IpSecManager and IpSecTransform API Cleanup (127f4558) · Commits · e / os / android_frameworks_base

api/current.txt

+0 −1

Original line number	Diff line number	Diff line
		@@ -25590,7 +25590,6 @@ package android.net {
		method public android.net.IpSecTransform.Builder setAuthentication(int, android.net.IpSecAlgorithm);
		method public android.net.IpSecTransform.Builder setEncryption(int, android.net.IpSecAlgorithm);
		method public android.net.IpSecTransform.Builder setIpv4Encapsulation(android.net.IpSecManager.UdpEncapsulationSocket, int);
		method public android.net.IpSecTransform.Builder setSpi(int, int);
		method public android.net.IpSecTransform.Builder setSpi(int, android.net.IpSecManager.SecurityParameterIndex);
		}

api/system-current.txt

+0 −4

Original line number	Diff line number	Diff line
		@@ -27718,12 +27718,10 @@ package android.net {
		public final class IpSecManager {
		method public void applyTransportModeTransform(java.net.Socket, android.net.IpSecTransform) throws java.io.IOException;
		method public void applyTransportModeTransform(java.net.DatagramSocket, android.net.IpSecTransform) throws java.io.IOException;
		method public void applyTunnelModeTransform(android.net.Network, android.net.IpSecTransform);
		method public android.net.IpSecManager.UdpEncapsulationSocket openUdpEncapsulationSocket(int) throws java.io.IOException, android.net.IpSecManager.ResourceUnavailableException;
		method public android.net.IpSecManager.UdpEncapsulationSocket openUdpEncapsulationSocket() throws java.io.IOException, android.net.IpSecManager.ResourceUnavailableException;
		method public void removeTransportModeTransform(java.net.Socket, android.net.IpSecTransform);
		method public void removeTransportModeTransform(java.net.DatagramSocket, android.net.IpSecTransform);
		method public void removeTunnelModeTransform(android.net.Network, android.net.IpSecTransform);
		method public android.net.IpSecManager.SecurityParameterIndex reserveSecurityParameterIndex(int, java.net.InetAddress, int) throws android.net.IpSecManager.ResourceUnavailableException, android.net.IpSecManager.SpiUnavailableException;
		field public static final int INVALID_SECURITY_PARAMETER_INDEX = 0; // 0x0
		}
		@@ -27755,12 +27753,10 @@ package android.net {
		public static class IpSecTransform.Builder {
		ctor public IpSecTransform.Builder(android.content.Context);
		method public android.net.IpSecTransform buildTransportModeTransform(java.net.InetAddress) throws java.io.IOException, android.net.IpSecManager.ResourceUnavailableException, android.net.IpSecManager.SpiUnavailableException;
		method public android.net.IpSecTransform buildTunnelModeTransform(java.net.InetAddress, java.net.InetAddress);
		method public android.net.IpSecTransform.Builder setAuthentication(int, android.net.IpSecAlgorithm);
		method public android.net.IpSecTransform.Builder setEncryption(int, android.net.IpSecAlgorithm);
		method public android.net.IpSecTransform.Builder setIpv4Encapsulation(android.net.IpSecManager.UdpEncapsulationSocket, int);
		method public android.net.IpSecTransform.Builder setNattKeepalive(int);
		method public android.net.IpSecTransform.Builder setSpi(int, int);
		method public android.net.IpSecTransform.Builder setSpi(int, android.net.IpSecManager.SecurityParameterIndex);
		method public android.net.IpSecTransform.Builder setUnderlyingNetwork(android.net.Network);
		}

api/test-current.txt

+0 −1

Original line number	Diff line number	Diff line
		@@ -25703,7 +25703,6 @@ package android.net {
		method public android.net.IpSecTransform.Builder setAuthentication(int, android.net.IpSecAlgorithm);
		method public android.net.IpSecTransform.Builder setEncryption(int, android.net.IpSecAlgorithm);
		method public android.net.IpSecTransform.Builder setIpv4Encapsulation(android.net.IpSecManager.UdpEncapsulationSocket, int);
		method public android.net.IpSecTransform.Builder setSpi(int, int);
		method public android.net.IpSecTransform.Builder setSpi(int, android.net.IpSecManager.SecurityParameterIndex);
		}

core/java/android/net/IpSecManager.java

+0 −2

Original line number	Diff line number	Diff line
		@@ -197,7 +197,6 @@ public final class IpSecManager {
		* @param transform an {@link IpSecTransform}, which must be an active Tunnel Mode transform.
		* @hide
		*/
		@SystemApi
		public void applyTunnelModeTransform(Network net, IpSecTransform transform) {}

		/**
		@@ -242,7 +241,6 @@ public final class IpSecManager {
		* network
		* @hide
		*/
		@SystemApi
		public void removeTunnelModeTransform(Network net, IpSecTransform transform) {}

		/**

core/java/android/net/IpSecTransform.java

+3 −27

Original line number	Diff line number	Diff line
		@@ -305,32 +305,9 @@ public final class IpSecTransform implements AutoCloseable {
		* given destination address.
		*
		* <p>Care should be chosen when selecting an SPI to ensure that is is as unique as
		* possible. Random number generation is a reasonable approach to selecting an SPI. For
		* outbound SPIs, they must be reserved by calling {@link
		* IpSecManager#reserveSecurityParameterIndex(int, InetAddress, int)}. Otherwise, Transforms will
		* fail to build.
		*
		* <p>Unless an SPI is set for a given direction, traffic in that direction will be
		* sent/received without any IPsec applied.
		*
		* @param direction either {@link #DIRECTION_IN or #DIRECTION_OUT}
		* @param spi a unique 32-bit integer to identify transformed traffic
		*/
		public IpSecTransform.Builder setSpi(@TransformDirection int direction, int spi) {
		mConfig.flow[direction].spi = spi;
		return this;
		}

		/**
		* Set the SPI, which uniquely identifies a particular IPsec session from others. Because
		* IPsec operates at the IP layer, this 32-bit identifier uniquely identifies packets to a
		* given destination address.
		*
		* <p>Care should be chosen when selecting an SPI to ensure that is is as unique as
		* possible. Random number generation is a reasonable approach to selecting an SPI. For
		* outbound SPIs, they must be reserved by calling {@link
		* IpSecManager#reserveSecurityParameterIndex(int, InetAddress, int)}. Otherwise, Transforms will
		* fail to activate.
		* possible. To reserve a value call {@link IpSecManager#reserveSecurityParameterIndex(int,
		* InetAddress, int)}. Otherwise, SPI collisions would prevent a transform from being
		* activated. IpSecManager#reserveSecurityParameterIndex(int, InetAddres$s, int)}.
		*
		* <p>Unless an SPI is set for a given direction, traffic in that direction will be
		* sent/received without any IPsec applied.
		@@ -447,7 +424,6 @@ public final class IpSecTransform implements AutoCloseable {
		* properties is invalid.
		* @hide
		*/
		@SystemApi
		public IpSecTransform buildTunnelModeTransform(
		InetAddress localAddress, InetAddress remoteAddress) {
		//FIXME: argument validation here