1 /* 2 * Copyright (C) 2020 The Android Open Source Project 3 * 4 * Licensed under the Apache License, Version 2.0 (the "License"); 5 * you may not use this file except in compliance with the License. 6 * You may obtain a copy of the License at 7 * 8 * http://www.apache.org/licenses/LICENSE-2.0 9 * 10 * Unless required by applicable law or agreed to in writing, software 11 * distributed under the License is distributed on an "AS IS" BASIS, 12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 * See the License for the specific language governing permissions and 14 * limitations under the License. 15 */ 16 package android.net.ipsec.ike.exceptions; 17 18 import android.annotation.NonNull; 19 import android.net.ipsec.ike.ChildSessionCallback; 20 import android.net.ipsec.ike.IkeSessionCallback; 21 22 import java.util.Objects; 23 24 /** 25 * This exception is thrown if the remote server received an IPsec packet with mismatched selectors. 26 * 27 * <p>This exception indicates that the remote server received an IPsec packet whose selectors do 28 * not match those of the IPsec SA on which it was delivered. The error data contains the start of 29 * the offending packet (as in ICMP messages), which is the IP header plus the first 64 bits of the 30 * original datagram's data. 31 * 32 * @see <a href="https://tools.ietf.org/html/rfc7296#section-3.10.1">RFC 7296, Internet Key Exchange 33 * Protocol Version 2 (IKEv2)</a> 34 */ 35 public final class InvalidSelectorsException extends IkeProtocolException { 36 // Minimum IP header length plus 64 bits 37 private static final int EXPECTED_ERROR_DATA_LEN_MIN = 28; 38 39 private final int mIpSecSpi; 40 private final byte[] mIpSecPacketInfo; 41 42 /** 43 * Construct an instance of InvalidSelectorsException. 44 * 45 * <p>Except for testing, IKE library users normally do not instantiate this object themselves 46 * but instead get a reference via {@link IkeSessionCallback} or {@link ChildSessionCallback} 47 * 48 * @param spi the SPI of the IPsec SA that delivered the packet with mismtached selectors. 49 * @param packetInfo the IP header plus the first 64 bits of the packet that has mismtached 50 * selectors. 51 */ InvalidSelectorsException(int spi, @NonNull byte[] packetInfo)52 public InvalidSelectorsException(int spi, @NonNull byte[] packetInfo) { 53 super(ERROR_TYPE_INVALID_SELECTORS, packetInfo); 54 Objects.requireNonNull(packetInfo, "packetInfo is null"); 55 mIpSecSpi = spi; 56 mIpSecPacketInfo = packetInfo.clone(); 57 } 58 59 /** @hide */ 60 @Override isValidDataLength(int dataLen)61 protected boolean isValidDataLength(int dataLen) { 62 return EXPECTED_ERROR_DATA_LEN_MIN <= dataLen; 63 } 64 65 /** Returns the SPI of the IPsec SA that delivered the packet with mismtached selectors. */ getIpSecSpi()66 public int getIpSecSpi() { 67 return mIpSecSpi; 68 } 69 70 /** Returns the IP header plus the first 64 bits of the packet that has mismtached selectors. */ 71 @NonNull getIpSecPacketInfo()72 public byte[] getIpSecPacketInfo() { 73 return mIpSecPacketInfo; 74 } 75 } 76