diff --git a/core/java/android/net/IpSecAlgorithm.java b/core/java/android/net/IpSecAlgorithm.java index c69a4d4c0b..d9ac981959 100644 --- a/core/java/android/net/IpSecAlgorithm.java +++ b/core/java/android/net/IpSecAlgorithm.java @@ -122,7 +122,7 @@ public final class IpSecAlgorithm implements Parcelable { * @param algorithm name of the algorithm. * @param key key padded to a multiple of 8 bits. */ - public IpSecAlgorithm(@AlgorithmName String algorithm, @NonNull byte[] key) { + public IpSecAlgorithm(@NonNull @AlgorithmName String algorithm, @NonNull byte[] key) { this(algorithm, key, key.length * 8); } @@ -137,7 +137,8 @@ public final class IpSecAlgorithm implements Parcelable { * @param key key padded to a multiple of 8 bits. * @param truncLenBits number of bits of output hash to use. */ - public IpSecAlgorithm(@AlgorithmName String algorithm, @NonNull byte[] key, int truncLenBits) { + public IpSecAlgorithm( + @NonNull @AlgorithmName String algorithm, @NonNull byte[] key, int truncLenBits) { mName = algorithm; mKey = key.clone(); mTruncLenBits = truncLenBits; @@ -145,11 +146,13 @@ public final class IpSecAlgorithm implements Parcelable { } /** Get the algorithm name */ + @NonNull public String getName() { return mName; } /** Get the key for this algorithm */ + @NonNull public byte[] getKey() { return mKey.clone(); } @@ -263,6 +266,7 @@ public final class IpSecAlgorithm implements Parcelable { } @Override + @NonNull public String toString() { return new StringBuilder() .append("{mName=") diff --git a/core/java/android/net/IpSecManager.java b/core/java/android/net/IpSecManager.java index cb4299ef69..4157845d61 100644 --- a/core/java/android/net/IpSecManager.java +++ b/core/java/android/net/IpSecManager.java @@ -253,8 +253,9 @@ public final class IpSecManager { * @throws {@link #ResourceUnavailableException} indicating that too many SPIs are * currently allocated for this user */ - public SecurityParameterIndex allocateSecurityParameterIndex(InetAddress destinationAddress) - throws ResourceUnavailableException { + @NonNull + public SecurityParameterIndex allocateSecurityParameterIndex( + @NonNull InetAddress destinationAddress) throws ResourceUnavailableException { try { return new SecurityParameterIndex( mService, @@ -280,8 +281,9 @@ public final class IpSecManager { * @throws {@link #SpiUnavailableException} indicating that the requested SPI could not be * reserved */ + @NonNull public SecurityParameterIndex allocateSecurityParameterIndex( - InetAddress destinationAddress, int requestedSpi) + @NonNull InetAddress destinationAddress, int requestedSpi) throws SpiUnavailableException, ResourceUnavailableException { if (requestedSpi == IpSecManager.INVALID_SECURITY_PARAMETER_INDEX) { throw new IllegalArgumentException("Requested SPI must be a valid (non-zero) SPI"); @@ -318,9 +320,8 @@ public final class IpSecManager { * @param transform a transport mode {@code IpSecTransform} * @throws IOException indicating that the transform could not be applied */ - public void applyTransportModeTransform( - Socket socket, @PolicyDirection int direction, IpSecTransform transform) - throws IOException { + public void applyTransportModeTransform(@NonNull Socket socket, + @PolicyDirection int direction, @NonNull IpSecTransform transform) throws IOException { applyTransportModeTransform(socket.getFileDescriptor$(), direction, transform); } @@ -353,9 +354,8 @@ public final class IpSecManager { * @param transform a transport mode {@code IpSecTransform} * @throws IOException indicating that the transform could not be applied */ - public void applyTransportModeTransform( - DatagramSocket socket, @PolicyDirection int direction, IpSecTransform transform) - throws IOException { + public void applyTransportModeTransform(@NonNull DatagramSocket socket, + @PolicyDirection int direction, @NonNull IpSecTransform transform) throws IOException { applyTransportModeTransform(socket.getFileDescriptor$(), direction, transform); } @@ -388,9 +388,8 @@ public final class IpSecManager { * @param transform a transport mode {@code IpSecTransform} * @throws IOException indicating that the transform could not be applied */ - public void applyTransportModeTransform( - FileDescriptor socket, @PolicyDirection int direction, IpSecTransform transform) - throws IOException { + public void applyTransportModeTransform(@NonNull FileDescriptor socket, + @PolicyDirection int direction, @NonNull IpSecTransform transform) throws IOException { // We dup() the FileDescriptor here because if we don't, then the ParcelFileDescriptor() // constructor takes control and closes the user's FD when we exit the method. try (ParcelFileDescriptor pfd = ParcelFileDescriptor.dup(socket)) { @@ -413,8 +412,7 @@ public final class IpSecManager { * @param socket a socket that previously had a transform applied to it * @throws IOException indicating that the transform could not be removed from the socket */ - public void removeTransportModeTransforms(Socket socket) - throws IOException { + public void removeTransportModeTransforms(@NonNull Socket socket) throws IOException { removeTransportModeTransforms(socket.getFileDescriptor$()); } @@ -431,8 +429,7 @@ public final class IpSecManager { * @param socket a socket that previously had a transform applied to it * @throws IOException indicating that the transform could not be removed from the socket */ - public void removeTransportModeTransforms(DatagramSocket socket) - throws IOException { + public void removeTransportModeTransforms(@NonNull DatagramSocket socket) throws IOException { removeTransportModeTransforms(socket.getFileDescriptor$()); } @@ -449,8 +446,7 @@ public final class IpSecManager { * @param socket a socket that previously had a transform applied to it * @throws IOException indicating that the transform could not be removed from the socket */ - public void removeTransportModeTransforms(FileDescriptor socket) - throws IOException { + public void removeTransportModeTransforms(@NonNull FileDescriptor socket) throws IOException { try (ParcelFileDescriptor pfd = ParcelFileDescriptor.dup(socket)) { mService.removeTransportModeTransforms(pfd); } catch (RemoteException e) { @@ -588,6 +584,7 @@ public final class IpSecManager { // safely usable for Encapsulation without allowing a user to possibly unbind from/close // the port, which could potentially impact the traffic of the next user who binds to that // socket. + @NonNull public UdpEncapsulationSocket openUdpEncapsulationSocket(int port) throws IOException, ResourceUnavailableException { /* @@ -617,6 +614,7 @@ public final class IpSecManager { // safely usable for Encapsulation without allowing a user to possibly unbind from/close // the port, which could potentially impact the traffic of the next user who binds to that // socket. + @NonNull public UdpEncapsulationSocket openUdpEncapsulationSocket() throws IOException, ResourceUnavailableException { return new UdpEncapsulationSocket(mService, 0); @@ -645,6 +643,7 @@ public final class IpSecManager { private int mResourceId = INVALID_RESOURCE_ID; /** Get the underlying SPI held by this object. */ + @NonNull public String getInterfaceName() { return mInterfaceName; } @@ -659,7 +658,7 @@ public final class IpSecManager { * @hide */ @SystemApi - public void addAddress(LinkAddress address) throws IOException { + public void addAddress(@NonNull LinkAddress address) throws IOException { try { mService.addAddressToTunnelInterface(mResourceId, address); } catch (RemoteException e) { @@ -676,7 +675,7 @@ public final class IpSecManager { * @hide */ @SystemApi - public void removeAddress(LinkAddress address) throws IOException { + public void removeAddress(@NonNull LinkAddress address) throws IOException { try { mService.removeAddressFromTunnelInterface(mResourceId, address); } catch (RemoteException e) { @@ -768,6 +767,7 @@ public final class IpSecManager { * @hide */ @SystemApi + @NonNull @RequiresPermission(android.Manifest.permission.NETWORK_STACK) public IpSecTunnelInterface createIpSecTunnelInterface(@NonNull InetAddress localAddress, @NonNull InetAddress remoteAddress, @NonNull Network underlyingNetwork) @@ -794,8 +794,8 @@ public final class IpSecManager { */ @SystemApi @RequiresPermission(android.Manifest.permission.NETWORK_STACK) - public void applyTunnelModeTransform(IpSecTunnelInterface tunnel, - @PolicyDirection int direction, IpSecTransform transform) throws IOException { + public void applyTunnelModeTransform(@NonNull IpSecTunnelInterface tunnel, + @PolicyDirection int direction, @NonNull IpSecTransform transform) throws IOException { try { mService.applyTunnelModeTransform( tunnel.getResourceId(), direction, transform.getResourceId()); diff --git a/core/java/android/net/IpSecTransform.java b/core/java/android/net/IpSecTransform.java index 60e96f9434..cf58647bbb 100644 --- a/core/java/android/net/IpSecTransform.java +++ b/core/java/android/net/IpSecTransform.java @@ -350,6 +350,7 @@ public final class IpSecTransform implements AutoCloseable { * * @param algo {@link IpSecAlgorithm} specifying the encryption to be applied. */ + @NonNull public IpSecTransform.Builder setEncryption(@NonNull IpSecAlgorithm algo) { // TODO: throw IllegalArgumentException if algo is not an encryption algorithm. Preconditions.checkNotNull(algo); @@ -364,6 +365,7 @@ public final class IpSecTransform implements AutoCloseable { * * @param algo {@link IpSecAlgorithm} specifying the authentication to be applied. */ + @NonNull public IpSecTransform.Builder setAuthentication(@NonNull IpSecAlgorithm algo) { // TODO: throw IllegalArgumentException if algo is not an authentication algorithm. Preconditions.checkNotNull(algo); @@ -384,6 +386,7 @@ public final class IpSecTransform implements AutoCloseable { * @param algo {@link IpSecAlgorithm} specifying the authenticated encryption algorithm to * be applied. */ + @NonNull public IpSecTransform.Builder setAuthenticatedEncryption(@NonNull IpSecAlgorithm algo) { Preconditions.checkNotNull(algo); mConfig.setAuthenticatedEncryption(algo); @@ -403,6 +406,7 @@ public final class IpSecTransform implements AutoCloseable { * @param remotePort the UDP port number of the remote host that will send and receive * encapsulated traffic. In the case of IKEv2, this should be port 4500. */ + @NonNull public IpSecTransform.Builder setIpv4Encapsulation( @NonNull IpSecManager.UdpEncapsulationSocket localSocket, int remotePort) { Preconditions.checkNotNull(localSocket); @@ -436,6 +440,7 @@ public final class IpSecTransform implements AutoCloseable { * collides with an existing transform * @throws IOException indicating other errors */ + @NonNull public IpSecTransform buildTransportModeTransform( @NonNull InetAddress sourceAddress, @NonNull IpSecManager.SecurityParameterIndex spi) @@ -472,6 +477,7 @@ public final class IpSecTransform implements AutoCloseable { * @hide */ @SystemApi + @NonNull @RequiresPermission(android.Manifest.permission.NETWORK_STACK) public IpSecTransform buildTunnelModeTransform( @NonNull InetAddress sourceAddress,