LineageOS/android_packages_modules_Connectivity
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Merge "Support new IpSecAlgorithm AUTH_AES_CMAC"

Browse Source
This commit is contained in:
Yan Yan
2021-03-02 18:24:27 +00:00
committed by Gerrit Code Review
parent eb6ee0b29f 60fe5aa059
commit b101cb51c2
1 changed files with 26 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

26
core/java/android/net/IpSecAlgorithm.java
View File

@@ -145,6 +145,25 @@ public final class IpSecAlgorithm implements Parcelable {
// to be available on devices first shipped with Android 12 or later. // to be available on devices first shipped with Android 12 or later.
public static final String AUTH_AES_XCBC = "xcbc(aes)"; public static final String AUTH_AES_XCBC = "xcbc(aes)";
/**
* AES-CMAC Authentication/Integrity Algorithm.
*
* <p>Keys for this algorithm must be 128 bits in length.
*
* <p>The only valid truncation length is 96 bits.
*
* <p>This algorithm may be available on the device. Caller MUST check if it is supported before
* using it by calling {@link #getSupportedAlgorithms()} and checking if this algorithm is
* included in the returned algorithm set. The returned algorithm set will not change unless the
* device is rebooted. {@link IllegalArgumentException} will be thrown if this algorithm is
* requested on an unsupported device.
*
* <p>@see {@link #getSupportedAlgorithms()}
*/
// This algorithm may be available on devices released before Android 12, and is guaranteed
// to be available on devices first shipped with Android 12 or later.
public static final String AUTH_AES_CMAC = "cmac(aes)";
/** /**
* AES-GCM Authentication/Integrity + Encryption/Ciphering Algorithm. * AES-GCM Authentication/Integrity + Encryption/Ciphering Algorithm.
* *
@@ -191,6 +210,7 @@ public final class IpSecAlgorithm implements Parcelable {
AUTH_HMAC_SHA384, AUTH_HMAC_SHA384,
AUTH_HMAC_SHA512, AUTH_HMAC_SHA512,
AUTH_AES_XCBC, AUTH_AES_XCBC,
AUTH_AES_CMAC,
AUTH_CRYPT_AES_GCM, AUTH_CRYPT_AES_GCM,
AUTH_CRYPT_CHACHA20_POLY1305 AUTH_CRYPT_CHACHA20_POLY1305
}) })
@@ -215,6 +235,7 @@ public final class IpSecAlgorithm implements Parcelable {
// STOPSHIP: b/170424293 Use Build.VERSION_CODES.S when it is defined // STOPSHIP: b/170424293 Use Build.VERSION_CODES.S when it is defined
ALGO_TO_REQUIRED_FIRST_SDK.put(CRYPT_AES_CTR, Build.VERSION_CODES.R + 1); ALGO_TO_REQUIRED_FIRST_SDK.put(CRYPT_AES_CTR, Build.VERSION_CODES.R + 1);
ALGO_TO_REQUIRED_FIRST_SDK.put(AUTH_AES_XCBC, Build.VERSION_CODES.R + 1); ALGO_TO_REQUIRED_FIRST_SDK.put(AUTH_AES_XCBC, Build.VERSION_CODES.R + 1);
ALGO_TO_REQUIRED_FIRST_SDK.put(AUTH_AES_CMAC, Build.VERSION_CODES.R + 1);
ALGO_TO_REQUIRED_FIRST_SDK.put(AUTH_CRYPT_CHACHA20_POLY1305, Build.VERSION_CODES.R + 1); ALGO_TO_REQUIRED_FIRST_SDK.put(AUTH_CRYPT_CHACHA20_POLY1305, Build.VERSION_CODES.R + 1);
} }
@@ -383,6 +404,10 @@ public final class IpSecAlgorithm implements Parcelable {
isValidLen = keyLen == 128; isValidLen = keyLen == 128;
isValidTruncLen = truncLen == 96; isValidTruncLen = truncLen == 96;
break; break;
case AUTH_AES_CMAC:
isValidLen = keyLen == 128;
isValidTruncLen = truncLen == 96;
break;
case AUTH_CRYPT_AES_GCM: case AUTH_CRYPT_AES_GCM:
// The keying material for GCM is a key plus a 32-bit salt // The keying material for GCM is a key plus a 32-bit salt
isValidLen = keyLen == 128 + 32 || keyLen == 192 + 32 || keyLen == 256 + 32; isValidLen = keyLen == 128 + 32 || keyLen == 192 + 32 || keyLen == 256 + 32;
@@ -416,6 +441,7 @@ public final class IpSecAlgorithm implements Parcelable {
case AUTH_HMAC_SHA384: case AUTH_HMAC_SHA384:
case AUTH_HMAC_SHA512: case AUTH_HMAC_SHA512:
case AUTH_AES_XCBC: case AUTH_AES_XCBC:
case AUTH_AES_CMAC:
return true; return true;
default: default:
return false; return false;