android.net.ipsec.ike.exceptions.AuthenticationFailedException;
21 import android.os.PersistableBundle;
22 
23 import java.nio.charset.Charset;
24 import java.security.cert.X509Certificate;
25 import java.util.Objects;
26 
27 /**
28  * IkeRfc822AddrIdentification represents an IKE entity identification based on a fully-qualified
29  * RFC 822 email address ID (e.g. ike@android.com).
30  */
31 public final class IkeRfc822AddrIdentification extends IkeIdentification {
32     private static final Charset UTF8 = Charset.forName("UTF-8");
33     private static final String RFC822_NAME_KEY = "rfc822Name";
34 
35     /** The fully-qualified RFC 822 email address. */
36     @NonNull public final String rfc822Name;
37 
38     /**
39      * Construct an instance of IkeRfc822AddrIdentification from a decoded inbound packet.
40      *
41      * @param rfc822NameBytes fully-qualified RFC 822 email address in byte array.
42      * @hide
43      */
IkeRfc822AddrIdentification(byte[] rfc822NameBytes)44     public IkeRfc822AddrIdentification(byte[] rfc822NameBytes) {
45         super(ID_TYPE_RFC822_ADDR);
46         rfc822Name = new String(rfc822NameBytes, UTF8);
47     }
48 
49     /**
50      * Construct an instance of {@link IkeRfc822AddrIdentification} with a fully-qualified RFC 822
51      * email address.
52      *
53      * @param rfc822Name the fully-qualified RFC 822 email address.
54      */
IkeRfc822AddrIdentification(@onNull String rfc822Name)55     public IkeRfc822AddrIdentification(@NonNull String rfc822Name) {
56         super(ID_TYPE_RFC822_ADDR);
57         this.rfc822Name = rfc822Name;
58     }
59 
60     /**
61      * Constructs this object by deserializing a PersistableBundle
62      *
63      * @hide
64      */
65     @NonNull
fromPersistableBundle(@onNull PersistableBundle in)66     public static IkeRfc822AddrIdentification fromPersistableBundle(@NonNull PersistableBundle in) {
67         Objects.requireNonNull(in, "PersistableBundle is null");
68 
69         return new IkeRfc822AddrIdentification(in.getString(RFC822_NAME_KEY));
70     }
71     /**
72      * Serializes this object to a PersistableBundle
73      *
74      * @hide
75      */
76     @Override
77     @NonNull
toPersistableBundle()78     public PersistableBundle toPersistableBundle() {
79         final PersistableBundle result = super.toPersistableBundle();
80         result.putString(RFC822_NAME_KEY, rfc822Name);
81         return result;
82     }
83 
84     /** @hide */
85     @Override
hashCode()86     public int hashCode() {
87         // idType is also hashed to prevent collisions with other IkeAuthentication subtypes
88         return Objects.hash(idType, rfc822Name);
89     }
90 
91     /** @hide */
92     @Override
equals(Object o)93     public boolean equals(Object o) {
94         if (!(o instanceof IkeRfc822AddrIdentification)) return false;
95 
96         // idType already verified based on class type; no need to check again.
97         return rfc822Name.equals(((IkeRfc822AddrIdentification) o).rfc822Name);
98     }
99 
100     /** @hide */
101     @Override
getIdTypeString()102     public String getIdTypeString() {
103         return "RFC822 Address";
104     }
105 
106     /** @hide */
107     @Override
validateEndCertIdOrThrow(X509Certificate endCert)108     public void validateEndCertIdOrThrow(X509Certificate endCert)
109             throws AuthenticationFailedException {
110         // The corresponding SAN type is RFC822 Name as per RFC 7296
111         validateEndCertSanOrThrow(endCert, SAN_TYPE_RFC822_NAME, rfc822Name);
112     }
113 
114     /**
115      * Retrieve the byte-representation of the the RFC 822 email address.
116      *
117      * @return the byte-representation of the RFC 822 email address.
118      * @hide
119      */
120     @Override
getEncodedIdData()121     public byte[] getEncodedIdData() {
122         return rfc822Name.getBytes(UTF8);
123     }
124 }
125