2362N/A * Copyright (c) 1997, 2004, Oracle and/or its affiliates. All rights reserved. 0N/A * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. 0N/A * This code is free software; you can redistribute it and/or modify it 0N/A * under the terms of the GNU General Public License version 2 only, as 2362N/A * published by the Free Software Foundation. Oracle designates this 0N/A * particular file as subject to the "Classpath" exception as provided 2362N/A * by Oracle in the LICENSE file that accompanied this code. 0N/A * This code is distributed in the hope that it will be useful, but WITHOUT 0N/A * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or 0N/A * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License 0N/A * version 2 for more details (a copy is included in the LICENSE file that 0N/A * accompanied this code). 0N/A * You should have received a copy of the GNU General Public License version 0N/A * 2 along with this work; if not, write to the Free Software Foundation, 0N/A * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. 2362N/A * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA 2362N/A * or visit www.oracle.com if you need additional information or have any 0N/A * This class implements the URIName as required by the GeneralNames 0N/A * [RFC3280] When the subjectAltName extension contains a URI, the name MUST be 0N/A * stored in the uniformResourceIdentifier (an IA5String). The name MUST 0N/A * be a non-relative URL, and MUST follow the URL syntax and encoding 0N/A * rules specified in [RFC 1738]. The name must include both a scheme 0N/A * (e.g., "http" or "ftp") and a scheme-specific-part. The scheme- 0N/A * specific-part must include a fully qualified domain name or IP 0N/A * address as the host. 0N/A * As specified in [RFC 1738], the scheme name is not case-sensitive 0N/A * (e.g., "http" is equivalent to "HTTP"). The host part is also not 0N/A * case-sensitive, but other components of the scheme-specific-part may 0N/A * be case-sensitive. When comparing URIs, conforming implementations 0N/A * MUST compare the scheme and host without regard to case, but assume 0N/A * the remainder of the scheme-specific-part is case sensitive. 0N/A * [RFC1738] In general, URLs are written as follows: 0N/A * <scheme>:<scheme-specific-part> 0N/A * A URL contains the name of the scheme being used (<scheme>) followed 0N/A * by a colon and then a string (the <scheme-specific-part>) whose 0N/A * interpretation depends on the scheme. 0N/A * While the syntax for the rest of the URL may vary depending on the 0N/A * particular scheme selected, URL schemes that involve the direct use 0N/A * of an IP-based protocol to a specified host on the Internet use a 0N/A * common syntax for the scheme-specific data: 0N/A * //<user>:<password>@<host>:<port>/<url-path> 0N/A * [RFC2732] specifies that an IPv6 address contained inside a URL 0N/A * must be enclosed in square brackets (to allow distinguishing the 0N/A * colons that separate IPv6 components from the colons that separate 0N/A * scheme-specific data. 0N/A * @author Amit Kapoor 0N/A * @author Hemma Prafullchandra 0N/A * @author Sean Mullan 0N/A * @author Steve Hanna 0N/A * @see GeneralNameInterface 0N/A // private attributes 0N/A * Create the URIName object from the passed encoded Der value. 0N/A * @param derValue the encoded DER URIName. 0N/A * @exception IOException on error. 0N/A * Create the URIName object with the specified name. 0N/A * @param name the URIName. 0N/A * @throws IOException if name is not a proper URIName 0N/A // RFC 3280 says that the host should be non-null, but we allow it to 0N/A // be null because some widely deployed certificates contain CDP 0N/A // extensions with URIs that have no hostname (see bugs 4802236 and 0N/A // Verify host is a valid IPv6 address name 0N/A "portion is not a valid IPv6 address):" +
name);
0N/A // Not a valid DNS Name; see if it is a valid IPv4 0N/A "portion is not a valid DNS name, IPv4 address," +
0N/A * Create the URIName object with the specified name constraint. URI 0N/A * name constraints syntax is different than SubjectAltNames, etc. See 0N/A * 4.2.1.11 of RFC 3280. 0N/A * @param value the URI name constraint 0N/A * @throws IOException if name is not a proper URI name constraint 0N/A * Return the type of the GeneralName. 0N/A * Encode the URI name into the DerOutputStream. 0N/A * @param out the DER stream to encode the URIName to. 0N/A * @exception IOException on encoding errors. 0N/A * Convert the name into user readable string. 0N/A * Compares this name with another, for equality. 0N/A * @return true iff the names are equivalent according to RFC2459. 0N/A * Returns the URIName as a java.net.URI object 0N/A * Returns this URI name. 0N/A * Return the scheme name portion of a URIName 0N/A * @returns scheme portion of full name 0N/A * Return the host name or IP address portion of the URIName 0N/A * @returns host name or IP address portion of full name 0N/A * Return the host object type; if host name is a 0N/A * DNSName, then this host object does not include any 0N/A * initial "." on the name. 0N/A * @returns host name as DNSName or IPAddressName 0N/A * Returns the hash code value for this object. 0N/A * @return a hash code value for this object. 0N/A * Return type of constraint inputName places on this name:<ul> 0N/A * <li>NAME_DIFF_TYPE = -1: input name is different type from name 0N/A * (i.e. does not constrain). 0N/A * <li>NAME_MATCH = 0: input name matches name. 0N/A * <li>NAME_NARROWS = 1: input name narrows name (is lower in the naming 0N/A * <li>NAME_WIDENS = 2: input name widens name (is higher in the naming 0N/A * <li>NAME_SAME_TYPE = 3: input name does not match or narrow name, but 0N/A * These results are used in checking NameConstraints during 0N/A * certification path verification. 0N/A * RFC3280: For URIs, the constraint applies to the host part of the name. 0N/A * The constraint may specify a host or a domain. Examples would be 0N/A * "foo.bar.com"; and ".xyz.com". When the the constraint begins with 0N/A * a period, it may be expanded with one or more subdomains. That is, 0N/A * the constraint ".xyz.com" is satisfied by both abc.xyz.com and 0N/A * abc.def.xyz.com. However, the constraint ".xyz.com" is not satisfied 0N/A * by "xyz.com". When the constraint does not begin with a period, it 0N/A * @param inputName to be checked for being constrained 0N/A * @returns constraint type above 0N/A * @throws UnsupportedOperationException if name is not exact match, but 0N/A * narrowing and widening are not supported for this name type. 0N/A // Assuming from here on that one or both of these is 0N/A // actually a URI name constraint (not a URI), so we 0N/A // only need to compare the host portion of the name 0N/A // Quick check for equality 0N/A // If one (or both) is an IP address, only same type 0N/A // Both host portions are DNS names. Are they domains? 0N/A // Run DNSName.constrains. 0N/A // If neither one is a domain, then they can't 0N/A // widen or narrow. That's just SAME_TYPE. 0N/A // If one is a domain and the other isn't, 0N/A // then they can't match. The one that's a 0N/A // domain doesn't include the one that's 0N/A * Return subtree depth of this name for purposes of determining 0N/A * NameConstraints minimum and maximum bounds and for calculating 0N/A * path lengths in name subtrees. 0N/A * @returns distance of name from root 0N/A * @throws UnsupportedOperationException if not supported for this name type