diff options
Diffstat (limited to 'src/java/com/android/ike/ikev2/IkeSessionOptions.java')
-rw-r--r-- | src/java/com/android/ike/ikev2/IkeSessionOptions.java | 122 |
1 files changed, 122 insertions, 0 deletions
diff --git a/src/java/com/android/ike/ikev2/IkeSessionOptions.java b/src/java/com/android/ike/ikev2/IkeSessionOptions.java new file mode 100644 index 00000000..9f2094f2 --- /dev/null +++ b/src/java/com/android/ike/ikev2/IkeSessionOptions.java @@ -0,0 +1,122 @@ +/* + * Copyright (C) 2019 The Android Open Source Project + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +package com.android.ike.ikev2; + +import android.net.IpSecManager.UdpEncapsulationSocket; + +import com.android.ike.ikev2.message.IkePayload; + +import java.net.InetAddress; +import java.util.LinkedList; +import java.util.List; + +/** + * IkeSessionOptions contains all user provided configurations for negotiating an IKE SA. + * + * <p>TODO: Make this doc more user-friendly. + */ +public final class IkeSessionOptions { + private final InetAddress mServerAddress; + private final UdpEncapsulationSocket mUdpEncapSocket; + private final SaProposal[] mSaProposals; + private final boolean mIsIkeFragmentationSupported; + + private IkeSessionOptions( + InetAddress serverAddress, + UdpEncapsulationSocket udpEncapsulationSocket, + SaProposal[] proposals, + boolean isIkeFragmentationSupported) { + mServerAddress = serverAddress; + mUdpEncapSocket = udpEncapsulationSocket; + mSaProposals = proposals; + mIsIkeFragmentationSupported = isIkeFragmentationSupported; + } + + /** Package private */ + InetAddress getServerAddress() { + return mServerAddress; + } + /** Package private */ + UdpEncapsulationSocket getUdpEncapsulationSocket() { + return mUdpEncapSocket; + } + /** Package private */ + SaProposal[] getSaProposals() { + return mSaProposals; + } + /** Package private */ + boolean isIkeFragmentationSupported() { + return mIsIkeFragmentationSupported; + } + + /** This class can be used to incrementally construct a IkeSessionOptions. */ + public static final class Builder { + private final InetAddress mServerAddress; + private final UdpEncapsulationSocket mUdpEncapSocket; + private final List<SaProposal> mSaProposalList = new LinkedList<>(); + + private boolean mIsIkeFragmentationSupported = false; + + /** + * Returns a new Builder for an IkeSessionOptions. + * + * @param serverAddress IP address of remote IKE server. + * @param udpEncapsulationSocket {@link IpSecManager.UdpEncapsulationSocket} for sending and + * receiving IKE message. + * @return Builder for an IkeSessionOptions. + */ + public Builder(InetAddress serverAddress, UdpEncapsulationSocket udpEncapsulationSocket) { + mServerAddress = serverAddress; + mUdpEncapSocket = udpEncapsulationSocket; + } + + /** + * Adds an IKE SA proposal to IkeSessionOptions being built. + * + * @param proposal IKE SA proposal. + * @return Builder for an IkeSessionOptions. + * @throws IllegalArgumentException if input proposal is not IKE SA proposal. + */ + public Builder addSaProposal(SaProposal proposal) { + if (proposal.getProtocolId() != IkePayload.PROTOCOL_ID_IKE) { + throw new IllegalArgumentException( + "Expected IKE SA Proposal but received Child SA proposal"); + } + mSaProposalList.add(proposal); + return this; + } + + /** + * Validates, builds and returns the IkeSessionOptions + * + * @return IkeSessionOptions the validated IkeSessionOptions + * @throws IllegalStateException if no IKE SA proposal is provided + */ + public IkeSessionOptions build() { + if (mSaProposalList.isEmpty()) { + throw new IllegalArgumentException("IKE SA proposal not found"); + } + return new IkeSessionOptions( + mServerAddress, + mUdpEncapSocket, + mSaProposalList.toArray(new SaProposal[mSaProposalList.size()]), + mIsIkeFragmentationSupported); + } + + // TODO: add methods for supporting IKE fragmentation. + } +} |