Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit 99c50add authored by Nathan Harold's avatar Nathan Harold Committed by android-build-merger
Browse files

IpSecManager and IpSecAlgorithm API Tweaks am: 6045429b

am: 9c2428ad

Change-Id: I6f7e2011a273d10386b72391d12a0ce55f18ffd7
parents 7c1460f3 9c2428ad
Loading
Loading
Loading
Loading
+7 −6
Original line number Diff line number Diff line
@@ -23884,13 +23884,13 @@ package android.net {
    method public java.lang.String getName();
    method public int getTruncationLengthBits();
    method public void writeToParcel(android.os.Parcel, int);
    field public static final java.lang.String ALGO_AUTH_HMAC_MD5 = "hmac(md5)";
    field public static final java.lang.String ALGO_AUTH_HMAC_SHA1 = "hmac(sha1)";
    field public static final java.lang.String ALGO_AUTH_HMAC_SHA256 = "hmac(sha256)";
    field public static final java.lang.String ALGO_AUTH_HMAC_SHA384 = "hmac(sha384)";
    field public static final java.lang.String ALGO_AUTH_HMAC_SHA512 = "hmac(sha512)";
    field public static final java.lang.String ALGO_CRYPT_AES_CBC = "cbc(aes)";
    field public static final java.lang.String AUTH_HMAC_MD5 = "hmac(md5)";
    field public static final java.lang.String AUTH_HMAC_SHA1 = "hmac(sha1)";
    field public static final java.lang.String AUTH_HMAC_SHA256 = "hmac(sha256)";
    field public static final java.lang.String AUTH_HMAC_SHA384 = "hmac(sha384)";
    field public static final java.lang.String AUTH_HMAC_SHA512 = "hmac(sha512)";
    field public static final android.os.Parcelable.Creator<android.net.IpSecAlgorithm> CREATOR;
    field public static final java.lang.String CRYPT_AES_CBC = "cbc(aes)";
  }
  public final class IpSecManager {
@@ -23900,6 +23900,7 @@ package android.net {
    method public android.net.IpSecManager.UdpEncapsulationSocket openUdpEncapsulationSocket() throws java.io.IOException, android.net.IpSecManager.ResourceUnavailableException;
    method public void removeTransportModeTransform(java.net.Socket, android.net.IpSecTransform);
    method public void removeTransportModeTransform(java.net.DatagramSocket, android.net.IpSecTransform);
    method public android.net.IpSecManager.SecurityParameterIndex reserveSecurityParameterIndex(int, java.net.InetAddress) throws android.net.IpSecManager.ResourceUnavailableException;
    method public android.net.IpSecManager.SecurityParameterIndex reserveSecurityParameterIndex(int, java.net.InetAddress, int) throws android.net.IpSecManager.ResourceUnavailableException, android.net.IpSecManager.SpiUnavailableException;
    field public static final int INVALID_SECURITY_PARAMETER_INDEX = 0; // 0x0
  }
+7 −6
Original line number Diff line number Diff line
@@ -25722,13 +25722,13 @@ package android.net {
    method public java.lang.String getName();
    method public int getTruncationLengthBits();
    method public void writeToParcel(android.os.Parcel, int);
    field public static final java.lang.String ALGO_AUTH_HMAC_MD5 = "hmac(md5)";
    field public static final java.lang.String ALGO_AUTH_HMAC_SHA1 = "hmac(sha1)";
    field public static final java.lang.String ALGO_AUTH_HMAC_SHA256 = "hmac(sha256)";
    field public static final java.lang.String ALGO_AUTH_HMAC_SHA384 = "hmac(sha384)";
    field public static final java.lang.String ALGO_AUTH_HMAC_SHA512 = "hmac(sha512)";
    field public static final java.lang.String ALGO_CRYPT_AES_CBC = "cbc(aes)";
    field public static final java.lang.String AUTH_HMAC_MD5 = "hmac(md5)";
    field public static final java.lang.String AUTH_HMAC_SHA1 = "hmac(sha1)";
    field public static final java.lang.String AUTH_HMAC_SHA256 = "hmac(sha256)";
    field public static final java.lang.String AUTH_HMAC_SHA384 = "hmac(sha384)";
    field public static final java.lang.String AUTH_HMAC_SHA512 = "hmac(sha512)";
    field public static final android.os.Parcelable.Creator<android.net.IpSecAlgorithm> CREATOR;
    field public static final java.lang.String CRYPT_AES_CBC = "cbc(aes)";
  }
  public final class IpSecManager {
@@ -25738,6 +25738,7 @@ package android.net {
    method public android.net.IpSecManager.UdpEncapsulationSocket openUdpEncapsulationSocket() throws java.io.IOException, android.net.IpSecManager.ResourceUnavailableException;
    method public void removeTransportModeTransform(java.net.Socket, android.net.IpSecTransform);
    method public void removeTransportModeTransform(java.net.DatagramSocket, android.net.IpSecTransform);
    method public android.net.IpSecManager.SecurityParameterIndex reserveSecurityParameterIndex(int, java.net.InetAddress) throws android.net.IpSecManager.ResourceUnavailableException;
    method public android.net.IpSecManager.SecurityParameterIndex reserveSecurityParameterIndex(int, java.net.InetAddress, int) throws android.net.IpSecManager.ResourceUnavailableException, android.net.IpSecManager.SpiUnavailableException;
    field public static final int INVALID_SECURITY_PARAMETER_INDEX = 0; // 0x0
  }
+7 −6
Original line number Diff line number Diff line
@@ -23958,13 +23958,13 @@ package android.net {
    method public java.lang.String getName();
    method public int getTruncationLengthBits();
    method public void writeToParcel(android.os.Parcel, int);
    field public static final java.lang.String ALGO_AUTH_HMAC_MD5 = "hmac(md5)";
    field public static final java.lang.String ALGO_AUTH_HMAC_SHA1 = "hmac(sha1)";
    field public static final java.lang.String ALGO_AUTH_HMAC_SHA256 = "hmac(sha256)";
    field public static final java.lang.String ALGO_AUTH_HMAC_SHA384 = "hmac(sha384)";
    field public static final java.lang.String ALGO_AUTH_HMAC_SHA512 = "hmac(sha512)";
    field public static final java.lang.String ALGO_CRYPT_AES_CBC = "cbc(aes)";
    field public static final java.lang.String AUTH_HMAC_MD5 = "hmac(md5)";
    field public static final java.lang.String AUTH_HMAC_SHA1 = "hmac(sha1)";
    field public static final java.lang.String AUTH_HMAC_SHA256 = "hmac(sha256)";
    field public static final java.lang.String AUTH_HMAC_SHA384 = "hmac(sha384)";
    field public static final java.lang.String AUTH_HMAC_SHA512 = "hmac(sha512)";
    field public static final android.os.Parcelable.Creator<android.net.IpSecAlgorithm> CREATOR;
    field public static final java.lang.String CRYPT_AES_CBC = "cbc(aes)";
  }
  public final class IpSecManager {
@@ -23974,6 +23974,7 @@ package android.net {
    method public android.net.IpSecManager.UdpEncapsulationSocket openUdpEncapsulationSocket() throws java.io.IOException, android.net.IpSecManager.ResourceUnavailableException;
    method public void removeTransportModeTransform(java.net.Socket, android.net.IpSecTransform);
    method public void removeTransportModeTransform(java.net.DatagramSocket, android.net.IpSecTransform);
    method public android.net.IpSecManager.SecurityParameterIndex reserveSecurityParameterIndex(int, java.net.InetAddress) throws android.net.IpSecManager.ResourceUnavailableException;
    method public android.net.IpSecManager.SecurityParameterIndex reserveSecurityParameterIndex(int, java.net.InetAddress, int) throws android.net.IpSecManager.ResourceUnavailableException, android.net.IpSecManager.SpiUnavailableException;
    field public static final int INVALID_SECURITY_PARAMETER_INDEX = 0; // 0x0
  }
+17 −17
Original line number Diff line number Diff line
@@ -32,7 +32,7 @@ public final class IpSecAlgorithm implements Parcelable {
     *
     * <p>Valid lengths for this key are {128, 192, 256}.
     */
    public static final String ALGO_CRYPT_AES_CBC = "cbc(aes)";
    public static final String CRYPT_AES_CBC = "cbc(aes)";

    /**
     * MD5 HMAC Authentication/Integrity Algorithm. This algorithm is not recommended for use in new
@@ -40,7 +40,7 @@ public final class IpSecAlgorithm implements Parcelable {
     *
     * <p>Valid truncation lengths are multiples of 8 bits from 96 to (default) 128.
     */
    public static final String ALGO_AUTH_HMAC_MD5 = "hmac(md5)";
    public static final String AUTH_HMAC_MD5 = "hmac(md5)";

    /**
     * SHA1 HMAC Authentication/Integrity Algorithm. This algorithm is not recommended for use in
@@ -48,35 +48,35 @@ public final class IpSecAlgorithm implements Parcelable {
     *
     * <p>Valid truncation lengths are multiples of 8 bits from 96 to (default) 160.
     */
    public static final String ALGO_AUTH_HMAC_SHA1 = "hmac(sha1)";
    public static final String AUTH_HMAC_SHA1 = "hmac(sha1)";

    /**
     * SHA256 HMAC Authentication/Integrity Algorithm.
     *
     * <p>Valid truncation lengths are multiples of 8 bits from 96 to (default) 256.
     */
    public static final String ALGO_AUTH_HMAC_SHA256 = "hmac(sha256)";
    public static final String AUTH_HMAC_SHA256 = "hmac(sha256)";

    /**
     * SHA384 HMAC Authentication/Integrity Algorithm.
     *
     * <p>Valid truncation lengths are multiples of 8 bits from 192 to (default) 384.
     */
    public static final String ALGO_AUTH_HMAC_SHA384 = "hmac(sha384)";
    public static final String AUTH_HMAC_SHA384 = "hmac(sha384)";
    /**
     * SHA512 HMAC Authentication/Integrity Algorithm
     *
     * <p>Valid truncation lengths are multiples of 8 bits from 256 to (default) 512.
     */
    public static final String ALGO_AUTH_HMAC_SHA512 = "hmac(sha512)";
    public static final String AUTH_HMAC_SHA512 = "hmac(sha512)";

    /** @hide */
    @StringDef({
        ALGO_CRYPT_AES_CBC,
        ALGO_AUTH_HMAC_MD5,
        ALGO_AUTH_HMAC_SHA1,
        ALGO_AUTH_HMAC_SHA256,
        ALGO_AUTH_HMAC_SHA512
        CRYPT_AES_CBC,
        AUTH_HMAC_MD5,
        AUTH_HMAC_SHA1,
        AUTH_HMAC_SHA256,
        AUTH_HMAC_SHA512
    })
    @Retention(RetentionPolicy.SOURCE)
    public @interface AlgorithmName {}
@@ -164,17 +164,17 @@ public final class IpSecAlgorithm implements Parcelable {

    private static boolean isTruncationLengthValid(String algo, int truncLenBits) {
        switch (algo) {
            case ALGO_CRYPT_AES_CBC:
            case CRYPT_AES_CBC:
                return (truncLenBits == 128 || truncLenBits == 192 || truncLenBits == 256);
            case ALGO_AUTH_HMAC_MD5:
            case AUTH_HMAC_MD5:
                return (truncLenBits >= 96 && truncLenBits <= 128);
            case ALGO_AUTH_HMAC_SHA1:
            case AUTH_HMAC_SHA1:
                return (truncLenBits >= 96 && truncLenBits <= 160);
            case ALGO_AUTH_HMAC_SHA256:
            case AUTH_HMAC_SHA256:
                return (truncLenBits >= 96 && truncLenBits <= 256);
            case ALGO_AUTH_HMAC_SHA384:
            case AUTH_HMAC_SHA384:
                return (truncLenBits >= 192 && truncLenBits <= 384);
            case ALGO_AUTH_HMAC_SHA512:
            case AUTH_HMAC_SHA512:
                return (truncLenBits >= 256 && truncLenBits <= 512);
            default:
                return false;
+30 −1
Original line number Diff line number Diff line
@@ -193,15 +193,44 @@ public final class IpSecManager {
     *
     * @param direction {@link IpSecTransform#DIRECTION_IN} or {@link IpSecTransform#DIRECTION_OUT}
     * @param remoteAddress address of the remote. SPIs must be unique for each remoteAddress.
     * @param requestedSpi the requested SPI, or '0' to allocate a random SPI.
     * @return the reserved SecurityParameterIndex
     * @throws ResourceUnavailableException indicating that too many SPIs are currently allocated
     *     for this user
     * @throws SpiUnavailableException indicating that a particular SPI cannot be reserved
     */
    public SecurityParameterIndex reserveSecurityParameterIndex(
            int direction, InetAddress remoteAddress)
            throws ResourceUnavailableException {
        try {
            return new SecurityParameterIndex(
                    mService,
                    direction,
                    remoteAddress,
                    IpSecManager.INVALID_SECURITY_PARAMETER_INDEX);
        } catch (SpiUnavailableException unlikely) {
            throw new ResourceUnavailableException("No SPIs available");
        }
    }

    /**
     * Reserve an SPI for traffic bound towards the specified remote address.
     *
     * <p>If successful, this SPI is guaranteed available until released by a call to {@link
     * SecurityParameterIndex#close()}.
     *
     * @param direction {@link IpSecTransform#DIRECTION_IN} or {@link IpSecTransform#DIRECTION_OUT}
     * @param remoteAddress address of the remote. SPIs must be unique for each remoteAddress.
     * @param requestedSpi the requested SPI, or '0' to allocate a random SPI.
     * @return the reserved SecurityParameterIndex
     * @throws ResourceUnavailableException indicating that too many SPIs are currently allocated
     *     for this user
     */
    public SecurityParameterIndex reserveSecurityParameterIndex(
            int direction, InetAddress remoteAddress, int requestedSpi)
            throws SpiUnavailableException, ResourceUnavailableException {
        if (requestedSpi == IpSecManager.INVALID_SECURITY_PARAMETER_INDEX) {
            throw new IllegalArgumentException("Requested SPI must be a valid (non-zero) SPI");
        }
        return new SecurityParameterIndex(mService, direction, remoteAddress, requestedSpi);
    }