diff options
| author | 2021-04-22 08:39:20 +0000 | |
|---|---|---|
| committer | 2021-04-22 08:39:20 +0000 | |
| commit | bc545c8a8a26d749fc0ed0f5f2e521517147c28a (patch) | |
| tree | e763b3ea998fe6e97db0ee8bc3e835a52100ad86 | |
| parent | 2984d87873692e3b2ae286afc4aaa9bd428d6c20 (diff) | |
| parent | 4eaa894d849f2a14e04e14fb47cff38cb7015c1a (diff) | |
Merge changes from topics "encrypted-tunnel-interface", "iketunnelparams", "vcn-encrypted-tunnel"
* changes:
Replace VcnControlPlaneConfig with TunnelConnectionParams
Convert TunnelConnectionParams to/from PersistableBundle
Create TunnelConnectionParams interface
13 files changed, 263 insertions, 442 deletions
diff --git a/core/api/current.txt b/core/api/current.txt index 5bc749f2356c..4968a5f0b174 100644 --- a/core/api/current.txt +++ b/core/api/current.txt @@ -25138,6 +25138,9 @@ package android.net { field public static final int UNSUPPORTED = -1; // 0xffffffff } + public interface TunnelConnectionParams { + } + public abstract class Uri implements java.lang.Comparable<android.net.Uri> android.os.Parcelable { method public abstract android.net.Uri.Builder buildUpon(); method public int compareTo(android.net.Uri); @@ -25698,15 +25701,6 @@ package android.net.vcn { method @NonNull public android.net.vcn.VcnConfig build(); } - public abstract class VcnControlPlaneConfig { - } - - public final class VcnControlPlaneIkeConfig extends android.net.vcn.VcnControlPlaneConfig { - ctor public VcnControlPlaneIkeConfig(@NonNull android.net.ipsec.ike.IkeSessionParams, @NonNull android.net.ipsec.ike.TunnelModeChildSessionParams); - method @NonNull public android.net.ipsec.ike.TunnelModeChildSessionParams getChildSessionParams(); - method @NonNull public android.net.ipsec.ike.IkeSessionParams getIkeSessionParams(); - } - public final class VcnGatewayConnectionConfig { method @NonNull public int[] getExposedCapabilities(); method @NonNull public String getGatewayConnectionName(); @@ -25715,7 +25709,7 @@ package android.net.vcn { } public static final class VcnGatewayConnectionConfig.Builder { - ctor public VcnGatewayConnectionConfig.Builder(@NonNull String, @NonNull android.net.vcn.VcnControlPlaneConfig); + ctor public VcnGatewayConnectionConfig.Builder(@NonNull String, @NonNull android.net.TunnelConnectionParams); method @NonNull public android.net.vcn.VcnGatewayConnectionConfig.Builder addExposedCapability(int); method @NonNull public android.net.vcn.VcnGatewayConnectionConfig build(); method @NonNull public android.net.vcn.VcnGatewayConnectionConfig.Builder removeExposedCapability(int); diff --git a/core/java/android/net/TunnelConnectionParams.java b/core/java/android/net/TunnelConnectionParams.java new file mode 100644 index 000000000000..f5b35395b0bf --- /dev/null +++ b/core/java/android/net/TunnelConnectionParams.java @@ -0,0 +1,29 @@ +/* + * Copyright (C) 2021 The Android Open Source Project + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +package android.net; + +/** + * TunnelConnectionParams represents a configuration to set up a tunnel connection. + * + * <p>Concrete implementations for a control plane protocol should implement this interface. + * Subclasses should be immutable data classes containing connection, authentication and + * authorization parameters required to establish a tunnel connection. + * + * @see android.net.ipsec.ike.IkeTunnelConnectionParams + */ +// TODO:b/186071626 Remove TunnelConnectionParams when non-updatable API stub can resolve +// IkeTunnelConnectionParams +public interface TunnelConnectionParams {} diff --git a/core/java/android/net/vcn/VcnControlPlaneConfig.java b/core/java/android/net/vcn/VcnControlPlaneConfig.java deleted file mode 100644 index 92f6c4440377..000000000000 --- a/core/java/android/net/vcn/VcnControlPlaneConfig.java +++ /dev/null @@ -1,112 +0,0 @@ -/* - * Copyright (C) 2021 The Android Open Source Project - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ -package android.net.vcn; - -import android.annotation.IntDef; -import android.annotation.NonNull; -import android.os.PersistableBundle; - -import java.lang.annotation.Retention; -import java.lang.annotation.RetentionPolicy; -import java.util.Objects; - -/** - * This class represents a control plane configuration for a Virtual Carrier Network connection. - * - * <p>Each {@link VcnGatewayConnectionConfig} must have a {@link VcnControlPlaneConfig}, containing - * all connection, authentication and authorization parameters required to establish a Gateway - * Connection with a remote endpoint. - * - * <p>A {@link VcnControlPlaneConfig} object can be shared by multiple {@link - * VcnGatewayConnectionConfig}(s) if they will used for connecting with the same remote endpoint. - * - * @see VcnManager - * @see VcnGatewayConnectionConfig - */ -public abstract class VcnControlPlaneConfig { - /** @hide */ - @Retention(RetentionPolicy.SOURCE) - @IntDef({CONFIG_TYPE_IKE}) - public @interface ConfigType {} - - /** @hide */ - public static final int CONFIG_TYPE_IKE = 1; - - private static final String CONFIG_TYPE_KEY = "mConfigType"; - @ConfigType private final int mConfigType; - - /** - * Package private constructor. - * - * @hide - */ - VcnControlPlaneConfig(int configType) { - mConfigType = configType; - } - - /** - * Constructs a VcnControlPlaneConfig object by deserializing a PersistableBundle. - * - * @param in the {@link PersistableBundle} containing an {@link VcnControlPlaneConfig} object - * @hide - */ - public static VcnControlPlaneConfig fromPersistableBundle(@NonNull PersistableBundle in) { - Objects.requireNonNull(in, "PersistableBundle was null"); - - int configType = in.getInt(CONFIG_TYPE_KEY); - switch (configType) { - case CONFIG_TYPE_IKE: - return new VcnControlPlaneIkeConfig(in); - default: - throw new IllegalStateException("Unrecognized configType: " + configType); - } - } - - /** - * Converts this VcnControlPlaneConfig to a PersistableBundle. - * - * @hide - */ - @NonNull - public PersistableBundle toPersistableBundle() { - final PersistableBundle result = new PersistableBundle(); - result.putInt(CONFIG_TYPE_KEY, mConfigType); - return result; - } - - /** @hide */ - @Override - public int hashCode() { - return Objects.hash(mConfigType); - } - - /** @hide */ - @Override - public boolean equals(Object o) { - if (!(o instanceof VcnControlPlaneConfig)) { - return false; - } - - return mConfigType == ((VcnControlPlaneConfig) o).mConfigType; - } - - /** - * Returns a deep copy of this object. - * - * @hide - */ - public abstract VcnControlPlaneConfig copy(); -} diff --git a/core/java/android/net/vcn/VcnControlPlaneIkeConfig.java b/core/java/android/net/vcn/VcnControlPlaneIkeConfig.java deleted file mode 100644 index 22d7faf2fe18..000000000000 --- a/core/java/android/net/vcn/VcnControlPlaneIkeConfig.java +++ /dev/null @@ -1,158 +0,0 @@ -/* - * Copyright (C) 2021 The Android Open Source Project - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ - -package android.net.vcn; - -import static android.net.vcn.VcnControlPlaneConfig.CONFIG_TYPE_IKE; - -import android.annotation.NonNull; -import android.net.ipsec.ike.IkeSessionParams; -import android.net.ipsec.ike.TunnelModeChildSessionParams; -import android.net.vcn.persistablebundleutils.IkeSessionParamsUtils; -import android.net.vcn.persistablebundleutils.TunnelModeChildSessionParamsUtils; -import android.os.PersistableBundle; -import android.util.ArraySet; -import android.util.Log; - -import java.util.Objects; - -/** - * This class is an IKEv2 control plane configuration for a Virtual Carrier Network connection. - * - * <p>This class is an extension of the {@link VcnControlPlaneConfig}, containing IKEv2-specific - * configuration, authentication and authorization parameters. - * - * @see VcnControlPlaneConfig - */ -public final class VcnControlPlaneIkeConfig extends VcnControlPlaneConfig { - private static final String TAG = VcnControlPlaneIkeConfig.class.getSimpleName(); - - private static final String IKE_PARAMS_KEY = "mIkeParams"; - @NonNull private final IkeSessionParams mIkeParams; - - private static final String CHILD_PARAMS_KEY = "mChildParams"; - @NonNull private final TunnelModeChildSessionParams mChildParams; - - private static final ArraySet<String> BUNDLE_KEY_SET = new ArraySet<>(); - - { - BUNDLE_KEY_SET.add(IKE_PARAMS_KEY); - BUNDLE_KEY_SET.add(CHILD_PARAMS_KEY); - } - - /** - * Constructs a VcnControlPlaneIkeConfig object. - * - * @param ikeParams the IKE Session negotiation parameters - * @param childParams the tunnel mode Child Session negotiation parameters - */ - public VcnControlPlaneIkeConfig( - @NonNull IkeSessionParams ikeParams, - @NonNull TunnelModeChildSessionParams childParams) { - super(CONFIG_TYPE_IKE); - mIkeParams = ikeParams; - mChildParams = childParams; - validate(); - } - - /** - * Constructs a VcnControlPlaneIkeConfig object by deserializing a PersistableBundle. - * - * @param in the {@link PersistableBundle} containing an {@link VcnControlPlaneIkeConfig} object - * @hide - */ - public VcnControlPlaneIkeConfig(@NonNull PersistableBundle in) { - super(CONFIG_TYPE_IKE); - final PersistableBundle ikeParamsBundle = in.getPersistableBundle(IKE_PARAMS_KEY); - final PersistableBundle childParamsBundle = in.getPersistableBundle(CHILD_PARAMS_KEY); - - Objects.requireNonNull(ikeParamsBundle, "IKE Session Params was null"); - Objects.requireNonNull(childParamsBundle, "Child Session Params was null"); - - mIkeParams = IkeSessionParamsUtils.fromPersistableBundle(ikeParamsBundle); - mChildParams = TunnelModeChildSessionParamsUtils.fromPersistableBundle(childParamsBundle); - - for (String key : in.keySet()) { - if (!BUNDLE_KEY_SET.contains(key)) { - Log.w(TAG, "Found an unexpected key in the PersistableBundle: " + key); - } - } - - validate(); - } - - private void validate() { - Objects.requireNonNull(mIkeParams, "mIkeParams was null"); - Objects.requireNonNull(mChildParams, "mChildParams was null"); - } - - /** - * Converts this VcnControlPlaneConfig to a PersistableBundle. - * - * @hide - */ - @Override - @NonNull - public PersistableBundle toPersistableBundle() { - final PersistableBundle result = super.toPersistableBundle(); - result.putPersistableBundle( - IKE_PARAMS_KEY, IkeSessionParamsUtils.toPersistableBundle(mIkeParams)); - result.putPersistableBundle( - CHILD_PARAMS_KEY, - TunnelModeChildSessionParamsUtils.toPersistableBundle(mChildParams)); - return result; - } - - /** Retrieves the IKE Session configuration. */ - @NonNull - public IkeSessionParams getIkeSessionParams() { - return mIkeParams; - } - - /** Retrieves the tunnel mode Child Session configuration. */ - @NonNull - public TunnelModeChildSessionParams getChildSessionParams() { - return mChildParams; - } - - /** @hide */ - @Override - public int hashCode() { - return Objects.hash(super.hashCode(), mIkeParams, mChildParams); - } - - /** @hide */ - @Override - public boolean equals(Object o) { - if (!(o instanceof VcnControlPlaneIkeConfig)) { - return false; - } - - VcnControlPlaneIkeConfig other = (VcnControlPlaneIkeConfig) o; - - return super.equals(o) - && Objects.equals(mIkeParams, other.mIkeParams) - && Objects.equals(mChildParams, other.mChildParams); - } - - /** @hide */ - @Override - public VcnControlPlaneConfig copy() { - return new VcnControlPlaneIkeConfig( - new IkeSessionParams.Builder(mIkeParams).build(), - new TunnelModeChildSessionParams.Builder(mChildParams).build()); - } -} diff --git a/core/java/android/net/vcn/VcnGatewayConnectionConfig.java b/core/java/android/net/vcn/VcnGatewayConnectionConfig.java index 649e75e61268..adcbe2542ab6 100644 --- a/core/java/android/net/vcn/VcnGatewayConnectionConfig.java +++ b/core/java/android/net/vcn/VcnGatewayConnectionConfig.java @@ -24,6 +24,8 @@ import android.annotation.Nullable; import android.annotation.SuppressLint; import android.net.Network; import android.net.NetworkCapabilities; +import android.net.TunnelConnectionParams; +import android.net.vcn.persistablebundleutils.TunnelConnectionParamsUtils; import android.os.PersistableBundle; import android.util.ArraySet; @@ -151,8 +153,8 @@ public final class VcnGatewayConnectionConfig { private static final String GATEWAY_CONNECTION_NAME_KEY = "mGatewayConnectionName"; @NonNull private final String mGatewayConnectionName; - private static final String CTRL_PLANE_CONFIG_KEY = "mCtrlPlaneConfig"; - @NonNull private VcnControlPlaneConfig mCtrlPlaneConfig; + private static final String TUNNEL_CONNECTION_PARAMS_KEY = "mTunnelConnectionParams"; + @NonNull private TunnelConnectionParams mTunnelConnectionParams; private static final String EXPOSED_CAPABILITIES_KEY = "mExposedCapabilities"; @NonNull private final SortedSet<Integer> mExposedCapabilities; @@ -169,13 +171,13 @@ public final class VcnGatewayConnectionConfig { /** Builds a VcnGatewayConnectionConfig with the specified parameters. */ private VcnGatewayConnectionConfig( @NonNull String gatewayConnectionName, - @NonNull VcnControlPlaneConfig ctrlPlaneConfig, + @NonNull TunnelConnectionParams tunnelConnectionParams, @NonNull Set<Integer> exposedCapabilities, @NonNull Set<Integer> underlyingCapabilities, @NonNull long[] retryIntervalsMs, @IntRange(from = MIN_MTU_V6) int maxMtu) { mGatewayConnectionName = gatewayConnectionName; - mCtrlPlaneConfig = ctrlPlaneConfig; + mTunnelConnectionParams = tunnelConnectionParams; mExposedCapabilities = new TreeSet(exposedCapabilities); mUnderlyingCapabilities = new TreeSet(underlyingCapabilities); mRetryIntervalsMs = retryIntervalsMs; @@ -187,9 +189,10 @@ public final class VcnGatewayConnectionConfig { /** @hide */ @VisibleForTesting(visibility = Visibility.PRIVATE) public VcnGatewayConnectionConfig(@NonNull PersistableBundle in) { - final PersistableBundle ctrlPlaneConfigBundle = - in.getPersistableBundle(CTRL_PLANE_CONFIG_KEY); - Objects.requireNonNull(ctrlPlaneConfigBundle, "ctrlPlaneConfigBundle was null"); + final PersistableBundle tunnelConnectionParamsBundle = + in.getPersistableBundle(TUNNEL_CONNECTION_PARAMS_KEY); + Objects.requireNonNull( + tunnelConnectionParamsBundle, "tunnelConnectionParamsBundle was null"); final PersistableBundle exposedCapsBundle = in.getPersistableBundle(EXPOSED_CAPABILITIES_KEY); @@ -197,7 +200,8 @@ public final class VcnGatewayConnectionConfig { in.getPersistableBundle(UNDERLYING_CAPABILITIES_KEY); mGatewayConnectionName = in.getString(GATEWAY_CONNECTION_NAME_KEY); - mCtrlPlaneConfig = VcnControlPlaneConfig.fromPersistableBundle(ctrlPlaneConfigBundle); + mTunnelConnectionParams = + TunnelConnectionParamsUtils.fromPersistableBundle(tunnelConnectionParamsBundle); mExposedCapabilities = new TreeSet<>(PersistableBundleUtils.toList( exposedCapsBundle, PersistableBundleUtils.INTEGER_DESERIALIZER)); mUnderlyingCapabilities = new TreeSet<>(PersistableBundleUtils.toList( @@ -210,7 +214,7 @@ public final class VcnGatewayConnectionConfig { private void validate() { Objects.requireNonNull(mGatewayConnectionName, "gatewayConnectionName was null"); - Objects.requireNonNull(mCtrlPlaneConfig, "control plane config was null"); + Objects.requireNonNull(mTunnelConnectionParams, "tunnel connection parameter was null"); Preconditions.checkArgument( mExposedCapabilities != null && !mExposedCapabilities.isEmpty(), @@ -262,13 +266,13 @@ public final class VcnGatewayConnectionConfig { } /** - * Returns control plane configuration. + * Returns tunnel connection parameters. * * @hide */ @NonNull - public VcnControlPlaneConfig getControlPlaneConfig() { - return mCtrlPlaneConfig.copy(); + public TunnelConnectionParams getTunnelConnectionParams() { + return mTunnelConnectionParams; } /** @@ -360,7 +364,8 @@ public final class VcnGatewayConnectionConfig { public PersistableBundle toPersistableBundle() { final PersistableBundle result = new PersistableBundle(); - final PersistableBundle ctrlPlaneConfigBundle = mCtrlPlaneConfig.toPersistableBundle(); + final PersistableBundle tunnelConnectionParamsBundle = + TunnelConnectionParamsUtils.toPersistableBundle(mTunnelConnectionParams); final PersistableBundle exposedCapsBundle = PersistableBundleUtils.fromList( new ArrayList<>(mExposedCapabilities), @@ -371,7 +376,7 @@ public final class VcnGatewayConnectionConfig { PersistableBundleUtils.INTEGER_SERIALIZER); result.putString(GATEWAY_CONNECTION_NAME_KEY, mGatewayConnectionName); - result.putPersistableBundle(CTRL_PLANE_CONFIG_KEY, ctrlPlaneConfigBundle); + result.putPersistableBundle(TUNNEL_CONNECTION_PARAMS_KEY, tunnelConnectionParamsBundle); result.putPersistableBundle(EXPOSED_CAPABILITIES_KEY, exposedCapsBundle); result.putPersistableBundle(UNDERLYING_CAPABILITIES_KEY, underlyingCapsBundle); result.putLongArray(RETRY_INTERVAL_MS_KEY, mRetryIntervalsMs); @@ -409,7 +414,7 @@ public final class VcnGatewayConnectionConfig { */ public static final class Builder { @NonNull private final String mGatewayConnectionName; - @NonNull private final VcnControlPlaneConfig mCtrlPlaneConfig; + @NonNull private final TunnelConnectionParams mTunnelConnectionParams; @NonNull private final Set<Integer> mExposedCapabilities = new ArraySet(); @NonNull private final Set<Integer> mUnderlyingCapabilities = new ArraySet(); @NonNull private long[] mRetryIntervalsMs = DEFAULT_RETRY_INTERVALS_MS; @@ -427,18 +432,18 @@ public final class VcnGatewayConnectionConfig { * VcnConfig} must be given a unique name. This name is used by the caller to * distinguish between VcnGatewayConnectionConfigs configured on a single {@link * VcnConfig}. This will be used as the identifier in VcnStatusCallback invocations. - * @param ctrlPlaneConfig the control plane configuration - * @see VcnControlPlaneConfig + * @param tunnelConnectionParams the tunnel connection configuration + * @see TunnelConnectionParams * @see VcnManager.VcnStatusCallback#onGatewayConnectionError */ public Builder( @NonNull String gatewayConnectionName, - @NonNull VcnControlPlaneConfig ctrlPlaneConfig) { + @NonNull TunnelConnectionParams tunnelConnectionParams) { Objects.requireNonNull(gatewayConnectionName, "gatewayConnectionName was null"); - Objects.requireNonNull(ctrlPlaneConfig, "ctrlPlaneConfig was null"); + Objects.requireNonNull(tunnelConnectionParams, "tunnelConnectionParams was null"); mGatewayConnectionName = gatewayConnectionName; - mCtrlPlaneConfig = ctrlPlaneConfig; + mTunnelConnectionParams = tunnelConnectionParams; } /** @@ -583,7 +588,7 @@ public final class VcnGatewayConnectionConfig { public VcnGatewayConnectionConfig build() { return new VcnGatewayConnectionConfig( mGatewayConnectionName, - mCtrlPlaneConfig, + mTunnelConnectionParams, mExposedCapabilities, mUnderlyingCapabilities, mRetryIntervalsMs, diff --git a/core/java/android/net/vcn/persistablebundleutils/TunnelConnectionParamsUtils.java b/core/java/android/net/vcn/persistablebundleutils/TunnelConnectionParamsUtils.java new file mode 100644 index 000000000000..690e4e76ea5f --- /dev/null +++ b/core/java/android/net/vcn/persistablebundleutils/TunnelConnectionParamsUtils.java @@ -0,0 +1,106 @@ +/* + * Copyright (C) 2021 The Android Open Source Project + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +package android.net.vcn.persistablebundleutils; + +import android.annotation.NonNull; +import android.net.TunnelConnectionParams; +import android.net.ipsec.ike.IkeSessionParams; +import android.net.ipsec.ike.IkeTunnelConnectionParams; +import android.net.ipsec.ike.TunnelModeChildSessionParams; +import android.os.PersistableBundle; + +import java.util.Objects; + +/** + * Utility class to convert TunnelConnectionParams to/from PersistableBundle + * + * @hide + */ +public final class TunnelConnectionParamsUtils { + private static final int EXPECTED_BUNDLE_KEY_CNT = 1; + + private static final String PARAMS_TYPE_IKE = "IKE"; + + /** Serializes an TunnelConnectionParams to a PersistableBundle. */ + @NonNull + public static PersistableBundle toPersistableBundle(@NonNull TunnelConnectionParams params) { + final PersistableBundle result = new PersistableBundle(); + + if (params instanceof IkeTunnelConnectionParams) { + result.putPersistableBundle( + PARAMS_TYPE_IKE, + IkeTunnelConnectionParamsUtils.serializeIkeParams( + (IkeTunnelConnectionParams) params)); + return result; + } else { + throw new UnsupportedOperationException("Invalid TunnelConnectionParams type"); + } + } + + /** Constructs an TunnelConnectionParams by deserializing a PersistableBundle. */ + @NonNull + public static TunnelConnectionParams fromPersistableBundle(@NonNull PersistableBundle in) { + Objects.requireNonNull(in, "PersistableBundle was null"); + + if (in.keySet().size() != EXPECTED_BUNDLE_KEY_CNT) { + throw new IllegalArgumentException( + "Expect PersistableBundle to have one element but found: " + in.keySet()); + } + + if (in.get(PARAMS_TYPE_IKE) != null) { + return IkeTunnelConnectionParamsUtils.deserializeIkeParams( + in.getPersistableBundle(PARAMS_TYPE_IKE)); + } + + throw new IllegalArgumentException( + "Invalid TunnelConnectionParams type " + in.keySet().iterator().next()); + } + + private static final class IkeTunnelConnectionParamsUtils { + private static final String IKE_PARAMS_KEY = "IKE_PARAMS_KEY"; + private static final String CHILD_PARAMS_KEY = "CHILD_PARAMS_KEY"; + + @NonNull + public static PersistableBundle serializeIkeParams( + @NonNull IkeTunnelConnectionParams ikeParams) { + final PersistableBundle result = new PersistableBundle(); + + result.putPersistableBundle( + IKE_PARAMS_KEY, + IkeSessionParamsUtils.toPersistableBundle(ikeParams.getIkeSessionParams())); + result.putPersistableBundle( + CHILD_PARAMS_KEY, + TunnelModeChildSessionParamsUtils.toPersistableBundle( + ikeParams.getTunnelModeChildSessionParams())); + return result; + } + + @NonNull + public static IkeTunnelConnectionParams deserializeIkeParams( + @NonNull PersistableBundle in) { + final PersistableBundle ikeBundle = in.getPersistableBundle(IKE_PARAMS_KEY); + final PersistableBundle childBundle = in.getPersistableBundle(CHILD_PARAMS_KEY); + Objects.requireNonNull(ikeBundle, "IkeSessionParams was null"); + Objects.requireNonNull(ikeBundle, "TunnelModeChildSessionParams was null"); + + final IkeSessionParams ikeParams = + IkeSessionParamsUtils.fromPersistableBundle(ikeBundle); + final TunnelModeChildSessionParams childParams = + TunnelModeChildSessionParamsUtils.fromPersistableBundle(childBundle); + return new IkeTunnelConnectionParams(ikeParams, childParams); + } + } +} diff --git a/services/core/java/com/android/server/vcn/VcnGatewayConnection.java b/services/core/java/com/android/server/vcn/VcnGatewayConnection.java index 77bfc5f46168..6ca3c4b66024 100644 --- a/services/core/java/com/android/server/vcn/VcnGatewayConnection.java +++ b/services/core/java/com/android/server/vcn/VcnGatewayConnection.java @@ -52,6 +52,7 @@ import android.net.NetworkProvider; import android.net.NetworkScore; import android.net.RouteInfo; import android.net.TelephonyNetworkSpecifier; +import android.net.TunnelConnectionParams; import android.net.Uri; import android.net.annotations.PolicyDirection; import android.net.ipsec.ike.ChildSessionCallback; @@ -61,10 +62,10 @@ import android.net.ipsec.ike.IkeSession; import android.net.ipsec.ike.IkeSessionCallback; import android.net.ipsec.ike.IkeSessionConfiguration; import android.net.ipsec.ike.IkeSessionParams; +import android.net.ipsec.ike.IkeTunnelConnectionParams; import android.net.ipsec.ike.exceptions.IkeException; import android.net.ipsec.ike.exceptions.IkeInternalException; import android.net.ipsec.ike.exceptions.IkeProtocolException; -import android.net.vcn.VcnControlPlaneIkeConfig; import android.net.vcn.VcnGatewayConnectionConfig; import android.net.vcn.VcnTransportInfo; import android.net.wifi.WifiInfo; @@ -1923,8 +1924,14 @@ public class VcnGatewayConnection extends StateMachine { @NonNull IpSecTunnelInterface tunnelIface, @NonNull VcnChildSessionConfiguration childConfig, @Nullable UnderlyingNetworkRecord underlying) { - final VcnControlPlaneIkeConfig controlPlaneConfig = - (VcnControlPlaneIkeConfig) gatewayConnectionConfig.getControlPlaneConfig(); + final TunnelConnectionParams tunnelParams = + gatewayConnectionConfig.getTunnelConnectionParams(); + if (!(tunnelParams instanceof IkeTunnelConnectionParams)) { + throw new IllegalStateException( + "TunnelConnectionParams is not IkeTunnelConnectionParams"); + } + + final IkeTunnelConnectionParams ikeTunnelParams = (IkeTunnelConnectionParams) tunnelParams; final LinkProperties lp = new LinkProperties(); lp.setInterfaceName(tunnelIface.getInterfaceName()); @@ -1943,7 +1950,7 @@ public class VcnGatewayConnection extends StateMachine { final int underlyingMtu = (underlying == null) ? 0 : underlying.linkProperties.getMtu(); lp.setMtu( MtuUtils.getMtu( - controlPlaneConfig.getChildSessionParams().getSaProposals(), + ikeTunnelParams.getTunnelModeChildSessionParams().getSaProposals(), gatewayConnectionConfig.getMaxMtu(), underlyingMtu)); @@ -2131,19 +2138,32 @@ public class VcnGatewayConnection extends StateMachine { } private IkeSessionParams buildIkeParams(@NonNull Network network) { - final VcnControlPlaneIkeConfig controlPlaneConfig = - (VcnControlPlaneIkeConfig) mConnectionConfig.getControlPlaneConfig(); - final IkeSessionParams.Builder builder = - new IkeSessionParams.Builder(controlPlaneConfig.getIkeSessionParams()); - builder.setNetwork(network); + final TunnelConnectionParams tunnelConnectionParams = + mConnectionConfig.getTunnelConnectionParams(); - return builder.build(); + if (tunnelConnectionParams instanceof IkeTunnelConnectionParams) { + final IkeTunnelConnectionParams ikeTunnelConnectionParams = + (IkeTunnelConnectionParams) tunnelConnectionParams; + final IkeSessionParams.Builder builder = + new IkeSessionParams.Builder(ikeTunnelConnectionParams.getIkeSessionParams()); + builder.setNetwork(network); + + return builder.build(); + } + + throw new IllegalStateException("TunnelConnectionParams is not IkeTunnelConnectionParams"); } private ChildSessionParams buildChildParams() { - final VcnControlPlaneIkeConfig controlPlaneConfig = - (VcnControlPlaneIkeConfig) mConnectionConfig.getControlPlaneConfig(); - return controlPlaneConfig.getChildSessionParams(); + final TunnelConnectionParams tunnelConnectionParams = + mConnectionConfig.getTunnelConnectionParams(); + + if (tunnelConnectionParams instanceof IkeTunnelConnectionParams) { + return ((IkeTunnelConnectionParams) tunnelConnectionParams) + .getTunnelModeChildSessionParams(); + } + + throw new IllegalStateException("TunnelConnectionParams is not IkeTunnelConnectionParams"); } @VisibleForTesting(visibility = Visibility.PRIVATE) diff --git a/tests/vcn/java/android/net/vcn/VcnControlPlaneIkeConfigTest.java b/tests/vcn/java/android/net/vcn/VcnControlPlaneIkeConfigTest.java deleted file mode 100644 index 43b80e4c1bbf..000000000000 --- a/tests/vcn/java/android/net/vcn/VcnControlPlaneIkeConfigTest.java +++ /dev/null @@ -1,113 +0,0 @@ -/* - * Copyright (C) 2020 The Android Open Source Project - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ - -package android.net.vcn; - -import static android.net.ipsec.ike.SaProposal.DH_GROUP_2048_BIT_MODP; -import static android.net.ipsec.ike.SaProposal.ENCRYPTION_ALGORITHM_AES_GCM_12; -import static android.net.ipsec.ike.SaProposal.PSEUDORANDOM_FUNCTION_AES128_XCBC; - -import static org.junit.Assert.assertEquals; -import static org.junit.Assert.fail; - -import android.net.ipsec.ike.ChildSaProposal; -import android.net.ipsec.ike.IkeFqdnIdentification; -import android.net.ipsec.ike.IkeSaProposal; -import android.net.ipsec.ike.IkeSessionParams; -import android.net.ipsec.ike.SaProposal; -import android.net.ipsec.ike.TunnelModeChildSessionParams; - -import androidx.test.filters.SmallTest; -import androidx.test.runner.AndroidJUnit4; - -import org.junit.Test; -import org.junit.runner.RunWith; - -@RunWith(AndroidJUnit4.class) -@SmallTest -public class VcnControlPlaneIkeConfigTest { - private static final IkeSessionParams IKE_PARAMS; - private static final TunnelModeChildSessionParams CHILD_PARAMS; - - static { - IkeSaProposal ikeProposal = - new IkeSaProposal.Builder() - .addEncryptionAlgorithm( - ENCRYPTION_ALGORITHM_AES_GCM_12, SaProposal.KEY_LEN_AES_128) - .addDhGroup(DH_GROUP_2048_BIT_MODP) - .addPseudorandomFunction(PSEUDORANDOM_FUNCTION_AES128_XCBC) - .build(); - - final String serverHostname = "192.0.2.100"; - final String testLocalId = "test.client.com"; - final String testRemoteId = "test.server.com"; - final byte[] psk = "psk".getBytes(); - - IKE_PARAMS = - new IkeSessionParams.Builder() - .setServerHostname(serverHostname) - .addSaProposal(ikeProposal) - .setLocalIdentification(new IkeFqdnIdentification(testLocalId)) - .setRemoteIdentification(new IkeFqdnIdentification(testRemoteId)) - .setAuthPsk(psk) - .build(); - - ChildSaProposal childProposal = - new ChildSaProposal.Builder() - .addEncryptionAlgorithm( - ENCRYPTION_ALGORITHM_AES_GCM_12, SaProposal.KEY_LEN_AES_128) - .build(); - CHILD_PARAMS = - new TunnelModeChildSessionParams.Builder().addSaProposal(childProposal).build(); - } - - // Package private for use in VcnGatewayConnectionConfigTest - static VcnControlPlaneIkeConfig buildTestConfig() { - return new VcnControlPlaneIkeConfig(IKE_PARAMS, CHILD_PARAMS); - } - - @Test - public void testGetters() { - final VcnControlPlaneIkeConfig config = buildTestConfig(); - assertEquals(IKE_PARAMS, config.getIkeSessionParams()); - assertEquals(CHILD_PARAMS, config.getChildSessionParams()); - } - - @Test - public void testPersistableBundle() { - final VcnControlPlaneIkeConfig config = buildTestConfig(); - - assertEquals(config, new VcnControlPlaneIkeConfig(config.toPersistableBundle())); - } - - @Test - public void testConstructConfigWithoutIkeParams() { - try { - new VcnControlPlaneIkeConfig(null, CHILD_PARAMS); - fail("Expect to fail because ikeParams was null"); - } catch (NullPointerException expected) { - } - } - - @Test - public void testBuilderConfigWithoutChildParams() { - try { - new VcnControlPlaneIkeConfig(IKE_PARAMS, null); - fail("Expect to fail because childParams was null"); - } catch (NullPointerException expected) { - } - } -} diff --git a/tests/vcn/java/android/net/vcn/VcnGatewayConnectionConfigTest.java b/tests/vcn/java/android/net/vcn/VcnGatewayConnectionConfigTest.java index db00670c9bcf..0d3fd3fef49c 100644 --- a/tests/vcn/java/android/net/vcn/VcnGatewayConnectionConfigTest.java +++ b/tests/vcn/java/android/net/vcn/VcnGatewayConnectionConfigTest.java @@ -18,11 +18,12 @@ package android.net.vcn; import static org.junit.Assert.assertArrayEquals; import static org.junit.Assert.assertEquals; -import static org.junit.Assert.assertFalse; import static org.junit.Assert.assertTrue; import static org.junit.Assert.fail; import android.net.NetworkCapabilities; +import android.net.TunnelConnectionParams; +import android.net.vcn.persistablebundleutils.TunnelConnectionParamsUtilsTest; import androidx.test.filters.SmallTest; import androidx.test.runner.AndroidJUnit4; @@ -59,8 +60,8 @@ public class VcnGatewayConnectionConfigTest { }; public static final int MAX_MTU = 1360; - public static final VcnControlPlaneConfig CONTROL_PLANE_CONFIG = - VcnControlPlaneIkeConfigTest.buildTestConfig(); + public static final TunnelConnectionParams TUNNEL_CONNECTION_PARAMS = + TunnelConnectionParamsUtilsTest.buildTestParams(); public static final String GATEWAY_CONNECTION_NAME_PREFIX = "gatewayConnectionName-"; private static int sGatewayConnectionConfigCount = 0; @@ -75,7 +76,7 @@ public class VcnGatewayConnectionConfigTest { // VcnGatewayConnectionConfigs have a unique name (required by VcnConfig). return new VcnGatewayConnectionConfig.Builder( GATEWAY_CONNECTION_NAME_PREFIX + sGatewayConnectionConfigCount++, - CONTROL_PLANE_CONFIG); + TUNNEL_CONNECTION_PARAMS); } // Public for use in VcnGatewayConnectionTest @@ -98,7 +99,7 @@ public class VcnGatewayConnectionConfigTest { public void testBuilderRequiresNonNullGatewayConnectionName() { try { new VcnGatewayConnectionConfig.Builder( - null /* gatewayConnectionName */, CONTROL_PLANE_CONFIG) + null /* gatewayConnectionName */, TUNNEL_CONNECTION_PARAMS) .build(); fail("Expected exception due to invalid gateway connection name"); @@ -107,13 +108,13 @@ public class VcnGatewayConnectionConfigTest { } @Test - public void testBuilderRequiresNonNullControlPlaneConfig() { + public void testBuilderRequiresNonNullTunnelConnectionParams() { try { new VcnGatewayConnectionConfig.Builder( - GATEWAY_CONNECTION_NAME_PREFIX, null /* ctrlPlaneConfig */) + GATEWAY_CONNECTION_NAME_PREFIX, null /* tunnelConnectionParams */) .build(); - fail("Expected exception due to invalid control plane config"); + fail("Expected exception due to the absence of tunnel connection parameters"); } catch (NullPointerException e) { } } @@ -171,8 +172,7 @@ public class VcnGatewayConnectionConfigTest { Arrays.sort(underlyingCaps); assertArrayEquals(UNDERLYING_CAPS, underlyingCaps); - assertEquals(CONTROL_PLANE_CONFIG, config.getControlPlaneConfig()); - assertFalse(CONTROL_PLANE_CONFIG == config.getControlPlaneConfig()); + assertEquals(TUNNEL_CONNECTION_PARAMS, config.getTunnelConnectionParams()); assertArrayEquals(RETRY_INTERVALS_MS, config.getRetryIntervalsMs()); assertEquals(MAX_MTU, config.getMaxMtu()); diff --git a/tests/vcn/java/android/net/vcn/persistablebundleutils/IkeSessionParamsUtilsTest.java b/tests/vcn/java/android/net/vcn/persistablebundleutils/IkeSessionParamsUtilsTest.java index 4226e645896e..393787f1a8b8 100644 --- a/tests/vcn/java/android/net/vcn/persistablebundleutils/IkeSessionParamsUtilsTest.java +++ b/tests/vcn/java/android/net/vcn/persistablebundleutils/IkeSessionParamsUtilsTest.java @@ -52,7 +52,8 @@ import java.util.concurrent.TimeUnit; @RunWith(AndroidJUnit4.class) @SmallTest public class IkeSessionParamsUtilsTest { - private static IkeSessionParams.Builder createBuilderMinimum() { + // Package private for use in EncryptedTunnelParamsUtilsTest + static IkeSessionParams.Builder createBuilderMinimum() { final InetAddress serverAddress = InetAddresses.parseNumericAddress("192.0.2.100"); // TODO: b/185941731 Make sure all valid IKE_OPTIONS are added and validated. diff --git a/tests/vcn/java/android/net/vcn/persistablebundleutils/TunnelConnectionParamsUtilsTest.java b/tests/vcn/java/android/net/vcn/persistablebundleutils/TunnelConnectionParamsUtilsTest.java new file mode 100644 index 000000000000..0c8ad32b0c27 --- /dev/null +++ b/tests/vcn/java/android/net/vcn/persistablebundleutils/TunnelConnectionParamsUtilsTest.java @@ -0,0 +1,48 @@ +/* + * Copyright (C) 2021 The Android Open Source Project + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +package android.net.vcn.persistablebundleutils; + +import static org.junit.Assert.assertEquals; + +import android.net.ipsec.ike.IkeTunnelConnectionParams; + +import androidx.test.filters.SmallTest; +import androidx.test.runner.AndroidJUnit4; + +import org.junit.Test; +import org.junit.runner.RunWith; + +@RunWith(AndroidJUnit4.class) +@SmallTest +public class TunnelConnectionParamsUtilsTest { + // Public for use in VcnGatewayConnectionConfigTest + public static IkeTunnelConnectionParams buildTestParams() { + return new IkeTunnelConnectionParams( + IkeSessionParamsUtilsTest.createBuilderMinimum().build(), + TunnelModeChildSessionParamsUtilsTest.createBuilderMinimum().build()); + } + + @Test + public void testIkeTunnelConnectionParamsToFromPersistableBundle() { + final IkeTunnelConnectionParams params = buildTestParams(); + + assertEquals( + params, + TunnelConnectionParamsUtils.fromPersistableBundle( + TunnelConnectionParamsUtils.toPersistableBundle(params))); + } +} diff --git a/tests/vcn/java/android/net/vcn/persistablebundleutils/TunnelModeChildSessionParamsUtilsTest.java b/tests/vcn/java/android/net/vcn/persistablebundleutils/TunnelModeChildSessionParamsUtilsTest.java index b3cd0ab80599..e0b5f0ef0381 100644 --- a/tests/vcn/java/android/net/vcn/persistablebundleutils/TunnelModeChildSessionParamsUtilsTest.java +++ b/tests/vcn/java/android/net/vcn/persistablebundleutils/TunnelModeChildSessionParamsUtilsTest.java @@ -40,7 +40,8 @@ import java.util.concurrent.TimeUnit; @RunWith(AndroidJUnit4.class) @SmallTest public class TunnelModeChildSessionParamsUtilsTest { - private TunnelModeChildSessionParams.Builder createBuilderMinimum() { + // Package private for use in EncryptedTunnelParamsUtilsTest + static TunnelModeChildSessionParams.Builder createBuilderMinimum() { final ChildSaProposal saProposal = SaProposalUtilsTest.buildTestChildSaProposal(); return new TunnelModeChildSessionParams.Builder().addSaProposal(saProposal); } diff --git a/tests/vcn/java/com/android/server/vcn/VcnGatewayConnectionConnectedStateTest.java b/tests/vcn/java/com/android/server/vcn/VcnGatewayConnectionConnectedStateTest.java index 95a972652bf4..530e63699e9f 100644 --- a/tests/vcn/java/com/android/server/vcn/VcnGatewayConnectionConnectedStateTest.java +++ b/tests/vcn/java/com/android/server/vcn/VcnGatewayConnectionConnectedStateTest.java @@ -51,10 +51,10 @@ import android.net.LinkProperties; import android.net.NetworkAgent; import android.net.NetworkCapabilities; import android.net.ipsec.ike.ChildSaProposal; +import android.net.ipsec.ike.IkeTunnelConnectionParams; import android.net.ipsec.ike.exceptions.IkeException; import android.net.ipsec.ike.exceptions.IkeInternalException; import android.net.ipsec.ike.exceptions.IkeProtocolException; -import android.net.vcn.VcnControlPlaneIkeConfig; import android.net.vcn.VcnManager.VcnErrorCode; import androidx.test.filters.SmallTest; @@ -181,8 +181,8 @@ public class VcnGatewayConnectionConnectedStateTest extends VcnGatewayConnection assertEquals(mGatewayConnection.mConnectedState, mGatewayConnection.getCurrentState()); final List<ChildSaProposal> saProposals = - ((VcnControlPlaneIkeConfig) mConfig.getControlPlaneConfig()) - .getChildSessionParams() + ((IkeTunnelConnectionParams) mConfig.getTunnelConnectionParams()) + .getTunnelModeChildSessionParams() .getSaProposals(); final int expectedMtu = MtuUtils.getMtu( |