diff options
3 files changed, 99 insertions, 4 deletions
diff --git a/src/java/com/android/ike/ikev2/IkeKeyIdIdentification.java b/src/java/com/android/ike/ikev2/IkeKeyIdIdentification.java new file mode 100644 index 00000000..cba519c8 --- /dev/null +++ b/src/java/com/android/ike/ikev2/IkeKeyIdIdentification.java @@ -0,0 +1,63 @@ +/* + * Copyright (C) 2019 The Android Open Source Project + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +package com.android.ike.ikev2; + +import android.annotation.NonNull; + +import java.util.Objects; + +/** + * This class represents IKE ID information in Key ID type. + * + * <p>This is an octet stream that may be used to pass vendor-specific information necessary to do + * certain proprietary types of identification. + */ +public final class IkeKeyIdIdentification extends IkeIdentification { + public final byte[] keyId; + + /** + * Construct an instance of IkeKeyIdIdentification with provided Key ID + * + * @param keyId Key ID in bytes + */ + public IkeKeyIdIdentification(@NonNull byte[] keyId) { + super(ID_TYPE_KEY_ID); + this.keyId = keyId; + } + + @Override + public int hashCode() { + return Objects.hash(idType, keyId); + } + + @Override + public boolean equals(Object o) { + if (!(o instanceof IkeKeyIdIdentification)) return false; + + return keyId.equals(((IkeKeyIdIdentification) o).keyId); + } + + /** + * Retrieve the byte-representation of the FQDN. + * + * @return the byte-representation of the FQDN. + */ + @Override + public byte[] getEncodedIdData() { + return keyId; + } +} diff --git a/src/java/com/android/ike/ikev2/message/IkeIdPayload.java b/src/java/com/android/ike/ikev2/message/IkeIdPayload.java index 7b1ab78e..adb39c2d 100644 --- a/src/java/com/android/ike/ikev2/message/IkeIdPayload.java +++ b/src/java/com/android/ike/ikev2/message/IkeIdPayload.java @@ -20,6 +20,7 @@ import com.android.ike.ikev2.IkeFqdnIdentification; import com.android.ike.ikev2.IkeIdentification; import com.android.ike.ikev2.IkeIpv4AddrIdentification; import com.android.ike.ikev2.IkeIpv6AddrIdentification; +import com.android.ike.ikev2.IkeKeyIdIdentification; import com.android.ike.ikev2.IkeRfc822AddrIdentification; import com.android.ike.ikev2.exceptions.AuthenticationFailedException; import com.android.ike.ikev2.exceptions.IkeProtocolException; @@ -84,12 +85,12 @@ public final class IkeIdPayload extends IkePayload { case IkeIdentification.ID_TYPE_IPV6_ADDR: ikeId = new IkeIpv6AddrIdentification(idData); return; - case IkeIdentification.ID_TYPE_DER_ASN1_DN: - // Fall through + case IkeIdentification.ID_TYPE_DER_ASN1_DN: // Fall through case IkeIdentification.ID_TYPE_DER_ASN1_GN: - // Fall through - case IkeIdentification.ID_TYPE_KEY_ID: throw new UnsupportedOperationException("ID type is not supported currently."); + case IkeIdentification.ID_TYPE_KEY_ID: + ikeId = new IkeKeyIdIdentification(idData); + return; default: throw new AuthenticationFailedException("Unsupported ID type: " + idType); } diff --git a/tests/iketests/src/java/com/android/ike/ikev2/message/IkeIdPayloadTest.java b/tests/iketests/src/java/com/android/ike/ikev2/message/IkeIdPayloadTest.java index cccbba12..14d05264 100644 --- a/tests/iketests/src/java/com/android/ike/ikev2/message/IkeIdPayloadTest.java +++ b/tests/iketests/src/java/com/android/ike/ikev2/message/IkeIdPayloadTest.java @@ -25,6 +25,7 @@ import com.android.ike.ikev2.IkeFqdnIdentification; import com.android.ike.ikev2.IkeIdentification; import com.android.ike.ikev2.IkeIpv4AddrIdentification; import com.android.ike.ikev2.IkeIpv6AddrIdentification; +import com.android.ike.ikev2.IkeKeyIdIdentification; import com.android.ike.ikev2.IkeRfc822AddrIdentification; import com.android.ike.ikev2.exceptions.AuthenticationFailedException; @@ -59,6 +60,12 @@ public final class IkeIdPayloadTest { "03000000616e64726f6964696b65406578616d706c652e636f6d"; private static final String RFC822_NAME = "androidike@example.com"; + private static final String KEY_ID_PAYLOAD_HEX_STRING = + "250000170b000000616E64726F6964496B654B65794964"; + private static final String KEY_ID_PAYLOAD_BODY_HEX_STRING = + "0b000000616E64726F6964496B654B65794964"; + private static final byte[] KEY_ID = "androidIkeKeyId".getBytes(); + private static final int ID_TYPE_OFFSET = 0; @Test @@ -113,6 +120,18 @@ public final class IkeIdPayloadTest { } @Test + public void testDecodeKeyIdPayload() throws Exception { + byte[] inputPacket = TestUtils.hexStringToByteArray(KEY_ID_PAYLOAD_BODY_HEX_STRING); + IkeIdPayload payload = + new IkeIdPayload(false /*critical*/, inputPacket, true /*isInitiator*/); + + assertEquals(IkePayload.PAYLOAD_TYPE_ID_INITIATOR, payload.payloadType); + assertEquals(IkeIdentification.ID_TYPE_KEY_ID, payload.ikeId.idType); + IkeKeyIdIdentification ikeId = (IkeKeyIdIdentification) payload.ikeId; + assertArrayEquals(KEY_ID, ikeId.keyId); + } + + @Test public void testDecodeUnsupportedIdType() throws Exception { byte[] inputPacket = TestUtils.hexStringToByteArray(IPV4_ADDR_ID_PAYLOAD_RESPONDER_BODY_HEX_STRING); @@ -175,4 +194,16 @@ public final class IkeIdPayloadTest { byte[] expectedBytes = TestUtils.hexStringToByteArray(RFC822_ADDR_ID_PAYLOAD_HEX_STRING); assertArrayEquals(expectedBytes, inputBuffer.array()); } + + @Test + public void testConstructAndEncodeKeyIdPayload() throws Exception { + IkeIdPayload payload = + new IkeIdPayload(true /*isInitiator*/, new IkeKeyIdIdentification(KEY_ID)); + + ByteBuffer inputBuffer = ByteBuffer.allocate(payload.getPayloadLength()); + payload.encodeToByteBuffer(IkePayload.PAYLOAD_TYPE_CERT, inputBuffer); + + byte[] expectedBytes = TestUtils.hexStringToByteArray(KEY_ID_PAYLOAD_HEX_STRING); + assertArrayEquals(expectedBytes, inputBuffer.array()); + } } |