IpSecAlgorithm
class IpSecAlgorithm : Parcelable
kotlin.Any | |
↳ | android.net.IpSecAlgorithm |
This class represents a single algorithm that can be used by an IpSecTransform
.
Summary
Constants | |
---|---|
static String |
AES-CMAC Authentication/Integrity Algorithm. |
static String |
AES-XCBC Authentication/Integrity Algorithm. |
static String |
AES-GCM Authentication/Integrity + Encryption/Ciphering Algorithm. |
static String |
ChaCha20-Poly1305 Authentication/Integrity + Encryption/Ciphering Algorithm. |
static String |
MD5 HMAC Authentication/Integrity Algorithm. |
static String |
SHA1 HMAC Authentication/Integrity Algorithm. |
static String |
SHA256 HMAC Authentication/Integrity Algorithm. |
static String |
SHA384 HMAC Authentication/Integrity Algorithm. |
static String |
SHA512 HMAC Authentication/Integrity Algorithm. |
static String |
AES-CBC Encryption/Ciphering Algorithm. |
static String |
AES-CTR Encryption/Ciphering Algorithm. |
Inherited constants | |
---|---|
Public constructors | |
---|---|
IpSecAlgorithm(algorithm: String, key: ByteArray) Creates an IpSecAlgorithm of one of the supported types. |
|
IpSecAlgorithm(algorithm: String, key: ByteArray, truncLenBits: Int) Creates an IpSecAlgorithm of one of the supported types. |
Public methods | |
---|---|
Int |
Parcelable Implementation |
ByteArray |
getKey() Get the key for this algorithm |
String |
getName() Get the algorithm name |
static MutableSet<String!> |
Returns supported IPsec algorithms for the current device. |
Int |
Get the truncation length of this algorithm, in bits |
String |
toString() Returns a string representation of the object. |
Unit |
writeToParcel(out: Parcel, flags: Int) Write to parcel |
Properties | |
---|---|
static Parcelable.Creator<IpSecAlgorithm!> |
Parcelable Creator |
Constants
AUTH_AES_CMAC
static val AUTH_AES_CMAC: String
AES-CMAC Authentication/Integrity Algorithm.
Keys for this algorithm must be 128 bits in length.
The only valid truncation length is 96 bits.
This algorithm may be available on the device. Caller MUST check if it is supported before using it by calling getSupportedAlgorithms()
and checking if this algorithm is included in the returned algorithm set. The returned algorithm set will not change unless the device is rebooted. IllegalArgumentException
will be thrown if this algorithm is requested on an unsupported device.
Value: "cmac(aes)"
AUTH_AES_XCBC
static val AUTH_AES_XCBC: String
AES-XCBC Authentication/Integrity Algorithm.
Keys for this algorithm must be 128 bits in length.
The only valid truncation length is 96 bits.
This algorithm may be available on the device. Caller MUST check if it is supported before using it by calling getSupportedAlgorithms()
and checking if this algorithm is included in the returned algorithm set. The returned algorithm set will not change unless the device is rebooted. IllegalArgumentException
will be thrown if this algorithm is requested on an unsupported device.
Value: "xcbc(aes)"
AUTH_CRYPT_AES_GCM
static val AUTH_CRYPT_AES_GCM: String
AES-GCM Authentication/Integrity + Encryption/Ciphering Algorithm.
Valid lengths for keying material are {160, 224, 288}.
As per RFC4106 (Section 8.1), keying material consists of a 128, 192, or 256 bit AES key followed by a 32-bit salt. RFC compliance requires that the salt must be unique per invocation with the same key.
Valid ICV (truncation) lengths are {64, 96, 128}.
Value: "rfc4106(gcm(aes))"
AUTH_CRYPT_CHACHA20_POLY1305
static val AUTH_CRYPT_CHACHA20_POLY1305: String
ChaCha20-Poly1305 Authentication/Integrity + Encryption/Ciphering Algorithm.
Keys for this algorithm must be 288 bits in length.
As per RFC7634 (Section 2), keying material consists of a 256 bit key followed by a 32-bit salt. The salt is fixed per security association.
The only valid ICV (truncation) length is 128 bits.
This algorithm may be available on the device. Caller MUST check if it is supported before using it by calling getSupportedAlgorithms()
and checking if this algorithm is included in the returned algorithm set. The returned algorithm set will not change unless the device is rebooted. IllegalArgumentException
will be thrown if this algorithm is requested on an unsupported device.
Value: "rfc7539esp(chacha20,poly1305)"
AUTH_HMAC_MD5
static val AUTH_HMAC_MD5: String
MD5 HMAC Authentication/Integrity Algorithm. This algorithm is not recommended for use in new applications and is provided for legacy compatibility with 3gpp infrastructure.
Keys for this algorithm must be 128 bits in length.
Valid truncation lengths are multiples of 8 bits from 96 to 128.
Value: "hmac(md5)"
AUTH_HMAC_SHA1
static val AUTH_HMAC_SHA1: String
SHA1 HMAC Authentication/Integrity Algorithm. This algorithm is not recommended for use in new applications and is provided for legacy compatibility with 3gpp infrastructure.
Keys for this algorithm must be 160 bits in length.
Valid truncation lengths are multiples of 8 bits from 96 to 160.
Value: "hmac(sha1)"
AUTH_HMAC_SHA256
static val AUTH_HMAC_SHA256: String
SHA256 HMAC Authentication/Integrity Algorithm.
Keys for this algorithm must be 256 bits in length.
Valid truncation lengths are multiples of 8 bits from 96 to 256.
Value: "hmac(sha256)"
AUTH_HMAC_SHA384
static val AUTH_HMAC_SHA384: String
SHA384 HMAC Authentication/Integrity Algorithm.
Keys for this algorithm must be 384 bits in length.
Valid truncation lengths are multiples of 8 bits from 192 to 384.
Value: "hmac(sha384)"
AUTH_HMAC_SHA512
static val AUTH_HMAC_SHA512: String
SHA512 HMAC Authentication/Integrity Algorithm.
Keys for this algorithm must be 512 bits in length.
Valid truncation lengths are multiples of 8 bits from 256 to 512.
Value: "hmac(sha512)"
CRYPT_AES_CBC
static val CRYPT_AES_CBC: String
AES-CBC Encryption/Ciphering Algorithm.
Valid lengths for this key are {128, 192, 256}.
Value: "cbc(aes)"
CRYPT_AES_CTR
static val CRYPT_AES_CTR: String
AES-CTR Encryption/Ciphering Algorithm.
Valid lengths for keying material are {160, 224, 288}.
As per RFC3686 (Section 5.1), keying material consists of a 128, 192, or 256 bit AES key followed by a 32-bit nonce. RFC compliance requires that the nonce must be unique per security association.
This algorithm may be available on the device. Caller MUST check if it is supported before using it by calling getSupportedAlgorithms()
and checking if this algorithm is included in the returned algorithm set. The returned algorithm set will not change unless the device is rebooted. IllegalArgumentException
will be thrown if this algorithm is requested on an unsupported device.
Value: "rfc3686(ctr(aes))"
Public constructors
IpSecAlgorithm
IpSecAlgorithm(
algorithm: String,
key: ByteArray)
Creates an IpSecAlgorithm of one of the supported types. Supported algorithm names are defined as constants in this class.
For algorithms that produce an integrity check value, the truncation length is a required parameter. See IpSecAlgorithm(java.lang.String,byte[] key,int truncLenBits)
Parameters | |
---|---|
algorithm |
String: name of the algorithm. This value cannot be null . Value is android.net.IpSecAlgorithm#CRYPT_AES_CBC , android.net.IpSecAlgorithm#CRYPT_AES_CTR , android.net.IpSecAlgorithm#AUTH_HMAC_MD5 , android.net.IpSecAlgorithm#AUTH_HMAC_SHA1 , android.net.IpSecAlgorithm#AUTH_HMAC_SHA256 , android.net.IpSecAlgorithm#AUTH_HMAC_SHA384 , android.net.IpSecAlgorithm#AUTH_HMAC_SHA512 , android.net.IpSecAlgorithm#AUTH_AES_XCBC , android.net.IpSecAlgorithm#AUTH_AES_CMAC , android.net.IpSecAlgorithm#AUTH_CRYPT_AES_GCM , or android.net.IpSecAlgorithm#AUTH_CRYPT_CHACHA20_POLY1305 |
key |
ByteArray: key padded to a multiple of 8 bits. This value cannot be null . |
Exceptions | |
---|---|
java.lang.IllegalArgumentException |
if algorithm or key length is invalid. |
IpSecAlgorithm
IpSecAlgorithm(
algorithm: String,
key: ByteArray,
truncLenBits: Int)
Creates an IpSecAlgorithm of one of the supported types. Supported algorithm names are defined as constants in this class.
This constructor only supports algorithms that use a truncation length. i.e. Authentication and Authenticated Encryption algorithms.
Parameters | |
---|---|
algorithm |
String: name of the algorithm. This value cannot be null . Value is android.net.IpSecAlgorithm#CRYPT_AES_CBC , android.net.IpSecAlgorithm#CRYPT_AES_CTR , android.net.IpSecAlgorithm#AUTH_HMAC_MD5 , android.net.IpSecAlgorithm#AUTH_HMAC_SHA1 , android.net.IpSecAlgorithm#AUTH_HMAC_SHA256 , android.net.IpSecAlgorithm#AUTH_HMAC_SHA384 , android.net.IpSecAlgorithm#AUTH_HMAC_SHA512 , android.net.IpSecAlgorithm#AUTH_AES_XCBC , android.net.IpSecAlgorithm#AUTH_AES_CMAC , android.net.IpSecAlgorithm#AUTH_CRYPT_AES_GCM , or android.net.IpSecAlgorithm#AUTH_CRYPT_CHACHA20_POLY1305 |
key |
ByteArray: key padded to a multiple of 8 bits. This value cannot be null . |
truncLenBits |
Int: number of bits of output hash to use. |
Exceptions | |
---|---|
java.lang.IllegalArgumentException |
if algorithm, key length or truncation length is invalid. |
Public methods
describeContents
fun describeContents(): Int
Parcelable Implementation
Return | |
---|---|
Int |
a bitmask indicating the set of special object types marshaled by this Parcelable object instance. Value is either 0 or android.os.Parcelable#CONTENTS_FILE_DESCRIPTOR |
getKey
fun getKey(): ByteArray
Get the key for this algorithm
Return | |
---|---|
ByteArray |
This value cannot be null . |
getName
fun getName(): String
Get the algorithm name
Return | |
---|---|
String |
This value cannot be null . |
getSupportedAlgorithms
static fun getSupportedAlgorithms(): MutableSet<String!>
Returns supported IPsec algorithms for the current device.
Some algorithms may not be supported on old devices. Callers MUST check if an algorithm is supported before using it.
Return | |
---|---|
MutableSet<String!> |
This value cannot be null . |
getTruncationLengthBits
fun getTruncationLengthBits(): Int
Get the truncation length of this algorithm, in bits
toString
fun toString(): String
Returns a string representation of the object.
Return | |
---|---|
String |
This value cannot be null . |
writeToParcel
fun writeToParcel(
out: Parcel,
flags: Int
): Unit
Write to parcel
Parameters | |
---|---|
dest |
The Parcel in which the object should be written. This value cannot be null . |
flags |
Int: Additional flags about how the object should be written. May be 0 or PARCELABLE_WRITE_RETURN_VALUE . Value is either 0 or a combination of android.os.Parcelable#PARCELABLE_WRITE_RETURN_VALUE , and android.os.Parcelable.PARCELABLE_ELIDE_DUPLICATES |
Properties
CREATOR
static val CREATOR: Parcelable.Creator<IpSecAlgorithm!>
Parcelable Creator