Merge changes from topics "encrypted-tunnel-interface", "iketunnelparams",...

    method @NonNull public android.net.vcn.VcnConfig build();

  }

  public abstract class VcnControlPlaneConfig {

  }

  public final class VcnControlPlaneIkeConfig extends android.net.vcn.VcnControlPlaneConfig {

    ctor public VcnControlPlaneIkeConfig(@NonNull android.net.ipsec.ike.IkeSessionParams, @NonNull android.net.ipsec.ike.TunnelModeChildSessionParams);

    method @NonNull public android.net.ipsec.ike.TunnelModeChildSessionParams getChildSessionParams();

    method @NonNull public android.net.ipsec.ike.IkeSessionParams getIkeSessionParams();

  }

  public final class VcnGatewayConnectionConfig {

    method @NonNull public int[] getExposedCapabilities();

    method @NonNull public String getGatewayConnectionName();

  }

  public static final class VcnGatewayConnectionConfig.Builder {

    ctor public VcnGatewayConnectionConfig.Builder(@NonNull String, @NonNull android.net.vcn.VcnControlPlaneConfig);

    ctor public VcnGatewayConnectionConfig.Builder(@NonNull String, @NonNull android.net.TunnelConnectionParams);

    method @NonNull public android.net.vcn.VcnGatewayConnectionConfig.Builder addExposedCapability(int);

    method @NonNull public android.net.vcn.VcnGatewayConnectionConfig build();

    method @NonNull public android.net.vcn.VcnGatewayConnectionConfig.Builder removeExposedCapability(int);

/*

 * Copyright (C) 2021 The Android Open Source Project

 *

 * Licensed under the Apache License, Version 2.0 (the "License");

 * you may not use this file except in compliance with the License.

 * You may obtain a copy of the License at

 *

 *      http://www.apache.org/licenses/LICENSE-2.0

 *

 * Unless required by applicable law or agreed to in writing, software

 * distributed under the License is distributed on an "AS IS" BASIS,

 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.

 * See the License for the specific language governing permissions and

 * limitations under the License.

 */

package android.net.vcn;

import android.annotation.IntDef;

import android.annotation.NonNull;

import android.os.PersistableBundle;

import java.lang.annotation.Retention;

import java.lang.annotation.RetentionPolicy;

import java.util.Objects;

/**

 * This class represents a control plane configuration for a Virtual Carrier Network connection.

 *

 * <p>Each {@link VcnGatewayConnectionConfig} must have a {@link VcnControlPlaneConfig}, containing

 * all connection, authentication and authorization parameters required to establish a Gateway

 * Connection with a remote endpoint.

 *

 * <p>A {@link VcnControlPlaneConfig} object can be shared by multiple {@link

 * VcnGatewayConnectionConfig}(s) if they will used for connecting with the same remote endpoint.

 *

 * @see VcnManager

 * @see VcnGatewayConnectionConfig

 */

public abstract class VcnControlPlaneConfig {

    /** @hide */

    @Retention(RetentionPolicy.SOURCE)

    @IntDef({CONFIG_TYPE_IKE})

    public @interface ConfigType {}

    /** @hide */

    public static final int CONFIG_TYPE_IKE = 1;

    private static final String CONFIG_TYPE_KEY = "mConfigType";

    @ConfigType private final int mConfigType;

    /**

     * Package private constructor.

     *

     * @hide

     */

    VcnControlPlaneConfig(int configType) {

        mConfigType = configType;

    }

    /**

     * Constructs a VcnControlPlaneConfig object by deserializing a PersistableBundle.

     *

     * @param in the {@link PersistableBundle} containing an {@link VcnControlPlaneConfig} object

     * @hide

     */

    public static VcnControlPlaneConfig fromPersistableBundle(@NonNull PersistableBundle in) {

        Objects.requireNonNull(in, "PersistableBundle was null");

        int configType = in.getInt(CONFIG_TYPE_KEY);

        switch (configType) {

            case CONFIG_TYPE_IKE:

                return new VcnControlPlaneIkeConfig(in);

            default:

                throw new IllegalStateException("Unrecognized configType: " + configType);

        }

    }

    /**

     * Converts this VcnControlPlaneConfig to a PersistableBundle.

     *

     * @hide

     */

    @NonNull

    public PersistableBundle toPersistableBundle() {

        final PersistableBundle result = new PersistableBundle();

        result.putInt(CONFIG_TYPE_KEY, mConfigType);

        return result;

    }

    /** @hide */

    @Override

    public int hashCode() {

        return Objects.hash(mConfigType);

    }

    /** @hide */

    @Override

    public boolean equals(Object o) {

        if (!(o instanceof VcnControlPlaneConfig)) {

            return false;

        }

        return mConfigType == ((VcnControlPlaneConfig) o).mConfigType;

    }

    /**

     * Returns a deep copy of this object.

     *

     * @hide

     */

    public abstract VcnControlPlaneConfig copy();

}

/*

 * Copyright (C) 2021 The Android Open Source Project

 *

 * Licensed under the Apache License, Version 2.0 (the "License");

 * you may not use this file except in compliance with the License.

 * You may obtain a copy of the License at

 *

 *      http://www.apache.org/licenses/LICENSE-2.0

 *

 * Unless required by applicable law or agreed to in writing, software

 * distributed under the License is distributed on an "AS IS" BASIS,

 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.

 * See the License for the specific language governing permissions and

 * limitations under the License.

 */

package android.net.vcn;

import static android.net.vcn.VcnControlPlaneConfig.CONFIG_TYPE_IKE;

import android.annotation.NonNull;

import android.net.ipsec.ike.IkeSessionParams;

import android.net.ipsec.ike.TunnelModeChildSessionParams;

import android.net.vcn.persistablebundleutils.IkeSessionParamsUtils;

import android.net.vcn.persistablebundleutils.TunnelModeChildSessionParamsUtils;

import android.os.PersistableBundle;

import android.util.ArraySet;

import android.util.Log;

import java.util.Objects;

/**

 * This class is an IKEv2 control plane configuration for a Virtual Carrier Network connection.

 *

 * <p>This class is an extension of the {@link VcnControlPlaneConfig}, containing IKEv2-specific

 * configuration, authentication and authorization parameters.

 *

 * @see VcnControlPlaneConfig

 */

public final class VcnControlPlaneIkeConfig extends VcnControlPlaneConfig {

    private static final String TAG = VcnControlPlaneIkeConfig.class.getSimpleName();

    private static final String IKE_PARAMS_KEY = "mIkeParams";

    @NonNull private final IkeSessionParams mIkeParams;

    private static final String CHILD_PARAMS_KEY = "mChildParams";

    @NonNull private final TunnelModeChildSessionParams mChildParams;

    private static final ArraySet<String> BUNDLE_KEY_SET = new ArraySet<>();

    {

        BUNDLE_KEY_SET.add(IKE_PARAMS_KEY);

        BUNDLE_KEY_SET.add(CHILD_PARAMS_KEY);

    }

    /**

     * Constructs a VcnControlPlaneIkeConfig object.

     *

     * @param ikeParams the IKE Session negotiation parameters

     * @param childParams the tunnel mode Child Session negotiation parameters

     */

    public VcnControlPlaneIkeConfig(

            @NonNull IkeSessionParams ikeParams,

            @NonNull TunnelModeChildSessionParams childParams) {

        super(CONFIG_TYPE_IKE);

        mIkeParams = ikeParams;

        mChildParams = childParams;

        validate();

    }

    /**

     * Constructs a VcnControlPlaneIkeConfig object by deserializing a PersistableBundle.

     *

     * @param in the {@link PersistableBundle} containing an {@link VcnControlPlaneIkeConfig} object

     * @hide

     */

    public VcnControlPlaneIkeConfig(@NonNull PersistableBundle in) {

        super(CONFIG_TYPE_IKE);

        final PersistableBundle ikeParamsBundle = in.getPersistableBundle(IKE_PARAMS_KEY);

        final PersistableBundle childParamsBundle = in.getPersistableBundle(CHILD_PARAMS_KEY);

        Objects.requireNonNull(ikeParamsBundle, "IKE Session Params was null");

        Objects.requireNonNull(childParamsBundle, "Child Session Params was null");

        mIkeParams = IkeSessionParamsUtils.fromPersistableBundle(ikeParamsBundle);

        mChildParams = TunnelModeChildSessionParamsUtils.fromPersistableBundle(childParamsBundle);

        for (String key : in.keySet()) {

            if (!BUNDLE_KEY_SET.contains(key)) {

                Log.w(TAG, "Found an unexpected key in the PersistableBundle: " + key);

            }

        }

        validate();

    }

    private void validate() {

        Objects.requireNonNull(mIkeParams, "mIkeParams was null");

        Objects.requireNonNull(mChildParams, "mChildParams was null");

    }

    /**

     * Converts this VcnControlPlaneConfig to a PersistableBundle.

     *

     * @hide

     */

    @Override

    @NonNull

    public PersistableBundle toPersistableBundle() {

        final PersistableBundle result = super.toPersistableBundle();

        result.putPersistableBundle(

                IKE_PARAMS_KEY, IkeSessionParamsUtils.toPersistableBundle(mIkeParams));

        result.putPersistableBundle(

                CHILD_PARAMS_KEY,

                TunnelModeChildSessionParamsUtils.toPersistableBundle(mChildParams));

        return result;

    }

    /** Retrieves the IKE Session configuration. */

    @NonNull

    public IkeSessionParams getIkeSessionParams() {

        return mIkeParams;

    }

    /** Retrieves the tunnel mode Child Session configuration. */

    @NonNull

    public TunnelModeChildSessionParams getChildSessionParams() {

        return mChildParams;

    }

    /** @hide */

    @Override

    public int hashCode() {

        return Objects.hash(super.hashCode(), mIkeParams, mChildParams);

    }

    /** @hide */

    @Override

    public boolean equals(Object o) {

        if (!(o instanceof VcnControlPlaneIkeConfig)) {

            return false;

        }

        VcnControlPlaneIkeConfig other = (VcnControlPlaneIkeConfig) o;

        return super.equals(o)

                && Objects.equals(mIkeParams, other.mIkeParams)

                && Objects.equals(mChildParams, other.mChildParams);

    }

    /** @hide */

    @Override

    public VcnControlPlaneConfig copy() {

        return new VcnControlPlaneIkeConfig(

                new IkeSessionParams.Builder(mIkeParams).build(),

                new TunnelModeChildSessionParams.Builder(mChildParams).build());

    }

}

import android.annotation.SuppressLint;

import android.net.Network;

import android.net.NetworkCapabilities;

import android.net.TunnelConnectionParams;

import android.net.vcn.persistablebundleutils.TunnelConnectionParamsUtils;

import android.os.PersistableBundle;

import android.util.ArraySet;

    private static final String GATEWAY_CONNECTION_NAME_KEY = "mGatewayConnectionName";

    @NonNull private final String mGatewayConnectionName;

    private static final String CTRL_PLANE_CONFIG_KEY = "mCtrlPlaneConfig";

    @NonNull private VcnControlPlaneConfig mCtrlPlaneConfig;

    private static final String TUNNEL_CONNECTION_PARAMS_KEY = "mTunnelConnectionParams";

    @NonNull private TunnelConnectionParams mTunnelConnectionParams;

    private static final String EXPOSED_CAPABILITIES_KEY = "mExposedCapabilities";

    @NonNull private final SortedSet<Integer> mExposedCapabilities;

    /** Builds a VcnGatewayConnectionConfig with the specified parameters. */

    private VcnGatewayConnectionConfig(

            @NonNull String gatewayConnectionName,

            @NonNull VcnControlPlaneConfig ctrlPlaneConfig,

            @NonNull TunnelConnectionParams tunnelConnectionParams,

            @NonNull Set<Integer> exposedCapabilities,

            @NonNull Set<Integer> underlyingCapabilities,

            @NonNull long[] retryIntervalsMs,

            @IntRange(from = MIN_MTU_V6) int maxMtu) {

        mGatewayConnectionName = gatewayConnectionName;

        mCtrlPlaneConfig = ctrlPlaneConfig;

        mTunnelConnectionParams = tunnelConnectionParams;

        mExposedCapabilities = new TreeSet(exposedCapabilities);

        mUnderlyingCapabilities = new TreeSet(underlyingCapabilities);

        mRetryIntervalsMs = retryIntervalsMs;

    /** @hide */

    @VisibleForTesting(visibility = Visibility.PRIVATE)

    public VcnGatewayConnectionConfig(@NonNull PersistableBundle in) {

        final PersistableBundle ctrlPlaneConfigBundle =

                in.getPersistableBundle(CTRL_PLANE_CONFIG_KEY);

        Objects.requireNonNull(ctrlPlaneConfigBundle, "ctrlPlaneConfigBundle was null");

        final PersistableBundle tunnelConnectionParamsBundle =

                in.getPersistableBundle(TUNNEL_CONNECTION_PARAMS_KEY);

        Objects.requireNonNull(

                tunnelConnectionParamsBundle, "tunnelConnectionParamsBundle was null");

        final PersistableBundle exposedCapsBundle =

                in.getPersistableBundle(EXPOSED_CAPABILITIES_KEY);

                in.getPersistableBundle(UNDERLYING_CAPABILITIES_KEY);

        mGatewayConnectionName = in.getString(GATEWAY_CONNECTION_NAME_KEY);

        mCtrlPlaneConfig = VcnControlPlaneConfig.fromPersistableBundle(ctrlPlaneConfigBundle);

        mTunnelConnectionParams =

                TunnelConnectionParamsUtils.fromPersistableBundle(tunnelConnectionParamsBundle);

        mExposedCapabilities = new TreeSet<>(PersistableBundleUtils.toList(

                exposedCapsBundle, PersistableBundleUtils.INTEGER_DESERIALIZER));

        mUnderlyingCapabilities = new TreeSet<>(PersistableBundleUtils.toList(

    private void validate() {

        Objects.requireNonNull(mGatewayConnectionName, "gatewayConnectionName was null");

        Objects.requireNonNull(mCtrlPlaneConfig, "control plane config was null");

        Objects.requireNonNull(mTunnelConnectionParams, "tunnel connection parameter was null");

        Preconditions.checkArgument(

                mExposedCapabilities != null && !mExposedCapabilities.isEmpty(),

    }

    /**

     * Returns control plane configuration.

     * Returns tunnel connection parameters.

     *

     * @hide

     */

    @NonNull

    public VcnControlPlaneConfig getControlPlaneConfig() {

        return mCtrlPlaneConfig.copy();

    public TunnelConnectionParams getTunnelConnectionParams() {

        return mTunnelConnectionParams;

    }

    /**

    public PersistableBundle toPersistableBundle() {

        final PersistableBundle result = new PersistableBundle();

        final PersistableBundle ctrlPlaneConfigBundle = mCtrlPlaneConfig.toPersistableBundle();

        final PersistableBundle tunnelConnectionParamsBundle =

                TunnelConnectionParamsUtils.toPersistableBundle(mTunnelConnectionParams);

        final PersistableBundle exposedCapsBundle =

                PersistableBundleUtils.fromList(

                        new ArrayList<>(mExposedCapabilities),

                        PersistableBundleUtils.INTEGER_SERIALIZER);

        result.putString(GATEWAY_CONNECTION_NAME_KEY, mGatewayConnectionName);

        result.putPersistableBundle(CTRL_PLANE_CONFIG_KEY, ctrlPlaneConfigBundle);

        result.putPersistableBundle(TUNNEL_CONNECTION_PARAMS_KEY, tunnelConnectionParamsBundle);

        result.putPersistableBundle(EXPOSED_CAPABILITIES_KEY, exposedCapsBundle);

        result.putPersistableBundle(UNDERLYING_CAPABILITIES_KEY, underlyingCapsBundle);

        result.putLongArray(RETRY_INTERVAL_MS_KEY, mRetryIntervalsMs);

     */

    public static final class Builder {

        @NonNull private final String mGatewayConnectionName;

        @NonNull private final VcnControlPlaneConfig mCtrlPlaneConfig;

        @NonNull private final TunnelConnectionParams mTunnelConnectionParams;

        @NonNull private final Set<Integer> mExposedCapabilities = new ArraySet();

        @NonNull private final Set<Integer> mUnderlyingCapabilities = new ArraySet();

        @NonNull private long[] mRetryIntervalsMs = DEFAULT_RETRY_INTERVALS_MS;

         *     VcnConfig} must be given a unique name. This name is used by the caller to

         *     distinguish between VcnGatewayConnectionConfigs configured on a single {@link

         *     VcnConfig}. This will be used as the identifier in VcnStatusCallback invocations.

         * @param ctrlPlaneConfig the control plane configuration

         * @see VcnControlPlaneConfig

         * @param tunnelConnectionParams the tunnel connection configuration

         * @see TunnelConnectionParams

         * @see VcnManager.VcnStatusCallback#onGatewayConnectionError

         */

        public Builder(

                @NonNull String gatewayConnectionName,

                @NonNull VcnControlPlaneConfig ctrlPlaneConfig) {

                @NonNull TunnelConnectionParams tunnelConnectionParams) {

            Objects.requireNonNull(gatewayConnectionName, "gatewayConnectionName was null");

            Objects.requireNonNull(ctrlPlaneConfig, "ctrlPlaneConfig was null");

            Objects.requireNonNull(tunnelConnectionParams, "tunnelConnectionParams was null");

            mGatewayConnectionName = gatewayConnectionName;

            mCtrlPlaneConfig = ctrlPlaneConfig;

            mTunnelConnectionParams = tunnelConnectionParams;

        }

        /**

        public VcnGatewayConnectionConfig build() {

            return new VcnGatewayConnectionConfig(

                    mGatewayConnectionName,

                    mCtrlPlaneConfig,

                    mTunnelConnectionParams,

                    mExposedCapabilities,

                    mUnderlyingCapabilities,

                    mRetryIntervalsMs,

import android.net.NetworkScore;

import android.net.RouteInfo;

import android.net.TelephonyNetworkSpecifier;

import android.net.TunnelConnectionParams;

import android.net.Uri;

import android.net.annotations.PolicyDirection;

import android.net.ipsec.ike.ChildSessionCallback;

import android.net.ipsec.ike.IkeSessionCallback;

import android.net.ipsec.ike.IkeSessionConfiguration;

import android.net.ipsec.ike.IkeSessionParams;

import android.net.ipsec.ike.IkeTunnelConnectionParams;

import android.net.ipsec.ike.exceptions.IkeException;

import android.net.ipsec.ike.exceptions.IkeInternalException;

import android.net.ipsec.ike.exceptions.IkeProtocolException;

import android.net.vcn.VcnControlPlaneIkeConfig;

import android.net.vcn.VcnGatewayConnectionConfig;

import android.net.vcn.VcnTransportInfo;

import android.net.wifi.WifiInfo;

            @NonNull IpSecTunnelInterface tunnelIface,

            @NonNull VcnChildSessionConfiguration childConfig,

            @Nullable UnderlyingNetworkRecord underlying) {

        final VcnControlPlaneIkeConfig controlPlaneConfig =

                (VcnControlPlaneIkeConfig) gatewayConnectionConfig.getControlPlaneConfig();

        final TunnelConnectionParams tunnelParams =

                gatewayConnectionConfig.getTunnelConnectionParams();

        if (!(tunnelParams instanceof IkeTunnelConnectionParams)) {

            throw new IllegalStateException(

                    "TunnelConnectionParams is not IkeTunnelConnectionParams");

        }

        final IkeTunnelConnectionParams ikeTunnelParams = (IkeTunnelConnectionParams) tunnelParams;

        final LinkProperties lp = new LinkProperties();

        lp.setInterfaceName(tunnelIface.getInterfaceName());

        final int underlyingMtu = (underlying == null) ? 0 : underlying.linkProperties.getMtu();

        lp.setMtu(

                MtuUtils.getMtu(

                        controlPlaneConfig.getChildSessionParams().getSaProposals(),

                        ikeTunnelParams.getTunnelModeChildSessionParams().getSaProposals(),

                        gatewayConnectionConfig.getMaxMtu(),

                        underlyingMtu));

    }

    private IkeSessionParams buildIkeParams(@NonNull Network network) {

        final VcnControlPlaneIkeConfig controlPlaneConfig =

                (VcnControlPlaneIkeConfig) mConnectionConfig.getControlPlaneConfig();

        final TunnelConnectionParams tunnelConnectionParams =

                mConnectionConfig.getTunnelConnectionParams();

        if (tunnelConnectionParams instanceof IkeTunnelConnectionParams) {

            final IkeTunnelConnectionParams ikeTunnelConnectionParams =

                    (IkeTunnelConnectionParams) tunnelConnectionParams;

            final IkeSessionParams.Builder builder =

                new IkeSessionParams.Builder(controlPlaneConfig.getIkeSessionParams());

                    new IkeSessionParams.Builder(ikeTunnelConnectionParams.getIkeSessionParams());

            builder.setNetwork(network);

            return builder.build();

        }

        throw new IllegalStateException("TunnelConnectionParams is not IkeTunnelConnectionParams");

    }

    private ChildSessionParams buildChildParams() {

        final VcnControlPlaneIkeConfig controlPlaneConfig =

                (VcnControlPlaneIkeConfig) mConnectionConfig.getControlPlaneConfig();

        return controlPlaneConfig.getChildSessionParams();

        final TunnelConnectionParams tunnelConnectionParams =

                mConnectionConfig.getTunnelConnectionParams();

        if (tunnelConnectionParams instanceof IkeTunnelConnectionParams) {

            return ((IkeTunnelConnectionParams) tunnelConnectionParams)

                    .getTunnelModeChildSessionParams();

        }

        throw new IllegalStateException("TunnelConnectionParams is not IkeTunnelConnectionParams");

    }

    @VisibleForTesting(visibility = Visibility.PRIVATE)