Google Git
Sign in
android / platform / frameworks / base / ef7605be2ebbaab97e65ff7597b0ca21fb6df7e3 / . / services / core / java / com / android / server / connectivity / VpnIkev2Utils.java
blob: 626303001ba0b22e47c6bb2414da08a15e5dc61c [file] [log] [blame]
/*
* Copyright (C) 2020 The Android Open Source Project
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
package com.android.server.connectivity;
import static android.net.ConnectivityManager.NetworkCallback;
import static android.net.ipsec.ike.SaProposal.DH_GROUP_2048_BIT_MODP;
import static android.net.ipsec.ike.SaProposal.ENCRYPTION_ALGORITHM_AES_CBC;
import static android.net.ipsec.ike.SaProposal.ENCRYPTION_ALGORITHM_AES_GCM_12;
import static android.net.ipsec.ike.SaProposal.ENCRYPTION_ALGORITHM_AES_GCM_16;
import static android.net.ipsec.ike.SaProposal.ENCRYPTION_ALGORITHM_AES_GCM_8;
import static android.net.ipsec.ike.SaProposal.INTEGRITY_ALGORITHM_AES_XCBC_96;
import static android.net.ipsec.ike.SaProposal.INTEGRITY_ALGORITHM_HMAC_SHA2_256_128;
import static android.net.ipsec.ike.SaProposal.INTEGRITY_ALGORITHM_HMAC_SHA2_384_192;
import static android.net.ipsec.ike.SaProposal.INTEGRITY_ALGORITHM_HMAC_SHA2_512_256;
import static android.net.ipsec.ike.SaProposal.KEY_LEN_AES_128;
import static android.net.ipsec.ike.SaProposal.KEY_LEN_AES_192;
import static android.net.ipsec.ike.SaProposal.KEY_LEN_AES_256;
import static android.net.ipsec.ike.SaProposal.PSEUDORANDOM_FUNCTION_AES128_XCBC;
import static android.net.ipsec.ike.SaProposal.PSEUDORANDOM_FUNCTION_HMAC_SHA1;
import android.annotation.NonNull;
import android.content.Context;
import android.net.Ikev2VpnProfile;
import android.net.InetAddresses;
import android.net.IpPrefix;
import android.net.IpSecAlgorithm;
import android.net.IpSecTransform;
import android.net.Network;
import android.net.RouteInfo;
import android.net.eap.EapSessionConfig;
import android.net.ipsec.ike.ChildSaProposal;
import android.net.ipsec.ike.ChildSessionCallback;
import android.net.ipsec.ike.ChildSessionConfiguration;
import android.net.ipsec.ike.ChildSessionParams;
import android.net.ipsec.ike.IkeFqdnIdentification;
import android.net.ipsec.ike.IkeIdentification;
import android.net.ipsec.ike.IkeIpv4AddrIdentification;
import android.net.ipsec.ike.IkeIpv6AddrIdentification;
import android.net.ipsec.ike.IkeKeyIdIdentification;
import android.net.ipsec.ike.IkeRfc822AddrIdentification;
import android.net.ipsec.ike.IkeSaProposal;
import android.net.ipsec.ike.IkeSessionCallback;
import android.net.ipsec.ike.IkeSessionConfiguration;
import android.net.ipsec.ike.IkeSessionParams;
import android.net.ipsec.ike.IkeTrafficSelector;
import android.net.ipsec.ike.TunnelModeChildSessionParams;
import android.net.ipsec.ike.exceptions.IkeException;
import android.net.ipsec.ike.exceptions.IkeProtocolException;
import android.net.util.IpRange;
import android.system.OsConstants;
import android.util.Log;
import com.android.internal.net.VpnProfile;
import com.android.internal.util.HexDump;
import java.net.Inet4Address;
import java.net.Inet6Address;
import java.net.InetAddress;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.Collection;
import java.util.HashSet;
import java.util.List;
/**
* Utility class to build and convert IKEv2/IPsec parameters.
*
* @hide
*/
public class VpnIkev2Utils {
private static final String TAG = VpnIkev2Utils.class.getSimpleName();
// TODO: Use IKE library exposed constants when @SystemApi is updated.
/** IANA-defined 3072 group for use in IKEv2 */
private static final int DH_GROUP_3072_BIT_MODP = 15;
/** IANA-defined 4096 group for use in IKEv2 */
private static final int DH_GROUP_4096_BIT_MODP = 16;
static IkeSessionParams buildIkeSessionParams(
@NonNull Context context, @NonNull Ikev2VpnProfile profile, @NonNull Network network) {
final IkeIdentification localId = parseIkeIdentification(profile.getUserIdentity());
final IkeIdentification remoteId = parseIkeIdentification(profile.getServerAddr());
final IkeSessionParams.Builder ikeOptionsBuilder =
new IkeSessionParams.Builder(context)
.setServerHostname(profile.getServerAddr())
.setNetwork(network)
.setLocalIdentification(localId)
.setRemoteIdentification(remoteId);
setIkeAuth(profile, ikeOptionsBuilder);
for (final IkeSaProposal ikeProposal : getIkeSaProposals()) {
ikeOptionsBuilder.addSaProposal(ikeProposal);
}
return ikeOptionsBuilder.build();
}
static ChildSessionParams buildChildSessionParams(List<String> allowedAlgorithms) {
final TunnelModeChildSessionParams.Builder childOptionsBuilder =
new TunnelModeChildSessionParams.Builder();
for (final ChildSaProposal childProposal : getChildSaProposals(allowedAlgorithms)) {
childOptionsBuilder.addSaProposal(childProposal);
}
childOptionsBuilder.addInternalAddressRequest(OsConstants.AF_INET);
childOptionsBuilder.addInternalAddressRequest(OsConstants.AF_INET6);
childOptionsBuilder.addInternalDnsServerRequest(OsConstants.AF_INET);
childOptionsBuilder.addInternalDnsServerRequest(OsConstants.AF_INET6);
return childOptionsBuilder.build();
}
private static void setIkeAuth(
@NonNull Ikev2VpnProfile profile, @NonNull IkeSessionParams.Builder builder) {
switch (profile.getType()) {
case VpnProfile.TYPE_IKEV2_IPSEC_USER_PASS:
final EapSessionConfig eapConfig =
new EapSessionConfig.Builder()
.setEapMsChapV2Config(profile.getUsername(), profile.getPassword())
.build();
builder.setAuthEap(profile.getServerRootCaCert(), eapConfig);
break;
case VpnProfile.TYPE_IKEV2_IPSEC_PSK:
builder.setAuthPsk(profile.getPresharedKey());
break;
case VpnProfile.TYPE_IKEV2_IPSEC_RSA:
builder.setAuthDigitalSignature(
profile.getServerRootCaCert(),
profile.getUserCert(),
profile.getRsaPrivateKey());
break;
default:
throw new IllegalArgumentException("Unknown auth method set");
}
}
private static List<IkeSaProposal> getIkeSaProposals() {
// TODO: Add ability to filter this when IKEv2 API is made Public API
final List<IkeSaProposal> proposals = new ArrayList<>();
// Encryption Algorithms: Currently only AES_CBC is supported.
final IkeSaProposal.Builder normalModeBuilder = new IkeSaProposal.Builder();
// Currently only AES_CBC is supported.
normalModeBuilder.addEncryptionAlgorithm(ENCRYPTION_ALGORITHM_AES_CBC, KEY_LEN_AES_256);
normalModeBuilder.addEncryptionAlgorithm(ENCRYPTION_ALGORITHM_AES_CBC, KEY_LEN_AES_192);
normalModeBuilder.addEncryptionAlgorithm(ENCRYPTION_ALGORITHM_AES_CBC, KEY_LEN_AES_128);
// Authentication/Integrity Algorithms
normalModeBuilder.addIntegrityAlgorithm(INTEGRITY_ALGORITHM_HMAC_SHA2_512_256);
normalModeBuilder.addIntegrityAlgorithm(INTEGRITY_ALGORITHM_HMAC_SHA2_384_192);
normalModeBuilder.addIntegrityAlgorithm(INTEGRITY_ALGORITHM_HMAC_SHA2_256_128);
normalModeBuilder.addIntegrityAlgorithm(INTEGRITY_ALGORITHM_AES_XCBC_96);
// Add AEAD options
final IkeSaProposal.Builder aeadBuilder = new IkeSaProposal.Builder();
aeadBuilder.addEncryptionAlgorithm(ENCRYPTION_ALGORITHM_AES_GCM_16, KEY_LEN_AES_256);
aeadBuilder.addEncryptionAlgorithm(ENCRYPTION_ALGORITHM_AES_GCM_12, KEY_LEN_AES_256);
aeadBuilder.addEncryptionAlgorithm(ENCRYPTION_ALGORITHM_AES_GCM_8, KEY_LEN_AES_256);
aeadBuilder.addEncryptionAlgorithm(ENCRYPTION_ALGORITHM_AES_GCM_16, KEY_LEN_AES_192);
aeadBuilder.addEncryptionAlgorithm(ENCRYPTION_ALGORITHM_AES_GCM_12, KEY_LEN_AES_192);
aeadBuilder.addEncryptionAlgorithm(ENCRYPTION_ALGORITHM_AES_GCM_8, KEY_LEN_AES_192);
aeadBuilder.addEncryptionAlgorithm(ENCRYPTION_ALGORITHM_AES_GCM_16, KEY_LEN_AES_128);
aeadBuilder.addEncryptionAlgorithm(ENCRYPTION_ALGORITHM_AES_GCM_12, KEY_LEN_AES_128);
aeadBuilder.addEncryptionAlgorithm(ENCRYPTION_ALGORITHM_AES_GCM_8, KEY_LEN_AES_128);
// Add dh, prf for both builders
for (final IkeSaProposal.Builder builder : Arrays.asList(normalModeBuilder, aeadBuilder)) {
builder.addDhGroup(DH_GROUP_4096_BIT_MODP);
builder.addDhGroup(DH_GROUP_3072_BIT_MODP);
builder.addDhGroup(DH_GROUP_2048_BIT_MODP);
builder.addPseudorandomFunction(PSEUDORANDOM_FUNCTION_AES128_XCBC);
builder.addPseudorandomFunction(PSEUDORANDOM_FUNCTION_HMAC_SHA1);
}
proposals.add(normalModeBuilder.build());
proposals.add(aeadBuilder.build());
return proposals;
}
/** Builds a child SA proposal based on the allowed IPsec algorithms */
private static List<ChildSaProposal> getChildSaProposals(List<String> allowedAlgorithms) {
final List<ChildSaProposal> proposals = new ArrayList<>();
// Add non-AEAD options
if (Ikev2VpnProfile.hasNormalModeAlgorithms(allowedAlgorithms)) {
final ChildSaProposal.Builder normalModeBuilder = new ChildSaProposal.Builder();
// Encryption Algorithms:
// AES-CBC is currently the only supported encryption algorithm.
normalModeBuilder.addEncryptionAlgorithm(ENCRYPTION_ALGORITHM_AES_CBC, KEY_LEN_AES_256);
normalModeBuilder.addEncryptionAlgorithm(ENCRYPTION_ALGORITHM_AES_CBC, KEY_LEN_AES_192);
normalModeBuilder.addEncryptionAlgorithm(ENCRYPTION_ALGORITHM_AES_CBC, KEY_LEN_AES_128);
// Authentication/Integrity Algorithms:
// Guaranteed by Ikev2VpnProfile constructor to contain at least one of these.
if (allowedAlgorithms.contains(IpSecAlgorithm.AUTH_HMAC_SHA512)) {
normalModeBuilder.addIntegrityAlgorithm(INTEGRITY_ALGORITHM_HMAC_SHA2_512_256);
}
if (allowedAlgorithms.contains(IpSecAlgorithm.AUTH_HMAC_SHA384)) {
normalModeBuilder.addIntegrityAlgorithm(INTEGRITY_ALGORITHM_HMAC_SHA2_384_192);
}
if (allowedAlgorithms.contains(IpSecAlgorithm.AUTH_HMAC_SHA256)) {
normalModeBuilder.addIntegrityAlgorithm(INTEGRITY_ALGORITHM_HMAC_SHA2_256_128);
}
ChildSaProposal proposal = normalModeBuilder.build();
if (proposal.getIntegrityAlgorithms().isEmpty()) {
// Should be impossible; Verified in Ikev2VpnProfile.
Log.wtf(TAG, "Missing integrity algorithm when buildling Child SA proposal");
} else {
proposals.add(normalModeBuilder.build());
}
}
// Add AEAD options
if (Ikev2VpnProfile.hasAeadAlgorithms(allowedAlgorithms)) {
final ChildSaProposal.Builder aeadBuilder = new ChildSaProposal.Builder();
// AES-GCM is currently the only supported AEAD algorithm
aeadBuilder.addEncryptionAlgorithm(ENCRYPTION_ALGORITHM_AES_GCM_16, KEY_LEN_AES_256);
aeadBuilder.addEncryptionAlgorithm(ENCRYPTION_ALGORITHM_AES_GCM_12, KEY_LEN_AES_256);
aeadBuilder.addEncryptionAlgorithm(ENCRYPTION_ALGORITHM_AES_GCM_8, KEY_LEN_AES_256);
aeadBuilder.addEncryptionAlgorithm(ENCRYPTION_ALGORITHM_AES_GCM_16, KEY_LEN_AES_192);
aeadBuilder.addEncryptionAlgorithm(ENCRYPTION_ALGORITHM_AES_GCM_12, KEY_LEN_AES_192);
aeadBuilder.addEncryptionAlgorithm(ENCRYPTION_ALGORITHM_AES_GCM_8, KEY_LEN_AES_192);
aeadBuilder.addEncryptionAlgorithm(ENCRYPTION_ALGORITHM_AES_GCM_16, KEY_LEN_AES_128);
aeadBuilder.addEncryptionAlgorithm(ENCRYPTION_ALGORITHM_AES_GCM_12, KEY_LEN_AES_128);
aeadBuilder.addEncryptionAlgorithm(ENCRYPTION_ALGORITHM_AES_GCM_8, KEY_LEN_AES_128);
proposals.add(aeadBuilder.build());
}
return proposals;
}
static class IkeSessionCallbackImpl implements IkeSessionCallback {
private final String mTag;
private final Vpn.IkeV2VpnRunnerCallback mCallback;
private final Network mNetwork;
IkeSessionCallbackImpl(String tag, Vpn.IkeV2VpnRunnerCallback callback, Network network) {
mTag = tag;
mCallback = callback;
mNetwork = network;
}
@Override
public void onOpened(@NonNull IkeSessionConfiguration ikeSessionConfig) {
Log.d(mTag, "IkeOpened for network " + mNetwork);
// Nothing to do here.
}
@Override
public void onClosed() {
Log.d(mTag, "IkeClosed for network " + mNetwork);
mCallback.onSessionLost(mNetwork, null); // Server requested session closure. Retry?
}
@Override
public void onClosedExceptionally(@NonNull IkeException exception) {
Log.d(mTag, "IkeClosedExceptionally for network " + mNetwork, exception);
mCallback.onSessionLost(mNetwork, exception);
}
@Override
public void onError(@NonNull IkeProtocolException exception) {
Log.d(mTag, "IkeError for network " + mNetwork, exception);
// Non-fatal, log and continue.
}
}
static class ChildSessionCallbackImpl implements ChildSessionCallback {
private final String mTag;
private final Vpn.IkeV2VpnRunnerCallback mCallback;
private final Network mNetwork;
ChildSessionCallbackImpl(String tag, Vpn.IkeV2VpnRunnerCallback callback, Network network) {
mTag = tag;
mCallback = callback;
mNetwork = network;
}
@Override
public void onOpened(@NonNull ChildSessionConfiguration childConfig) {
Log.d(mTag, "ChildOpened for network " + mNetwork);
mCallback.onChildOpened(mNetwork, childConfig);
}
@Override
public void onClosed() {
Log.d(mTag, "ChildClosed for network " + mNetwork);
mCallback.onSessionLost(mNetwork, null);
}
@Override
public void onClosedExceptionally(@NonNull IkeException exception) {
Log.d(mTag, "ChildClosedExceptionally for network " + mNetwork, exception);
mCallback.onSessionLost(mNetwork, exception);
}
@Override
public void onIpSecTransformCreated(@NonNull IpSecTransform transform, int direction) {
Log.d(mTag, "ChildTransformCreated; Direction: " + direction + "; network " + mNetwork);
mCallback.onChildTransformCreated(mNetwork, transform, direction);
}
@Override
public void onIpSecTransformDeleted(@NonNull IpSecTransform transform, int direction) {
// Nothing to be done; no references to the IpSecTransform are held by the
// Ikev2VpnRunner (or this callback class), and this transform will be closed by the
// IKE library.
Log.d(mTag,
"ChildTransformDeleted; Direction: " + direction + "; for network " + mNetwork);
}
}
static class Ikev2VpnNetworkCallback extends NetworkCallback {
private final String mTag;
private final Vpn.IkeV2VpnRunnerCallback mCallback;
Ikev2VpnNetworkCallback(String tag, Vpn.IkeV2VpnRunnerCallback callback) {
mTag = tag;
mCallback = callback;
}
@Override
public void onAvailable(@NonNull Network network) {
Log.d(mTag, "Starting IKEv2/IPsec session on new network: " + network);
mCallback.onDefaultNetworkChanged(network);
}
@Override
public void onLost(@NonNull Network network) {
Log.d(mTag, "Tearing down; lost network: " + network);
mCallback.onSessionLost(network, null);
}
}
/**
* Identity parsing logic using similar logic to open source implementations of IKEv2
*
* <p>This method does NOT support using type-prefixes (eg 'fqdn:' or 'keyid'), or ASN.1 encoded
* identities.
*/
private static IkeIdentification parseIkeIdentification(@NonNull String identityStr) {
// TODO: Add identity formatting to public API javadocs.
if (identityStr.contains("@")) {
if (identityStr.startsWith("@#")) {
// KEY_ID
final String hexStr = identityStr.substring(2);
return new IkeKeyIdIdentification(HexDump.hexStringToByteArray(hexStr));
} else if (identityStr.startsWith("@@")) {
// RFC822 (USER_FQDN)
return new IkeRfc822AddrIdentification(identityStr.substring(2));
} else if (identityStr.startsWith("@")) {
// FQDN
return new IkeFqdnIdentification(identityStr.substring(1));
} else {
// RFC822 (USER_FQDN)
return new IkeRfc822AddrIdentification(identityStr);
}
} else if (InetAddresses.isNumericAddress(identityStr)) {
final InetAddress addr = InetAddresses.parseNumericAddress(identityStr);
if (addr instanceof Inet4Address) {
// IPv4
return new IkeIpv4AddrIdentification((Inet4Address) addr);
} else if (addr instanceof Inet6Address) {
// IPv6
return new IkeIpv6AddrIdentification((Inet6Address) addr);
} else {
throw new IllegalArgumentException("IP version not supported");
}
} else {
if (identityStr.contains(":")) {
// KEY_ID
return new IkeKeyIdIdentification(identityStr.getBytes());
} else {
// FQDN
return new IkeFqdnIdentification(identityStr);
}
}
}
static Collection<RouteInfo> getRoutesFromTrafficSelectors(
List<IkeTrafficSelector> trafficSelectors) {
final HashSet<RouteInfo> routes = new HashSet<>();
for (final IkeTrafficSelector selector : trafficSelectors) {
for (final IpPrefix prefix :
new IpRange(selector.startingAddress, selector.endingAddress).asIpPrefixes()) {
routes.add(new RouteInfo(prefix, null));
}
}
return routes;
}
}