aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--src/java/com/android/ike/ikev2/IkeKeyIdIdentification.java63
-rw-r--r--src/java/com/android/ike/ikev2/message/IkeIdPayload.java9
-rw-r--r--tests/iketests/src/java/com/android/ike/ikev2/message/IkeIdPayloadTest.java31
3 files changed, 99 insertions, 4 deletions
diff --git a/src/java/com/android/ike/ikev2/IkeKeyIdIdentification.java b/src/java/com/android/ike/ikev2/IkeKeyIdIdentification.java
new file mode 100644
index 00000000..cba519c8
--- /dev/null
+++ b/src/java/com/android/ike/ikev2/IkeKeyIdIdentification.java
@@ -0,0 +1,63 @@
+/*
+ * Copyright (C) 2019 The Android Open Source Project
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package com.android.ike.ikev2;
+
+import android.annotation.NonNull;
+
+import java.util.Objects;
+
+/**
+ * This class represents IKE ID information in Key ID type.
+ *
+ * <p>This is an octet stream that may be used to pass vendor-specific information necessary to do
+ * certain proprietary types of identification.
+ */
+public final class IkeKeyIdIdentification extends IkeIdentification {
+ public final byte[] keyId;
+
+ /**
+ * Construct an instance of IkeKeyIdIdentification with provided Key ID
+ *
+ * @param keyId Key ID in bytes
+ */
+ public IkeKeyIdIdentification(@NonNull byte[] keyId) {
+ super(ID_TYPE_KEY_ID);
+ this.keyId = keyId;
+ }
+
+ @Override
+ public int hashCode() {
+ return Objects.hash(idType, keyId);
+ }
+
+ @Override
+ public boolean equals(Object o) {
+ if (!(o instanceof IkeKeyIdIdentification)) return false;
+
+ return keyId.equals(((IkeKeyIdIdentification) o).keyId);
+ }
+
+ /**
+ * Retrieve the byte-representation of the FQDN.
+ *
+ * @return the byte-representation of the FQDN.
+ */
+ @Override
+ public byte[] getEncodedIdData() {
+ return keyId;
+ }
+}
diff --git a/src/java/com/android/ike/ikev2/message/IkeIdPayload.java b/src/java/com/android/ike/ikev2/message/IkeIdPayload.java
index 7b1ab78e..adb39c2d 100644
--- a/src/java/com/android/ike/ikev2/message/IkeIdPayload.java
+++ b/src/java/com/android/ike/ikev2/message/IkeIdPayload.java
@@ -20,6 +20,7 @@ import com.android.ike.ikev2.IkeFqdnIdentification;
import com.android.ike.ikev2.IkeIdentification;
import com.android.ike.ikev2.IkeIpv4AddrIdentification;
import com.android.ike.ikev2.IkeIpv6AddrIdentification;
+import com.android.ike.ikev2.IkeKeyIdIdentification;
import com.android.ike.ikev2.IkeRfc822AddrIdentification;
import com.android.ike.ikev2.exceptions.AuthenticationFailedException;
import com.android.ike.ikev2.exceptions.IkeProtocolException;
@@ -84,12 +85,12 @@ public final class IkeIdPayload extends IkePayload {
case IkeIdentification.ID_TYPE_IPV6_ADDR:
ikeId = new IkeIpv6AddrIdentification(idData);
return;
- case IkeIdentification.ID_TYPE_DER_ASN1_DN:
- // Fall through
+ case IkeIdentification.ID_TYPE_DER_ASN1_DN: // Fall through
case IkeIdentification.ID_TYPE_DER_ASN1_GN:
- // Fall through
- case IkeIdentification.ID_TYPE_KEY_ID:
throw new UnsupportedOperationException("ID type is not supported currently.");
+ case IkeIdentification.ID_TYPE_KEY_ID:
+ ikeId = new IkeKeyIdIdentification(idData);
+ return;
default:
throw new AuthenticationFailedException("Unsupported ID type: " + idType);
}
diff --git a/tests/iketests/src/java/com/android/ike/ikev2/message/IkeIdPayloadTest.java b/tests/iketests/src/java/com/android/ike/ikev2/message/IkeIdPayloadTest.java
index cccbba12..14d05264 100644
--- a/tests/iketests/src/java/com/android/ike/ikev2/message/IkeIdPayloadTest.java
+++ b/tests/iketests/src/java/com/android/ike/ikev2/message/IkeIdPayloadTest.java
@@ -25,6 +25,7 @@ import com.android.ike.ikev2.IkeFqdnIdentification;
import com.android.ike.ikev2.IkeIdentification;
import com.android.ike.ikev2.IkeIpv4AddrIdentification;
import com.android.ike.ikev2.IkeIpv6AddrIdentification;
+import com.android.ike.ikev2.IkeKeyIdIdentification;
import com.android.ike.ikev2.IkeRfc822AddrIdentification;
import com.android.ike.ikev2.exceptions.AuthenticationFailedException;
@@ -59,6 +60,12 @@ public final class IkeIdPayloadTest {
"03000000616e64726f6964696b65406578616d706c652e636f6d";
private static final String RFC822_NAME = "androidike@example.com";
+ private static final String KEY_ID_PAYLOAD_HEX_STRING =
+ "250000170b000000616E64726F6964496B654B65794964";
+ private static final String KEY_ID_PAYLOAD_BODY_HEX_STRING =
+ "0b000000616E64726F6964496B654B65794964";
+ private static final byte[] KEY_ID = "androidIkeKeyId".getBytes();
+
private static final int ID_TYPE_OFFSET = 0;
@Test
@@ -113,6 +120,18 @@ public final class IkeIdPayloadTest {
}
@Test
+ public void testDecodeKeyIdPayload() throws Exception {
+ byte[] inputPacket = TestUtils.hexStringToByteArray(KEY_ID_PAYLOAD_BODY_HEX_STRING);
+ IkeIdPayload payload =
+ new IkeIdPayload(false /*critical*/, inputPacket, true /*isInitiator*/);
+
+ assertEquals(IkePayload.PAYLOAD_TYPE_ID_INITIATOR, payload.payloadType);
+ assertEquals(IkeIdentification.ID_TYPE_KEY_ID, payload.ikeId.idType);
+ IkeKeyIdIdentification ikeId = (IkeKeyIdIdentification) payload.ikeId;
+ assertArrayEquals(KEY_ID, ikeId.keyId);
+ }
+
+ @Test
public void testDecodeUnsupportedIdType() throws Exception {
byte[] inputPacket =
TestUtils.hexStringToByteArray(IPV4_ADDR_ID_PAYLOAD_RESPONDER_BODY_HEX_STRING);
@@ -175,4 +194,16 @@ public final class IkeIdPayloadTest {
byte[] expectedBytes = TestUtils.hexStringToByteArray(RFC822_ADDR_ID_PAYLOAD_HEX_STRING);
assertArrayEquals(expectedBytes, inputBuffer.array());
}
+
+ @Test
+ public void testConstructAndEncodeKeyIdPayload() throws Exception {
+ IkeIdPayload payload =
+ new IkeIdPayload(true /*isInitiator*/, new IkeKeyIdIdentification(KEY_ID));
+
+ ByteBuffer inputBuffer = ByteBuffer.allocate(payload.getPayloadLength());
+ payload.encodeToByteBuffer(IkePayload.PAYLOAD_TYPE_CERT, inputBuffer);
+
+ byte[] expectedBytes = TestUtils.hexStringToByteArray(KEY_ID_PAYLOAD_HEX_STRING);
+ assertArrayEquals(expectedBytes, inputBuffer.array());
+ }
}