2 * Licensed to the University Corporation for Advanced Internet Development,
3 * Inc. (UCAID) under one or more contributor license agreements. See the
4 * NOTICE file distributed with this work for additional information regarding
5 * copyright ownership. The UCAID licenses this file to You under the Apache
6 * License, Version 2.0 (the "License"); you may not use this file except in
7 * compliance with the License. You may obtain a copy of the License at
9 * http://www.apache.org/licenses/LICENSE-2.0
11 * Unless required by applicable law or agreed to in writing, software
12 * distributed under the License is distributed on an "AS IS" BASIS,
13 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
14 * See the License for the specific language governing permissions and
15 * limitations under the License.
18 package edu.internet2.middleware.shibboleth.idp.util;
20 import java.net.InetAddress;
21 import java.net.UnknownHostException;
22 import java.util.BitSet;
24 import org.opensaml.xml.util.DatatypeHelper;
26 /** Represents a range of IP addresses. */
27 public class IPRange {
29 /** Number of bits within */
30 private int addressLength;
32 /** The IP network address for the range. */
33 private BitSet network;
35 /** The netmask for the range. */
41 * @param networkAddress the network address for the range
42 * @param maskSize the number of bits in the netmask
44 public IPRange(InetAddress networkAddress, int maskSize) {
45 this(networkAddress.getAddress(), maskSize);
51 * @param networkAddress the network address for the range
52 * @param maskSize the number of bits in the netmask
54 public IPRange(byte[] networkAddress, int maskSize) {
55 addressLength = networkAddress.length * 8;
56 if (addressLength != 32 && addressLength != 128) {
57 throw new IllegalArgumentException("Network address was neither an IPv4 or IPv6 address");
60 network = toBitSet(networkAddress);
61 mask = new BitSet(addressLength);
62 mask.set(addressLength - maskSize, addressLength, true);
66 * Parses a CIDR block definition in to an IP range.
68 * @param cidrBlock the CIDR block definition
70 * @return the resultant IP range
72 public static IPRange parseCIDRBlock(String cidrBlock){
73 String block = DatatypeHelper.safeTrimOrNullString(cidrBlock);
75 throw new IllegalArgumentException("CIDR block definition may not be null");
78 String[] blockParts = block.split("/");
80 InetAddress networkAddress = InetAddress.getByName(blockParts[0]);
81 int maskSize = Integer.parseInt(blockParts[1]);
82 return new IPRange(networkAddress, maskSize);
83 }catch(UnknownHostException e){
84 throw new IllegalArgumentException("Invalid IP address");
85 }catch(NumberFormatException e){
86 throw new IllegalArgumentException("Invalid netmask size");
91 * Determines whether the given address is contained in the IP range.
93 * @param address the address to check
95 * @return true if the address is in the range, false it not
97 public boolean contains(InetAddress address) {
98 return contains(address.getAddress());
102 * Determines whether the given address is contained in the IP range.
104 * @param address the address to check
106 * @return true if the address is in the range, false it not
108 public boolean contains(byte[] address) {
109 if (address.length * 8 != addressLength) {
113 BitSet addrNetwork = toBitSet(address);
114 addrNetwork.and(mask);
116 return addrNetwork.equals(network);
120 * Converts a byte array to a BitSet.
122 * The supplied byte array is assumed to have the most significant bit in element 0.
124 * @param bytes the byte array with most significant bit in element 0.
128 protected BitSet toBitSet(byte[] bytes) {
129 BitSet bits = new BitSet(bytes.length * 8);
131 for (int i = 0; i < bytes.length * 8; i++) {
132 if ((bytes[bytes.length - i / 8 - 1] & (1 << (i % 8))) > 0) {
projects / java-idp.git / blob