1 /*
2 * Copyright (c) 1997, 2000, Oracle and/or its affiliates. All rights reserved.
3 * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
4 *
5 * This code is free software; you can redistribute it and/or modify it
6 * under the terms of the GNU General Public License version 2 only, as
7 * published by the Free Software Foundation. Oracle designates this
8 * particular file as subject to the "Classpath" exception as provided
9 * by Oracle in the LICENSE file that accompanied this code.
10 *
11 * This code is distributed in the hope that it will be useful, but WITHOUT
12 * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
13 * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
14 * version 2 for more details (a copy is included in the LICENSE file that
15 * accompanied this code).
16 *
17 * You should have received a copy of the GNU General Public License version
18 * 2 along with this work; if not, write to the Free Software Foundation,
19 * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
20 *
21 * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
22 * or visit www.oracle.com if you need additional information or have any
23 * questions.
24 */
25
26 package sun.security.x509;
27
28 import java.io.IOException;
29
30 import sun.security.util.*;
31
32 /**
33 * This class implements the DNSName as required by the GeneralNames
34 * ASN.1 object.
35 * <p>
36 * [RFC2459] When the subjectAltName extension contains a domain name service
37 * label, the domain name MUST be stored in the dNSName (an IA5String).
38 * The name MUST be in the "preferred name syntax," as specified by RFC
39 * 1034 [RFC 1034]. Note that while upper and lower case letters are
40 * allowed in domain names, no signifigance is attached to the case. In
41 * addition, while the string " " is a legal domain name, subjectAltName
42 * extensions with a dNSName " " are not permitted. Finally, the use of
43 * the DNS representation for Internet mail addresses (wpolk.nist.gov
44 * instead of wpolk@nist.gov) is not permitted; such identities are to
45 * be encoded as rfc822Name.
46 * <p>
47 * @author Amit Kapoor
48 * @author Hemma Prafullchandra
181 * satisfies the name constraint. For example, www.foo.bar.com would
182 * satisfy the constraint but foo1.bar.com would not.
183 * <p>
184 * RFC1034: By convention, domain names can be stored with arbitrary case, but
185 * domain name comparisons for all present domain functions are done in a
186 * case-insensitive manner, assuming an ASCII character set, and a high
187 * order zero bit.
188 * <p>
189 * @param inputName to be checked for being constrained
190 * @returns constraint type above
191 * @throws UnsupportedOperationException if name is not exact match, but narrowing and widening are
192 * not supported for this name type.
193 */
194 public int constrains(GeneralNameInterface inputName) throws UnsupportedOperationException {
195 int constraintType;
196 if (inputName == null)
197 constraintType = NAME_DIFF_TYPE;
198 else if (inputName.getType() != NAME_DNS)
199 constraintType = NAME_DIFF_TYPE;
200 else {
201 String inName = (((DNSName)inputName).getName()).toLowerCase();
202 String thisName = name.toLowerCase();
203 if (inName.equals(thisName))
204 constraintType = NAME_MATCH;
205 else if (thisName.endsWith(inName)) {
206 int inNdx = thisName.lastIndexOf(inName);
207 if (thisName.charAt(inNdx-1) == '.' )
208 constraintType = NAME_WIDENS;
209 else
210 constraintType = NAME_SAME_TYPE;
211 } else if (inName.endsWith(thisName)) {
212 int ndx = inName.lastIndexOf(thisName);
213 if (inName.charAt(ndx-1) == '.' )
214 constraintType = NAME_NARROWS;
215 else
216 constraintType = NAME_SAME_TYPE;
217 } else {
218 constraintType = NAME_SAME_TYPE;
219 }
220 }
221 return constraintType;
222 }
223
224 /**
225 * Return subtree depth of this name for purposes of determining
226 * NameConstraints minimum and maximum bounds and for calculating
227 * path lengths in name subtrees.
228 *
229 * @returns distance of name from root
230 * @throws UnsupportedOperationException if not supported for this name type
231 */
232 public int subtreeDepth() throws UnsupportedOperationException {
233 String subtree=name;
234 int i=1;
235
236 /* count dots */
237 for (; subtree.lastIndexOf('.') >= 0; i++) {
238 subtree=subtree.substring(0,subtree.lastIndexOf('.'));
239 }
240
241 return i;
242 }
243
244 }
| 1 /*
2 * Copyright (c) 1997, 2010, Oracle and/or its affiliates. All rights reserved.
3 * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
4 *
5 * This code is free software; you can redistribute it and/or modify it
6 * under the terms of the GNU General Public License version 2 only, as
7 * published by the Free Software Foundation. Oracle designates this
8 * particular file as subject to the "Classpath" exception as provided
9 * by Oracle in the LICENSE file that accompanied this code.
10 *
11 * This code is distributed in the hope that it will be useful, but WITHOUT
12 * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
13 * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
14 * version 2 for more details (a copy is included in the LICENSE file that
15 * accompanied this code).
16 *
17 * You should have received a copy of the GNU General Public License version
18 * 2 along with this work; if not, write to the Free Software Foundation,
19 * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
20 *
21 * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
22 * or visit www.oracle.com if you need additional information or have any
23 * questions.
24 */
25
26 package sun.security.x509;
27
28 import java.io.IOException;
29 import java.util.Locale;
30
31 import sun.security.util.*;
32
33 /**
34 * This class implements the DNSName as required by the GeneralNames
35 * ASN.1 object.
36 * <p>
37 * [RFC2459] When the subjectAltName extension contains a domain name service
38 * label, the domain name MUST be stored in the dNSName (an IA5String).
39 * The name MUST be in the "preferred name syntax," as specified by RFC
40 * 1034 [RFC 1034]. Note that while upper and lower case letters are
41 * allowed in domain names, no signifigance is attached to the case. In
42 * addition, while the string " " is a legal domain name, subjectAltName
43 * extensions with a dNSName " " are not permitted. Finally, the use of
44 * the DNS representation for Internet mail addresses (wpolk.nist.gov
45 * instead of wpolk@nist.gov) is not permitted; such identities are to
46 * be encoded as rfc822Name.
47 * <p>
48 * @author Amit Kapoor
49 * @author Hemma Prafullchandra
182 * satisfies the name constraint. For example, www.foo.bar.com would
183 * satisfy the constraint but foo1.bar.com would not.
184 * <p>
185 * RFC1034: By convention, domain names can be stored with arbitrary case, but
186 * domain name comparisons for all present domain functions are done in a
187 * case-insensitive manner, assuming an ASCII character set, and a high
188 * order zero bit.
189 * <p>
190 * @param inputName to be checked for being constrained
191 * @returns constraint type above
192 * @throws UnsupportedOperationException if name is not exact match, but narrowing and widening are
193 * not supported for this name type.
194 */
195 public int constrains(GeneralNameInterface inputName) throws UnsupportedOperationException {
196 int constraintType;
197 if (inputName == null)
198 constraintType = NAME_DIFF_TYPE;
199 else if (inputName.getType() != NAME_DNS)
200 constraintType = NAME_DIFF_TYPE;
201 else {
202 String inName =
203 (((DNSName)inputName).getName()).toLowerCase(Locale.ENGLISH);
204 String thisName = name.toLowerCase(Locale.ENGLISH);
205 if (inName.equals(thisName))
206 constraintType = NAME_MATCH;
207 else if (thisName.endsWith(inName)) {
208 int inNdx = thisName.lastIndexOf(inName);
209 if (thisName.charAt(inNdx-1) == '.' )
210 constraintType = NAME_WIDENS;
211 else
212 constraintType = NAME_SAME_TYPE;
213 } else if (inName.endsWith(thisName)) {
214 int ndx = inName.lastIndexOf(thisName);
215 if (inName.charAt(ndx-1) == '.' )
216 constraintType = NAME_NARROWS;
217 else
218 constraintType = NAME_SAME_TYPE;
219 } else {
220 constraintType = NAME_SAME_TYPE;
221 }
222 }
223 return constraintType;
224 }
225
226 /**
227 * Return subtree depth of this name for purposes of determining
228 * NameConstraints minimum and maximum bounds and for calculating
229 * path lengths in name subtrees.
230 *
231 * @returns distance of name from root
232 * @throws UnsupportedOperationException if not supported for this name type
233 */
234 public int subtreeDepth() throws UnsupportedOperationException {
235 // subtree depth is always at least 1
236 int sum = 1;
237
238 // count dots
239 for (int i = name.indexOf('.'); i >= 0; i = name.indexOf('.', i + 1)) {
240 ++sum;
241 }
242
243 return sum;
244 }
245
246 }
|