| java.lang.Object | |
| ↳ | sun.security.x509.IPAddressName |
Class Overview
This class implements the IPAddressName as required by the GeneralNames ASN.1 object. Both IPv4 and IPv6 addresses are supported using the formats specified in IETF PKIX RFC2459.
[RFC2459 4.2.1.7 Subject Alternative Name] When the subjectAltName extension contains a iPAddress, the address MUST be stored in the octet string in "network byte order," as specified in RFC 791. The least significant bit (LSB) of each octet is the LSB of the corresponding byte in the network address. For IP Version 4, as specified in RFC 791, the octet string MUST contain exactly four octets. For IP Version 6, as specified in RFC 1883, the octet string MUST contain exactly sixteen octets.
[RFC2459 4.2.1.11 Name Constraints] The syntax of iPAddress MUST be as described in section 4.2.1.7 with the following additions specifically for Name Constraints. For IPv4 addresses, the ipAddress field of generalName MUST contain eight (8) octets, encoded in the style of RFC 1519 (CIDR) to represent an address range.[RFC 1519] For IPv6 addresses, the ipAddress field MUST contain 32 octets similarly encoded. For example, a name constraint for "class C" subnet 10.9.8.0 shall be represented as the octets 0A 09 08 00 FF FF FF 00, representing the CIDR notation 10.9.8.0/255.255.255.0.
Summary
|
[Expand]
Inherited Constants | |||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
 From interface
sun.security.x509.GeneralNameInterface
| |||||||||||
| Public Constructors | |||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
Create the IPAddressName object from the passed encoded Der value.
| |||||||||||
Create the IPAddressName object with the specified octets.
| |||||||||||
Create an IPAddressName from a String.
| |||||||||||
| Public Methods | |||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
Return type of constraint inputName places on this name:
| |||||||||||
Encode the IPAddress name into the DerOutputStream.
| |||||||||||
Compares this name with another, for equality.
| |||||||||||
Returns this IPAddress name as a byte array.
| |||||||||||
Return a standard String representation of IPAddress.
| |||||||||||
Return the type of the GeneralName.
| |||||||||||
Returns the hash code value for this object.
| |||||||||||
Return subtree depth of this name for purposes of determining
NameConstraints minimum and maximum bounds and for calculating
path lengths in name subtrees.
| |||||||||||
Return a printable string of IPaddress
| |||||||||||
|
[Expand]
Inherited Methods | |||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
From class
java.lang.Object
| |||||||||||
|
From interface
sun.security.x509.GeneralNameInterface
| |||||||||||
Public Constructors
public IPAddressName (DerValue derValue)
Create the IPAddressName object from the passed encoded Der value.
Throws
| IOException | on error. |
|---|
public IPAddressName (byte[] address)
Create the IPAddressName object with the specified octets.
Throws
| IOException | if address is not a valid IPv4 or IPv6 address |
|---|
public IPAddressName (String name)
Create an IPAddressName from a String. [IETF RFC1338 Supernetting & IETF RFC1519 Classless Inter-Domain Routing (CIDR)] For IPv4 addresses, the forms are "b1.b2.b3.b4" or "b1.b2.b3.b4/m1.m2.m3.m4", where b1 - b4 are decimal byte values 0-255 and m1 - m4 are decimal mask values 0 - 255.
[IETF RFC2373 IP Version 6 Addressing Architecture] For IPv6 addresses, the forms are "a1:a2:...:a8" or "a1:a2:...:a8/n", where a1-a8 are hexadecimal values representing the eight 16-bit pieces of the address. If /n is used, n is a decimal number indicating how many of the leftmost contiguous bits of the address comprise the prefix for this subnet. Internally, a mask value is created using the prefix length.
Parameters
| name | String form of IPAddressName |
|---|
Throws
| IOException | if name can not be converted to a valid IPv4 or IPv6 address |
|---|
Public Methods
public int constrains (GeneralNameInterface inputName)
Return type of constraint inputName places on this name:
- NAME_DIFF_TYPE = -1: input name is different type from name (i.e. does not constrain).
- NAME_MATCH = 0: input name matches name.
- NAME_NARROWS = 1: input name narrows name (is lower in the naming subtree)
- NAME_WIDENS = 2: input name widens name (is higher in the naming subtree)
- NAME_SAME_TYPE = 3: input name does not match or narrow name, but is same type.
[RFC2459] The syntax of iPAddress MUST be as described in section 4.2.1.7 with the following additions specifically for Name Constraints. For IPv4 addresses, the ipAddress field of generalName MUST contain eight (8) octets, encoded in the style of RFC 1519 (CIDR) to represent an address range.[RFC 1519] For IPv6 addresses, the ipAddress field MUST contain 32 octets similarly encoded. For example, a name constraint for "class C" subnet 10.9.8.0 shall be represented as the octets 0A 09 08 00 FF FF FF 00, representing the CIDR notation 10.9.8.0/255.255.255.0.
Parameters
| inputName | to be checked for being constrained |
|---|
Throws
| UnsupportedOperationException | if name is not exact match, but narrowing and widening are not supported for this name type. |
|---|
public void encode (DerOutputStream out)
Encode the IPAddress name into the DerOutputStream.
Parameters
| out | the DerOutputStream to encode the GeneralName to. |
|---|
Throws
| IOException | on encoding errors. |
|---|
public boolean equals (Object obj)
Compares this name with another, for equality.
Parameters
| obj | the reference object with which to compare. |
|---|
Returns
- true iff the names are identical.
public byte[] getBytes ()
Returns this IPAddress name as a byte array.
public String getName ()
Return a standard String representation of IPAddress. See IPAddressName(String) for the formats used for IPv4 and IPv6 addresses.
Throws
| IOException | if the IPAddress cannot be converted to a String |
|---|
public int getType ()
Return the type of the GeneralName.
public int hashCode ()
Returns the hash code value for this object.
Returns
- a hash code value for this object.
public int subtreeDepth ()
Return subtree depth of this name for purposes of determining NameConstraints minimum and maximum bounds and for calculating path lengths in name subtrees.
Throws
| UnsupportedOperationException | if not supported for this name type |
|---|
public String toString ()
Return a printable string of IPaddress
Returns
- a string representation of the object.