2362N/A * Copyright (c) 1997, 2002, Oracle and/or its affiliates. All rights reserved. 0N/A * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. 0N/A * This code is free software; you can redistribute it and/or modify it 0N/A * under the terms of the GNU General Public License version 2 only, as 2362N/A * published by the Free Software Foundation. Oracle designates this 0N/A * particular file as subject to the "Classpath" exception as provided 2362N/A * by Oracle in the LICENSE file that accompanied this code. 0N/A * This code is distributed in the hope that it will be useful, but WITHOUT 0N/A * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or 0N/A * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License 0N/A * version 2 for more details (a copy is included in the LICENSE file that 0N/A * accompanied this code). 0N/A * You should have received a copy of the GNU General Public License version 0N/A * 2 along with this work; if not, write to the Free Software Foundation, 0N/A * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. 2362N/A * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA 2362N/A * or visit www.oracle.com if you need additional information or have any 0N/A * This class implements the IPAddressName as required by the GeneralNames 0N/A * ASN.1 object. Both IPv4 and IPv6 addresses are supported using the 0N/A * formats specified in IETF PKIX RFC2459. 0N/A * [RFC2459 4.2.1.7 Subject Alternative Name] 0N/A * When the subjectAltName extension contains a iPAddress, the address 0N/A * MUST be stored in the octet string in "network byte order," as 0N/A * specified in RFC 791. The least significant bit (LSB) of 0N/A * each octet is the LSB of the corresponding byte in the network 0N/A * address. For IP Version 4, as specified in RFC 791, the octet string 0N/A * MUST contain exactly four octets. For IP Version 6, as specified in 0N/A * RFC 1883, the octet string MUST contain exactly sixteen octets. 0N/A * [RFC2459 4.2.1.11 Name Constraints] 0N/A * The syntax of iPAddress MUST be as described in section 4.2.1.7 with 0N/A * the following additions specifically for Name Constraints. For IPv4 0N/A * addresses, the ipAddress field of generalName MUST contain eight (8) 0N/A * octets, encoded in the style of RFC 1519 (CIDR) to represent an 0N/A * address range.[RFC 1519] For IPv6 addresses, the ipAddress field 0N/A * MUST contain 32 octets similarly encoded. For example, a name 0N/A * constraint for "class C" subnet 10.9.8.0 shall be represented as the 0N/A * octets 0A 09 08 00 FF FF FF 00, representing the CIDR notation 0N/A * 10.9.8.0/255.255.255.0. 0N/A * @see GeneralNameInterface 0N/A * @author Amit Kapoor 0N/A * @author Hemma Prafullchandra 0N/A * Create the IPAddressName object from the passed encoded Der value. 0N/A * @params derValue the encoded DER IPAddressName. 0N/A * @exception IOException on error. 0N/A * Create the IPAddressName object with the specified octets. 0N/A * @params address the IP address 0N/A * @throws IOException if address is not a valid IPv4 or IPv6 address 0N/A * A valid address must consist of 4 bytes of address and 0N/A * optional 4 bytes of 4 bytes of mask, or 16 bytes of address 0N/A * and optional 16 bytes of mask. 0N/A * Create an IPAddressName from a String. 0N/A * [IETF RFC1338 Supernetting & IETF RFC1519 Classless Inter-Domain 0N/A * Routing (CIDR)] For IPv4 addresses, the forms are 0N/A * byte values 0-255 and m1 - m4 are decimal mask values 0N/A * [IETF RFC2373 IP Version 6 Addressing Architecture] 0N/A * For IPv6 addresses, the forms are "a1:a2:...:a8" or "a1:a2:...:a8/n", 0N/A * where a1-a8 are hexadecimal values representing the eight 16-bit pieces 0N/A * of the address. If /n is used, n is a decimal number indicating how many 0N/A * of the leftmost contiguous bits of the address comprise the prefix for 0N/A * this subnet. Internally, a mask value is created using the prefix length. 0N/A * @param name String form of IPAddressName 0N/A * @throws IOException if name can not be converted to a valid IPv4 or IPv6 0N/A // name is IPv6: uses colons as value separators 0N/A // Parse name into byte-value address components and optional 0N/A //name is IPv4: uses dots as value separators 0N/A * Parse an IPv4 address. 0N/A * @param name IPv4 address with optional mask values 0N/A * @throws IOException on error 0N/A // Parse name into byte-value address components 0N/A // parse base address 0N/A * Parse an IPv6 address. 0N/A * @param name String IPv6 address with optional /<prefix length> 0N/A * If /<prefix length> is present, address[] array will 0N/A * be 32 bytes long, otherwise 16. 0N/A * @throws IOException on error 0N/A // append a mask corresponding to the num of prefix bits specified 0N/A // create new bit array initialized to zeros 0N/A // set all most significant bits up to prefix length 0N/A // copy mask bytes into mask portion of address 0N/A * Return the type of the GeneralName. 0N/A * Encode the IPAddress name into the DerOutputStream. 0N/A * @params out the DER stream to encode the IPAddressName to. 0N/A * @exception IOException on encoding errors. 0N/A * Return a printable string of IPaddress 0N/A // dump out hex rep for debugging purposes 0N/A * Return a standard String representation of IPAddress. 0N/A * See IPAddressName(String) for the formats used for IPv4 0N/A * and IPv6 addresses. 0N/A * @throws IOException if the IPAddress cannot be converted to a String 0N/A //IPv4 address or subdomain 0N/A //IPv6 address or subdomain 0N/A // IPv6 subdomain: display prefix length 0N/A // copy subdomain into new array and convert to BitArray 0N/A for (
int i=
16; i <
32; i++)
0N/A // Find first zero bit 0N/A for (; i <
16*
8; i++) {
0N/A // Verify remaining bits 0 0N/A for (; i <
16*
8; i++) {
0N/A "bit " + i +
" not contiguous");
0N/A * Returns this IPAddress name as a byte array. 0N/A * Compares this name with another, for equality. 0N/A * @return true iff the names are identical. 0N/A // Two subnet addresses 0N/A // Mask each and compare masked values 0N/A // Now compare masks 0N/A // Two IPv4 host addresses or two IPv6 host addresses 0N/A * Returns the hash code value for this object. 0N/A * @return a hash code value for this object. 0N/A * Return type of constraint inputName places on this name:<ul> 0N/A * <li>NAME_DIFF_TYPE = -1: input name is different type from name 0N/A * (i.e. does not constrain). 0N/A * <li>NAME_MATCH = 0: input name matches name. 0N/A * <li>NAME_NARROWS = 1: input name narrows name (is lower in the naming 0N/A * <li>NAME_WIDENS = 2: input name widens name (is higher in the naming 0N/A * <li>NAME_SAME_TYPE = 3: input name does not match or narrow name, but 0N/A * </ul>. These results are used in checking NameConstraints during 0N/A * certification path verification. 0N/A * [RFC2459] The syntax of iPAddress MUST be as described in section 0N/A * 4.2.1.7 with the following additions specifically for Name Constraints. 0N/A * For IPv4 addresses, the ipAddress field of generalName MUST contain 0N/A * eight (8) octets, encoded in the style of RFC 1519 (CIDR) to represent an 0N/A * address range.[RFC 1519] For IPv6 addresses, the ipAddress field 0N/A * MUST contain 32 octets similarly encoded. For example, a name 0N/A * constraint for "class C" subnet 10.9.8.0 shall be represented as the 0N/A * octets 0A 09 08 00 FF FF FF 00, representing the CIDR notation 0N/A * 10.9.8.0/255.255.255.0. 0N/A * @param inputName to be checked for being constrained 0N/A * @returns constraint type above 0N/A * @throws UnsupportedOperationException if name is not exact match, but 0N/A * narrowing and widening are not supported for this name type. 0N/A // Two host addresses 0N/A // Two subnet addresses 0N/A // See if one address fully encloses the other address 0N/A //Other is a subnet, this is a host address 0N/A // Mask this address by other address mask and compare to other address 0N/A // If all match, then this address is in other address subnet 0N/A //This is a subnet, other is a host address 0N/A // Mask other address by this address mask and compare to this address 0N/A * Return subtree depth of this name for purposes of determining 0N/A * NameConstraints minimum and maximum bounds and for calculating 0N/A * path lengths in name subtrees. 0N/A * @returns distance of name from root 0N/A * @throws UnsupportedOperationException if not supported for this name type 0N/A (
"subtreeDepth() not defined for IPAddressName");