-
IpSecConfig
-
TAG: String
-
mMode: int
-
mSourceAddress: String
-
mDestinationAddress: String
-
mNetwork: Network
-
mSpiResourceId: int
-
mEncryption: IpSecAlgorithm
-
mAuthentication: IpSecAlgorithm
-
mAuthenticatedEncryption: IpSecAlgorithm
-
mEncapType: int
-
mEncapSocketResourceId: int
-
mEncapRemotePort: int
-
mNattKeepaliveInterval: int
-
mMarkValue: int
-
mMarkMask: int
-
setMode(int): void
-
setSourceAddress(String): void
-
setDestinationAddress(String): void
-
setSpiResourceId(int): void
-
setEncryption(IpSecAlgorithm): void
-
setAuthentication(IpSecAlgorithm): void
-
setAuthenticatedEncryption(IpSecAlgorithm): void
-
setNetwork(Network): void
-
setEncapType(int): void
-
setEncapSocketResourceId(int): void
-
setEncapRemotePort(int): void
-
setNattKeepaliveInterval(int): void
-
setMarkValue(int): void
-
setMarkMask(int): void
-
getMode(): int
-
getSourceAddress(): String
-
getSpiResourceId(): int
-
getDestinationAddress(): String
-
getEncryption(): IpSecAlgorithm
-
getAuthentication(): IpSecAlgorithm
-
getAuthenticatedEncryption(): IpSecAlgorithm
-
getNetwork(): Network
-
getEncapType(): int
-
getEncapSocketResourceId(): int
-
getEncapRemotePort(): int
-
getNattKeepaliveInterval(): int
-
getMarkValue(): int
-
getMarkMask(): int
-
describeContents(): int
-
writeToParcel(Parcel, int): void
-
IpSecConfig(): void
-
IpSecConfig(IpSecConfig): void
-
IpSecConfig(Parcel): void
-
toString(): String
-
CREATOR: Creator<IpSecConfig>
-
equals(IpSecConfig, IpSecConfig): boolean
-
/*
* Copyright (C) 2017 The Android Open Source Project
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
package android.net;
import android.os.Parcel;
import android.os.Parcelable;
import com.android.internal.annotations.VisibleForTesting;
This class encapsulates all the configuration parameters needed to create IPsec transforms and
policies.
@hide
/**
* This class encapsulates all the configuration parameters needed to create IPsec transforms and
* policies.
*
* @hide
*/
public final class IpSecConfig implements Parcelable {
private static final String TAG = "IpSecConfig";
// MODE_TRANSPORT or MODE_TUNNEL
private int mMode = IpSecTransform.MODE_TRANSPORT;
// Preventing this from being null simplifies Java->Native binder
private String mSourceAddress = "";
// Preventing this from being null simplifies Java->Native binder
private String mDestinationAddress = "";
// The underlying Network that represents the "gateway" Network
// for outbound packets. It may also be used to select packets.
private Network mNetwork;
// Minimum requirements for identifying a transform
// SPI identifying the IPsec SA in packet processing
// and a destination IP address
private int mSpiResourceId = IpSecManager.INVALID_RESOURCE_ID;
// Encryption Algorithm
private IpSecAlgorithm mEncryption;
// Authentication Algorithm
private IpSecAlgorithm mAuthentication;
// Authenticated Encryption Algorithm
private IpSecAlgorithm mAuthenticatedEncryption;
// For tunnel mode IPv4 UDP Encapsulation
// IpSecTransform#ENCAP_ESP_*, such as ENCAP_ESP_OVER_UDP_IKE
private int mEncapType = IpSecTransform.ENCAP_NONE;
private int mEncapSocketResourceId = IpSecManager.INVALID_RESOURCE_ID;
private int mEncapRemotePort;
// An interval, in seconds between the NattKeepalive packets
private int mNattKeepaliveInterval;
// XFRM mark and mask
private int mMarkValue;
private int mMarkMask;
Set the mode for this IPsec transform /** Set the mode for this IPsec transform */
public void setMode(int mode) {
mMode = mode;
}
Set the source IP addres for this IPsec transform /** Set the source IP addres for this IPsec transform */
public void setSourceAddress(String sourceAddress) {
mSourceAddress = sourceAddress;
}
Set the destination IP address for this IPsec transform /** Set the destination IP address for this IPsec transform */
public void setDestinationAddress(String destinationAddress) {
mDestinationAddress = destinationAddress;
}
Set the SPI by resource ID /** Set the SPI by resource ID */
public void setSpiResourceId(int resourceId) {
mSpiResourceId = resourceId;
}
Set the encryption algorithm /** Set the encryption algorithm */
public void setEncryption(IpSecAlgorithm encryption) {
mEncryption = encryption;
}
Set the authentication algorithm /** Set the authentication algorithm */
public void setAuthentication(IpSecAlgorithm authentication) {
mAuthentication = authentication;
}
Set the authenticated encryption algorithm /** Set the authenticated encryption algorithm */
public void setAuthenticatedEncryption(IpSecAlgorithm authenticatedEncryption) {
mAuthenticatedEncryption = authenticatedEncryption;
}
Set the underlying network that will carry traffic for this transform /** Set the underlying network that will carry traffic for this transform */
public void setNetwork(Network network) {
mNetwork = network;
}
public void setEncapType(int encapType) {
mEncapType = encapType;
}
public void setEncapSocketResourceId(int resourceId) {
mEncapSocketResourceId = resourceId;
}
public void setEncapRemotePort(int port) {
mEncapRemotePort = port;
}
public void setNattKeepaliveInterval(int interval) {
mNattKeepaliveInterval = interval;
}
public void setMarkValue(int mark) {
mMarkValue = mark;
}
public void setMarkMask(int mask) {
mMarkMask = mask;
}
// Transport or Tunnel
public int getMode() {
return mMode;
}
public String getSourceAddress() {
return mSourceAddress;
}
public int getSpiResourceId() {
return mSpiResourceId;
}
public String getDestinationAddress() {
return mDestinationAddress;
}
public IpSecAlgorithm getEncryption() {
return mEncryption;
}
public IpSecAlgorithm getAuthentication() {
return mAuthentication;
}
public IpSecAlgorithm getAuthenticatedEncryption() {
return mAuthenticatedEncryption;
}
public Network getNetwork() {
return mNetwork;
}
public int getEncapType() {
return mEncapType;
}
public int getEncapSocketResourceId() {
return mEncapSocketResourceId;
}
public int getEncapRemotePort() {
return mEncapRemotePort;
}
public int getNattKeepaliveInterval() {
return mNattKeepaliveInterval;
}
public int getMarkValue() {
return mMarkValue;
}
public int getMarkMask() {
return mMarkMask;
}
// Parcelable Methods
@Override
public int describeContents() {
return 0;
}
@Override
public void writeToParcel(Parcel out, int flags) {
out.writeInt(mMode);
out.writeString(mSourceAddress);
out.writeString(mDestinationAddress);
out.writeParcelable(mNetwork, flags);
out.writeInt(mSpiResourceId);
out.writeParcelable(mEncryption, flags);
out.writeParcelable(mAuthentication, flags);
out.writeParcelable(mAuthenticatedEncryption, flags);
out.writeInt(mEncapType);
out.writeInt(mEncapSocketResourceId);
out.writeInt(mEncapRemotePort);
out.writeInt(mNattKeepaliveInterval);
out.writeInt(mMarkValue);
out.writeInt(mMarkMask);
}
@VisibleForTesting
public IpSecConfig() {}
Copy constructor /** Copy constructor */
@VisibleForTesting
public IpSecConfig(IpSecConfig c) {
mMode = c.mMode;
mSourceAddress = c.mSourceAddress;
mDestinationAddress = c.mDestinationAddress;
mNetwork = c.mNetwork;
mSpiResourceId = c.mSpiResourceId;
mEncryption = c.mEncryption;
mAuthentication = c.mAuthentication;
mAuthenticatedEncryption = c.mAuthenticatedEncryption;
mEncapType = c.mEncapType;
mEncapSocketResourceId = c.mEncapSocketResourceId;
mEncapRemotePort = c.mEncapRemotePort;
mNattKeepaliveInterval = c.mNattKeepaliveInterval;
mMarkValue = c.mMarkValue;
mMarkMask = c.mMarkMask;
}
private IpSecConfig(Parcel in) {
mMode = in.readInt();
mSourceAddress = in.readString();
mDestinationAddress = in.readString();
mNetwork = (Network) in.readParcelable(Network.class.getClassLoader());
mSpiResourceId = in.readInt();
mEncryption =
(IpSecAlgorithm) in.readParcelable(IpSecAlgorithm.class.getClassLoader());
mAuthentication =
(IpSecAlgorithm) in.readParcelable(IpSecAlgorithm.class.getClassLoader());
mAuthenticatedEncryption =
(IpSecAlgorithm) in.readParcelable(IpSecAlgorithm.class.getClassLoader());
mEncapType = in.readInt();
mEncapSocketResourceId = in.readInt();
mEncapRemotePort = in.readInt();
mNattKeepaliveInterval = in.readInt();
mMarkValue = in.readInt();
mMarkMask = in.readInt();
}
@Override
public String toString() {
StringBuilder strBuilder = new StringBuilder();
strBuilder
.append("{mMode=")
.append(mMode == IpSecTransform.MODE_TUNNEL ? "TUNNEL" : "TRANSPORT")
.append(", mSourceAddress=")
.append(mSourceAddress)
.append(", mDestinationAddress=")
.append(mDestinationAddress)
.append(", mNetwork=")
.append(mNetwork)
.append(", mEncapType=")
.append(mEncapType)
.append(", mEncapSocketResourceId=")
.append(mEncapSocketResourceId)
.append(", mEncapRemotePort=")
.append(mEncapRemotePort)
.append(", mNattKeepaliveInterval=")
.append(mNattKeepaliveInterval)
.append("{mSpiResourceId=")
.append(mSpiResourceId)
.append(", mEncryption=")
.append(mEncryption)
.append(", mAuthentication=")
.append(mAuthentication)
.append(", mAuthenticatedEncryption=")
.append(mAuthenticatedEncryption)
.append(", mMarkValue=")
.append(mMarkValue)
.append(", mMarkMask=")
.append(mMarkMask)
.append("}");
return strBuilder.toString();
}
public static final Parcelable.Creator<IpSecConfig> CREATOR =
new Parcelable.Creator<IpSecConfig>() {
public IpSecConfig createFromParcel(Parcel in) {
return new IpSecConfig(in);
}
public IpSecConfig[] newArray(int size) {
return new IpSecConfig[size];
}
};
@VisibleForTesting
/** Equals method used for testing */
public static boolean equals(IpSecConfig lhs, IpSecConfig rhs) {
if (lhs == null || rhs == null) return (lhs == rhs);
return (lhs.mMode == rhs.mMode
&& lhs.mSourceAddress.equals(rhs.mSourceAddress)
&& lhs.mDestinationAddress.equals(rhs.mDestinationAddress)
&& ((lhs.mNetwork != null && lhs.mNetwork.equals(rhs.mNetwork))
|| (lhs.mNetwork == rhs.mNetwork))
&& lhs.mEncapType == rhs.mEncapType
&& lhs.mEncapSocketResourceId == rhs.mEncapSocketResourceId
&& lhs.mEncapRemotePort == rhs.mEncapRemotePort
&& lhs.mNattKeepaliveInterval == rhs.mNattKeepaliveInterval
&& lhs.mSpiResourceId == rhs.mSpiResourceId
&& IpSecAlgorithm.equals(lhs.mEncryption, rhs.mEncryption)
&& IpSecAlgorithm.equals(
lhs.mAuthenticatedEncryption, rhs.mAuthenticatedEncryption)
&& IpSecAlgorithm.equals(lhs.mAuthentication, rhs.mAuthentication)
&& lhs.mMarkValue == rhs.mMarkValue
&& lhs.mMarkMask == rhs.mMarkMask);
}
}