1 // Copyright 2023 The Chromium Authors
2 //
3 // Licensed under the Apache License, Version 2.0 (the "License");
4 // you may not use this file except in compliance with the License.
5 // You may obtain a copy of the License at
6 //
7 //     https://www.apache.org/licenses/LICENSE-2.0
8 //
9 // Unless required by applicable law or agreed to in writing, software
10 // distributed under the License is distributed on an "AS IS" BASIS,
11 // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12 // See the License for the specific language governing permissions and
13 // limitations under the License.
14 
15 #include "ip_util.h"
16 
17 BSSL_NAMESPACE_BEGIN
18 
IsValidNetmask(der::Input mask)19 bool IsValidNetmask(der::Input mask) {
20   if (mask.size() != kIPv4AddressSize && mask.size() != kIPv6AddressSize) {
21     return false;
22   }
23 
24   for (size_t i = 0; i < mask.size(); i++) {
25     uint8_t b = mask[i];
26     if (b != 0xff) {
27       // b must be all ones followed by all zeros, so ~b must be all zeros
28       // followed by all ones.
29       uint8_t inv = ~b;
30       if ((inv & (inv + 1)) != 0) {
31         return false;
32       }
33       // The remaining bytes must be all zeros.
34       for (size_t j = i + 1; j < mask.size(); j++) {
35         if (mask[j] != 0) {
36           return false;
37         }
38       }
39       return true;
40     }
41   }
42 
43   return true;
44 }
45 
IPAddressMatchesWithNetmask(der::Input addr1,der::Input addr2,der::Input mask)46 bool IPAddressMatchesWithNetmask(der::Input addr1, der::Input addr2,
47                                  der::Input mask) {
48   if (addr1.size() != addr2.size() || addr1.size() != mask.size()) {
49     return false;
50   }
51   for (size_t i = 0; i < addr1.size(); i++) {
52     if ((addr1[i] & mask[i]) != (addr2[i] & mask[i])) {
53       return false;
54     }
55   }
56   return true;
57 }
58 
59 BSSL_NAMESPACE_END
60