1 files changed, 0 insertions, 189 deletions
diff --git a/src/java/com/android/internal/net/ipsec/ike/crypto/IkeMacIntegrity.java b/src/java/com/android/internal/net/ipsec/ike/crypto/IkeMacIntegrity.java
deleted file mode 100644
index 8f2173f6..00000000
--- a/src/java/com/android/internal/net/ipsec/ike/crypto/IkeMacIntegrity.java
+++ /dev/null
@@ -1,189 +0,0 @@
-/*
- * Copyright (C) 2019 The Android Open Source Project
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- *      http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-package com.android.internal.net.ipsec.ike.crypto;
-
-import android.net.IpSecAlgorithm;
-import android.net.ipsec.ike.SaProposal;
-
-import com.android.internal.net.ipsec.ike.message.IkeSaPayload.IntegrityTransform;
-
-import java.security.Provider;
-import java.util.Arrays;
-
-import javax.crypto.Cipher;
-import javax.crypto.Mac;
-
-/**
- * IkeMacIntegrity represents a negotiated integrity algorithm.
- *
- * <p>For integrity algorithms based on encryption algorithm, all operations will be done by a
- * {@link Cipher}. Otherwise, all operations will be done by a {@link Mac}.
- *
- * <p>@see <a href="https://tools.ietf.org/html/rfc7296#section-3.3.2">RFC 7296, Internet Key
- * Exchange Protocol Version 2 (IKEv2)</a>
- */
-public class IkeMacIntegrity extends IkeMac {
-    // STOPSHIP: b/130190639 Catch unchecked exceptions, notify users and close the IKE session.
-    private final int mChecksumLength;
-
-    private IkeMacIntegrity(
-            @SaProposal.IntegrityAlgorithm int algorithmId,
-            int keyLength,
-            String algorithmName,
-            boolean isEncryptAlgo,
-            Provider provider,
-            int checksumLength) {
-        super(algorithmId, keyLength, algorithmName, isEncryptAlgo, provider);
-        mChecksumLength = checksumLength;
-    }
-
-    /**
-     * Construct an instance of IkeMacIntegrity.
-     *
-     * @param integrityTransform the valid negotiated IntegrityTransform.
-     * @param provider the security provider.
-     * @return an instance of IkeMacIntegrity.
-     */
-    public static IkeMacIntegrity create(IntegrityTransform integrityTransform, Provider provider) {
-        int algorithmId = integrityTransform.id;
-
-        int keyLength = 0;
-        String algorithmName = "";
-        boolean isEncryptAlgo = false;
-        int checksumLength = 0;
-
-        switch (algorithmId) {
-            case SaProposal.INTEGRITY_ALGORITHM_NONE:
-                throw new IllegalArgumentException("Integrity algorithm is not found.");
-            case SaProposal.INTEGRITY_ALGORITHM_HMAC_SHA1_96:
-                keyLength = 20;
-                algorithmName = "HmacSHA1";
-                checksumLength = 12;
-                break;
-            case SaProposal.INTEGRITY_ALGORITHM_AES_XCBC_96:
-                keyLength = 16;
-                isEncryptAlgo = true;
-                checksumLength = 12;
-
-                // TODO:Set mAlgorithmName
-                throw new UnsupportedOperationException(
-                        "Do not support INTEGRITY_ALGORITHM_AES_XCBC_96.");
-            case SaProposal.INTEGRITY_ALGORITHM_HMAC_SHA2_256_128:
-                keyLength = 32;
-                algorithmName = "HmacSHA256";
-                checksumLength = 16;
-                break;
-            case SaProposal.INTEGRITY_ALGORITHM_HMAC_SHA2_384_192:
-                keyLength = 48;
-                algorithmName = "HmacSHA384";
-                checksumLength = 24;
-                break;
-            case SaProposal.INTEGRITY_ALGORITHM_HMAC_SHA2_512_256:
-                keyLength = 64;
-                algorithmName = "HmacSHA512";
-                checksumLength = 32;
-                break;
-            default:
-                throw new IllegalArgumentException(
-                        "Unrecognized Integrity Algorithm ID: " + algorithmId);
-        }
-
-        return new IkeMacIntegrity(
-                algorithmId, keyLength, algorithmName, isEncryptAlgo, provider, checksumLength);
-    }
-
-    /**
-     * Gets integrity checksum length (in bytes).
-     *
-     * <p>IKE defines a fixed truncation length for each integirty algorithm as its checksum length.
-     *
-     * @return the integrity checksum length (in bytes).
-     */
-    public int getChecksumLen() {
-        return mChecksumLength;
-    }
-
-    /**
-     * Signs the bytes to generate an integrity checksum.
-     *
-     * @param keyBytes the negotiated integrity key.
-     * @param dataToAuthenticate the data to authenticate.
-     * @return the integrity checksum.
-     */
-    public byte[] generateChecksum(byte[] keyBytes, byte[] dataToAuthenticate) {
-        if (getKeyLength() != keyBytes.length) {
-            throw new IllegalArgumentException(
-                    "Expected key length: "
-                            + getKeyLength()
-                            + " Received key length: "
-                            + keyBytes.length);
-        }
-
-        byte[] signedBytes = signBytes(keyBytes, dataToAuthenticate);
-        return Arrays.copyOfRange(signedBytes, 0, mChecksumLength);
-    }
-
-    /**
-     * Build IpSecAlgorithm from this IkeMacIntegrity.
-     *
-     * <p>Build IpSecAlgorithm that represents the same integrity algorithm with this
-     * IkeMacIntegrity instance with provided integrity key.
-     *
-     * @param key the integrity key in byte array.
-     * @return the IpSecAlgorithm.
-     */
-    public IpSecAlgorithm buildIpSecAlgorithmWithKey(byte[] key) {
-        if (key.length != getKeyLength()) {
-            throw new IllegalArgumentException(
-                    "Expected key with length of : "
-                            + getKeyLength()
-                            + " Received key with length of : "
-                            + key.length);
-        }
-
-        switch (getAlgorithmId()) {
-            case SaProposal.INTEGRITY_ALGORITHM_HMAC_SHA1_96:
-                return new IpSecAlgorithm(IpSecAlgorithm.AUTH_HMAC_SHA1, key, mChecksumLength * 8);
-            case SaProposal.INTEGRITY_ALGORITHM_AES_XCBC_96:
-                // TODO:Consider supporting AES128_XCBC in IpSecTransform.
-                throw new IllegalArgumentException(
-                        "Do not support IpSecAlgorithm with AES128_XCBC.");
-            case SaProposal.INTEGRITY_ALGORITHM_HMAC_SHA2_256_128:
-                return new IpSecAlgorithm(
-                        IpSecAlgorithm.AUTH_HMAC_SHA256, key, mChecksumLength * 8);
-            case SaProposal.INTEGRITY_ALGORITHM_HMAC_SHA2_384_192:
-                return new IpSecAlgorithm(
-                        IpSecAlgorithm.AUTH_HMAC_SHA384, key, mChecksumLength * 8);
-            case SaProposal.INTEGRITY_ALGORITHM_HMAC_SHA2_512_256:
-                return new IpSecAlgorithm(
-                        IpSecAlgorithm.AUTH_HMAC_SHA512, key, mChecksumLength * 8);
-            default:
-                throw new IllegalArgumentException(
-                        "Unrecognized Integrity Algorithm ID: " + getAlgorithmId());
-        }
-    }
-
-    /**
-     * Returns algorithm type as a String.
-     *
-     * @return the algorithm type as a String.
-     */
-    @Override
-    public String getTypeString() {
-        return "Integrity Algorithm.";
-    }
-}