Google Git
Sign in
android / platform / prebuilts / fullsdk / sources / android-31 / refs/heads/androidx-main / . / android / telephony / gba / TlsParams.java
blob: 922f4bbb4dbfa63dc25e37f6fc5f8df7ed8b2ddf [file] [log] [blame]
/*
* Copyright 2020 The Android Open Source Project
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
package android.telephony.gba;
import android.annotation.IntDef;
import android.annotation.SystemApi;
import java.lang.annotation.Retention;
import java.lang.annotation.RetentionPolicy;
import java.util.Arrays;
/**
* Defines the TLS parameters for GBA as per IANA and TS 33.210, which are used
* by some UA security protocol identifiers defined in 3GPP TS 33.220 Annex H,
* and 3GPP TS 33.222.
*
* @hide
*/
@SystemApi
public class TlsParams {
private TlsParams() {}
/**
* TLS protocol version supported by GBA
*/
public static final int PROTOCOL_VERSION_TLS_1_2 = 0x0303;
public static final int PROTOCOL_VERSION_TLS_1_3 = 0x0304;
/**
* TLS cipher suites are used to create {@link UaSecurityProtocolIdentifier}
* by {@link UaSecurityProtocolIdentifier#create3GppUaSpId}
*
* @hide
*/
@Retention(RetentionPolicy.SOURCE)
@IntDef(
prefix = {"TLS_"},
value = {
TLS_NULL_WITH_NULL_NULL,
TLS_RSA_WITH_NULL_MD5,
TLS_RSA_WITH_NULL_SHA,
TLS_RSA_WITH_RC4_128_MD5,
TLS_RSA_WITH_RC4_128_SHA,
TLS_RSA_WITH_3DES_EDE_CBC_SHA,
TLS_DH_DSS_WITH_3DES_EDE_CBC_SHA,
TLS_DH_RSA_WITH_3DES_EDE_CBC_SHA,
TLS_DHE_DSS_WITH_3DES_EDE_CBC_SHA,
TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA,
TLS_DH_ANON_WITH_RC4_128_MD5,
TLS_DH_ANON_WITH_3DES_EDE_CBC_SHA,
TLS_RSA_WITH_AES_128_CBC_SHA,
TLS_DH_DSS_WITH_AES_128_CBC_SHA,
TLS_DH_RSA_WITH_AES_128_CBC_SHA,
TLS_DHE_DSS_WITH_AES_128_CBC_SHA,
TLS_DHE_RSA_WITH_AES_128_CBC_SHA,
TLS_DH_ANON_WITH_AES_128_CBC_SHA,
TLS_RSA_WITH_AES_256_CBC_SHA,
TLS_DH_DSS_WITH_AES_256_CBC_SHA,
TLS_DH_RSA_WITH_AES_256_CBC_SHA,
TLS_DHE_DSS_WITH_AES_256_CBC_SHA,
TLS_DHE_RSA_WITH_AES_256_CBC_SHA,
TLS_DH_ANON_WITH_AES_256_CBC_SHA,
TLS_RSA_WITH_NULL_SHA256,
TLS_RSA_WITH_AES_128_CBC_SHA256,
TLS_RSA_WITH_AES_256_CBC_SHA256,
TLS_DH_DSS_WITH_AES_128_CBC_SHA256,
TLS_DH_RSA_WITH_AES_128_CBC_SHA256,
TLS_DHE_DSS_WITH_AES_128_CBC_SHA256,
TLS_DHE_RSA_WITH_AES_128_CBC_SHA256,
TLS_DH_DSS_WITH_AES_256_CBC_SHA256,
TLS_DH_RSA_WITH_AES_256_CBC_SHA256,
TLS_DHE_DSS_WITH_AES_256_CBC_SHA256,
TLS_DHE_RSA_WITH_AES_256_CBC_SHA256,
TLS_DH_ANON_WITH_AES_128_CBC_SHA256,
TLS_DH_ANON_WITH_AES_256_CBC_SHA256,
TLS_DHE_RSA_WITH_AES_128_GCM_SHA256,
TLS_DHE_RSA_WITH_AES_256_GCM_SHA384,
TLS_DHE_PSK_WITH_AES_128_GCM_SHA256,
TLS_DHE_PSK_WITH_AES_256_GCM_SHA384,
TLS_AES_128_GCM_SHA256,
TLS_AES_256_GCM_SHA384,
TLS_CHACHA20_POLY1305_SHA256,
TLS_AES_128_CCM_SHA256,
TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256,
TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384,
TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256,
TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384,
TLS_DHE_RSA_WITH_AES_128_CCM,
TLS_DHE_RSA_WITH_AES_256_CCM,
TLS_DHE_PSK_WITH_AES_128_CCM,
TLS_DHE_PSK_WITH_AES_256_CCM,
TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256,
TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256,
TLS_DHE_RSA_WITH_CHACHA20_POLY1305_SHA256,
TLS_ECDHE_PSK_WITH_CHACHA20_POLY1305_SHA256,
TLS_DHE_PSK_WITH_CHACHA20_POLY1305_SHA256,
TLS_ECDHE_PSK_WITH_AES_128_GCM_SHA256,
TLS_ECDHE_PSK_WITH_AES_256_GCM_SHA384,
TLS_ECDHE_PSK_WITH_AES_128_CCM_SHA256
})
public @interface TlsCipherSuite {}
// Cipher suites for TLS v1.2 per RFC5246
public static final int TLS_NULL_WITH_NULL_NULL = 0x0000;
public static final int TLS_RSA_WITH_NULL_MD5 = 0x0001;
public static final int TLS_RSA_WITH_NULL_SHA = 0x0002;
public static final int TLS_RSA_WITH_RC4_128_MD5 = 0x0004;
public static final int TLS_RSA_WITH_RC4_128_SHA = 0x0005;
public static final int TLS_RSA_WITH_3DES_EDE_CBC_SHA = 0x000A;
public static final int TLS_DH_DSS_WITH_3DES_EDE_CBC_SHA = 0x000D;
public static final int TLS_DH_RSA_WITH_3DES_EDE_CBC_SHA = 0x0010;
public static final int TLS_DHE_DSS_WITH_3DES_EDE_CBC_SHA = 0x0013;
public static final int TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA = 0x0016;
public static final int TLS_DH_ANON_WITH_RC4_128_MD5 = 0x0018;
public static final int TLS_DH_ANON_WITH_3DES_EDE_CBC_SHA = 0x001B;
public static final int TLS_RSA_WITH_AES_128_CBC_SHA = 0x002F;
public static final int TLS_DH_DSS_WITH_AES_128_CBC_SHA = 0x0030;
public static final int TLS_DH_RSA_WITH_AES_128_CBC_SHA = 0x0031;
public static final int TLS_DHE_DSS_WITH_AES_128_CBC_SHA = 0x0032;
public static final int TLS_DHE_RSA_WITH_AES_128_CBC_SHA = 0x0033;
public static final int TLS_DH_ANON_WITH_AES_128_CBC_SHA = 0x0034;
public static final int TLS_RSA_WITH_AES_256_CBC_SHA = 0x0035;
public static final int TLS_DH_DSS_WITH_AES_256_CBC_SHA = 0x0036;
public static final int TLS_DH_RSA_WITH_AES_256_CBC_SHA = 0x0037;
public static final int TLS_DHE_DSS_WITH_AES_256_CBC_SHA = 0x0038;
public static final int TLS_DHE_RSA_WITH_AES_256_CBC_SHA = 0x0039;
public static final int TLS_DH_ANON_WITH_AES_256_CBC_SHA = 0x003A;
public static final int TLS_RSA_WITH_NULL_SHA256 = 0x003B;
public static final int TLS_RSA_WITH_AES_128_CBC_SHA256 = 0x003C;
public static final int TLS_RSA_WITH_AES_256_CBC_SHA256 = 0x003D;
public static final int TLS_DH_DSS_WITH_AES_128_CBC_SHA256 = 0x003E;
public static final int TLS_DH_RSA_WITH_AES_128_CBC_SHA256 = 0x003F;
public static final int TLS_DHE_DSS_WITH_AES_128_CBC_SHA256 = 0x0040;
public static final int TLS_DHE_RSA_WITH_AES_128_CBC_SHA256 = 0x0067;
public static final int TLS_DH_DSS_WITH_AES_256_CBC_SHA256 = 0x0068;
public static final int TLS_DH_RSA_WITH_AES_256_CBC_SHA256 = 0x0069;
public static final int TLS_DHE_DSS_WITH_AES_256_CBC_SHA256 = 0x006A;
public static final int TLS_DHE_RSA_WITH_AES_256_CBC_SHA256 = 0x006B;
public static final int TLS_DH_ANON_WITH_AES_128_CBC_SHA256 = 0x006C;
public static final int TLS_DH_ANON_WITH_AES_256_CBC_SHA256 = 0x006D;
// Cipher suites for TLS v1.3 per RFC8446 and recommended by IANA
public static final int TLS_DHE_RSA_WITH_AES_128_GCM_SHA256 = 0x009E;
public static final int TLS_DHE_RSA_WITH_AES_256_GCM_SHA384 = 0x009F;
public static final int TLS_DHE_PSK_WITH_AES_128_GCM_SHA256 = 0x00AA;
public static final int TLS_DHE_PSK_WITH_AES_256_GCM_SHA384 = 0x00AB;
public static final int TLS_AES_128_GCM_SHA256 = 0x1301;
public static final int TLS_AES_256_GCM_SHA384 = 0x1302;
public static final int TLS_CHACHA20_POLY1305_SHA256 = 0x1303;
public static final int TLS_AES_128_CCM_SHA256 = 0x1304;
public static final int TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 = 0xC02B;
public static final int TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384 = 0xC02C;
public static final int TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 = 0xC02F;
public static final int TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 = 0xC030;
public static final int TLS_DHE_RSA_WITH_AES_128_CCM = 0xC09E;
public static final int TLS_DHE_RSA_WITH_AES_256_CCM = 0xC09F;
public static final int TLS_DHE_PSK_WITH_AES_128_CCM = 0xC0A6;
public static final int TLS_DHE_PSK_WITH_AES_256_CCM = 0xC0A7;
public static final int TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256 = 0xCCA8;
public static final int TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256 = 0xCCA9;
public static final int TLS_DHE_RSA_WITH_CHACHA20_POLY1305_SHA256 = 0xCCAA;
public static final int TLS_ECDHE_PSK_WITH_CHACHA20_POLY1305_SHA256 = 0xCCAC;
public static final int TLS_DHE_PSK_WITH_CHACHA20_POLY1305_SHA256 = 0xCCAD;
public static final int TLS_ECDHE_PSK_WITH_AES_128_GCM_SHA256 = 0xD001;
public static final int TLS_ECDHE_PSK_WITH_AES_256_GCM_SHA384 = 0xD002;
public static final int TLS_ECDHE_PSK_WITH_AES_128_CCM_SHA256 = 0xD005;
private static final int[] CS_EXPECTED = {
TLS_NULL_WITH_NULL_NULL,
TLS_RSA_WITH_NULL_MD5,
TLS_RSA_WITH_NULL_SHA,
TLS_RSA_WITH_RC4_128_MD5,
TLS_RSA_WITH_RC4_128_SHA,
TLS_RSA_WITH_3DES_EDE_CBC_SHA,
TLS_DH_DSS_WITH_3DES_EDE_CBC_SHA,
TLS_DH_RSA_WITH_3DES_EDE_CBC_SHA,
TLS_DHE_DSS_WITH_3DES_EDE_CBC_SHA,
TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA,
TLS_DH_ANON_WITH_RC4_128_MD5,
TLS_DH_ANON_WITH_3DES_EDE_CBC_SHA,
TLS_RSA_WITH_AES_128_CBC_SHA,
TLS_DH_DSS_WITH_AES_128_CBC_SHA,
TLS_DH_RSA_WITH_AES_128_CBC_SHA,
TLS_DHE_DSS_WITH_AES_128_CBC_SHA,
TLS_DHE_RSA_WITH_AES_128_CBC_SHA,
TLS_DH_ANON_WITH_AES_128_CBC_SHA,
TLS_RSA_WITH_AES_256_CBC_SHA,
TLS_DH_DSS_WITH_AES_256_CBC_SHA,
TLS_DH_RSA_WITH_AES_256_CBC_SHA,
TLS_DHE_DSS_WITH_AES_256_CBC_SHA,
TLS_DHE_RSA_WITH_AES_256_CBC_SHA,
TLS_DH_ANON_WITH_AES_256_CBC_SHA,
TLS_RSA_WITH_NULL_SHA256,
TLS_RSA_WITH_AES_128_CBC_SHA256,
TLS_RSA_WITH_AES_256_CBC_SHA256,
TLS_DH_DSS_WITH_AES_128_CBC_SHA256,
TLS_DH_RSA_WITH_AES_128_CBC_SHA256,
TLS_DHE_DSS_WITH_AES_128_CBC_SHA256,
TLS_DHE_RSA_WITH_AES_128_CBC_SHA256,
TLS_DH_DSS_WITH_AES_256_CBC_SHA256,
TLS_DH_RSA_WITH_AES_256_CBC_SHA256,
TLS_DHE_DSS_WITH_AES_256_CBC_SHA256,
TLS_DHE_RSA_WITH_AES_256_CBC_SHA256,
TLS_DH_ANON_WITH_AES_128_CBC_SHA256,
TLS_DH_ANON_WITH_AES_256_CBC_SHA256,
TLS_DHE_RSA_WITH_AES_128_GCM_SHA256,
TLS_DHE_RSA_WITH_AES_256_GCM_SHA384,
TLS_DHE_PSK_WITH_AES_128_GCM_SHA256,
TLS_DHE_PSK_WITH_AES_256_GCM_SHA384,
TLS_AES_128_GCM_SHA256,
TLS_AES_256_GCM_SHA384,
TLS_CHACHA20_POLY1305_SHA256,
TLS_AES_128_CCM_SHA256,
TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256,
TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384,
TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256,
TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384,
TLS_DHE_RSA_WITH_AES_128_CCM,
TLS_DHE_RSA_WITH_AES_256_CCM,
TLS_DHE_PSK_WITH_AES_128_CCM,
TLS_DHE_PSK_WITH_AES_256_CCM,
TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256,
TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256,
TLS_DHE_RSA_WITH_CHACHA20_POLY1305_SHA256,
TLS_ECDHE_PSK_WITH_CHACHA20_POLY1305_SHA256,
TLS_DHE_PSK_WITH_CHACHA20_POLY1305_SHA256,
TLS_ECDHE_PSK_WITH_AES_128_GCM_SHA256,
TLS_ECDHE_PSK_WITH_AES_256_GCM_SHA384,
TLS_ECDHE_PSK_WITH_AES_128_CCM_SHA256
};
/**
* TLS supported groups required by TS 33.210
*/
public static final int GROUP_SECP256R1 = 23;
public static final int GROUP_SECP384R1 = 24;
public static final int GROUP_X25519 = 29;
public static final int GROUP_X448 = 30;
/**
* Signature algorithms shall be supported as per TS 33.210
*/
public static final int SIG_RSA_PKCS1_SHA1 = 0X0201;
public static final int SIG_ECDSA_SHA1 = 0X0203;
public static final int SIG_RSA_PKCS1_SHA256 = 0X0401;
public static final int SIG_ECDSA_SECP256R1_SHA256 = 0X0403;
public static final int SIG_RSA_PKCS1_SHA256_LEGACY = 0X0420;
public static final int SIG_RSA_PKCS1_SHA384 = 0X0501;
public static final int SIG_ECDSA_SECP384R1_SHA384 = 0X0503;
public static final int SIG_RSA_PKCS1_SHA384_LEGACY = 0X0520;
public static final int SIG_RSA_PKCS1_SHA512 = 0X0601;
public static final int SIG_ECDSA_SECP521R1_SHA512 = 0X0603;
public static final int SIG_RSA_PKCS1_SHA512_LEGACY = 0X0620;
public static final int SIG_RSA_PSS_RSAE_SHA256 = 0X0804;
public static final int SIG_RSA_PSS_RSAE_SHA384 = 0X0805;
public static final int SIG_RSA_PSS_RSAE_SHA512 = 0X0806;
public static final int SIG_ECDSA_BRAINPOOLP256R1TLS13_SHA256 = 0X081A;
public static final int SIG_ECDSA_BRAINPOOLP384R1TLS13_SHA384 = 0X081B;
public static final int SIG_ECDSA_BRAINPOOLP512R1TLS13_SHA512 = 0X081C;
/**
* Returns whether the TLS cipher suite id is supported
*/
public static boolean isTlsCipherSuiteSupported(int csId) {
return Arrays.binarySearch(CS_EXPECTED, csId) >= 0;
}
}