src/java/com/android/internal/net/ipsec/ike/exceptions/InvalidKeException.java


1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66

/*
 * Copyright (C) 2019 The Android Open Source Project
 *
 * Licensed under the Apache License, Version 2.0 (the "License");
 * you may not use this file except in compliance with the License.
 * You may obtain a copy of the License at
 *
 *      http://www.apache.org/licenses/LICENSE-2.0
 *
 * Unless required by applicable law or agreed to in writing, software
 * distributed under the License is distributed on an "AS IS" BASIS,
 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 * See the License for the specific language governing permissions and
 * limitations under the License.
 */
package com.android.internal.net.ipsec.ike.exceptions;

import static android.net.ipsec.ike.exceptions.IkeProtocolException.ERROR_TYPE_INVALID_KE_PAYLOAD;

import android.net.ipsec.ike.exceptions.IkeProtocolException;

/**
 * This exception is thrown when the received KE payload in the request is different from accepted
 * Diffie-Hellman group.
 *
 * <p>Responder should include an INVALID_KE_PAYLOAD Notify payload in a response message for both
 * IKE INI exchange and other SA negotiation exchanges after IKE is setup..
 *
 * @see <a href="https://tools.ietf.org/html/rfc7296#section-1.3">RFC 7296, Internet Key Exchange
 *     Protocol Version 2 (IKEv2)</a>
 */
public final class InvalidKeException extends IkeProtocolException {
    private static final int EXPECTED_ERROR_DATA_LEN = 2;

    /**
     * Construct an instance of InvalidKeException
     *
     * @param dhGroup the expected DH group
     */
    public InvalidKeException(int dhGroup) {
        super(ERROR_TYPE_INVALID_KE_PAYLOAD, integerToByteArray(dhGroup, EXPECTED_ERROR_DATA_LEN));
    }

    /**
     * Construct a instance of InvalidKeException from a notify payload.
     *
     * @param notifyData the notify data included in the payload.
     */
    public InvalidKeException(byte[] notifyData) {
        super(ERROR_TYPE_INVALID_KE_PAYLOAD, notifyData);
    }

    /**
     * Return the expected DH Group included in this exception.
     *
     * @return the expected DH Group.
     */
    public int getDhGroup() {
        return byteArrayToInteger(getErrorData());
    }

    @Override
    protected boolean isValidDataLength(int dataLen) {
        return EXPECTED_ERROR_DATA_LEN == dataLen;
    }
}