Most visited

Recently visited

Results for

Summary: Ctors | Methods | Inherited Methods

Ikev2VpnProfile.Builder

public static final class Ikev2VpnProfile.Builder
extends Object

java.lang.Object
↳	android.net.Ikev2VpnProfile.Builder

A incremental builder for IKEv2 VPN profiles

Summary

Public constructors
`Builder(String serverAddr, String identity)` Creates a new builder with the basic parameters of an IKEv2/IPsec VPN.

Public methods
`Ikev2VpnProfile`	`build()` Validates, builds and provisions the VpnProfile.
`Ikev2VpnProfile.Builder`	`setAllowedAlgorithms(List<String> algorithmNames)` Sets the allowable set of IPsec algorithms If set, this will constrain the set of algorithms that the IPsec tunnel will use for integrity verification and encryption to the provided list.
`Ikev2VpnProfile.Builder`	`setAuthDigitalSignature(X509Certificate userCert, PrivateKey key, X509Certificate serverRootCa)` Set the IKEv2 authentication to use Digital Signature Authentication with the given key.
`Ikev2VpnProfile.Builder`	`setAuthPsk(byte[] psk)` Set the IKEv2 authentication to use Preshared keys.
`Ikev2VpnProfile.Builder`	`setAuthUsernamePassword(String user, String pass, X509Certificate serverRootCa)` Set the IKEv2 authentication to use the provided username/password.
`Ikev2VpnProfile.Builder`	`setBypassable(boolean isBypassable)` Sets whether apps can bypass this VPN connection.
`Ikev2VpnProfile.Builder`	`setMaxMtu(int mtu)` Set the upper bound of the maximum transmission unit (MTU) of the VPN interface.
`Ikev2VpnProfile.Builder`	`setMetered(boolean isMetered)` Marks the VPN network as metered.
`Ikev2VpnProfile.Builder`	`setProxy(ProxyInfo proxy)` Sets a proxy for the VPN network.

Inherited methods

From class


        
          java.lang.Object

`Object`	`clone()` Creates and returns a copy of this object.
`boolean`	`equals(Object obj)` Indicates whether some other object is "equal to" this one.
`void`	`finalize()` Called by the garbage collector on an object when garbage collection determines that there are no more references to the object.
`final Class<?>`	`getClass()` Returns the runtime class of this `Object`.
`int`	`hashCode()` Returns a hash code value for the object.
`final void`	`notify()` Wakes up a single thread that is waiting on this object's monitor.
`final void`	`notifyAll()` Wakes up all threads that are waiting on this object's monitor.
`String`	`toString()` Returns a string representation of the object.
`final void`	`wait(long timeout, int nanos)` Causes the current thread to wait until another thread invokes the `notify()` method or the `notifyAll()` method for this object, or some other thread interrupts the current thread, or a certain amount of real time has elapsed.
`final void`	`wait(long timeout)` Causes the current thread to wait until either another thread invokes the `notify()` method or the `notifyAll()` method for this object, or a specified amount of time has elapsed.
`final void`	`wait()` Causes the current thread to wait until another thread invokes the `notify()` method or the `notifyAll()` method for this object.

Public constructors

Builder

public Builder (String serverAddr, 
                String identity)

Creates a new builder with the basic parameters of an IKEv2/IPsec VPN.
Requires the PackageManager#FEATURE_IPSEC_TUNNELS feature which can be detected using PackageManager.hasSystemFeature(String).

Parameters
`serverAddr`	`String`: the server that the VPN should connect to This value cannot be `null`.
`identity`	`String`: the identity string to be used for IKEv2 authentication This value cannot be `null`.

Public methods

build

public Ikev2VpnProfile build ()

Validates, builds and provisions the VpnProfile.
Requires the PackageManager#FEATURE_IPSEC_TUNNELS feature which can be detected using PackageManager.hasSystemFeature(String).

Returns
`Ikev2VpnProfile`	This value cannot be `null`.

Throws
`IllegalArgumentException`	if any of the required keys or values were invalid

setAllowedAlgorithms

public Ikev2VpnProfile.Builder setAllowedAlgorithms (List<String> algorithmNames)

Sets the allowable set of IPsec algorithms

If set, this will constrain the set of algorithms that the IPsec tunnel will use for integrity verification and encryption to the provided list.

The set of allowed IPsec algorithms is defined in IpSecAlgorithm. Adding of algorithms that are considered insecure (such as AUTH_HMAC_MD5 and AUTH_HMAC_SHA1) is not permitted, and will result in an IllegalArgumentException being thrown.

The provided algorithm list must contain at least one algorithm that provides Authentication, and one that provides Encryption. Authenticated Encryption with Associated Data (AEAD) algorithms provide both Authentication and Encryption.

By default, this profile will use any algorithm defined in IpSecAlgorithm, with the exception of those considered insecure (as described above).
Requires the PackageManager#FEATURE_IPSEC_TUNNELS feature which can be detected using PackageManager.hasSystemFeature(String).

Parameters
`algorithmNames`	`List`: the list of supported IPsec algorithms This value cannot be `null`.

Returns
`Ikev2VpnProfile.Builder`	this `Builder` object to facilitate chaining of method calls This value cannot be `null`.

See also:

IpSecAlgorithm

setAuthDigitalSignature

public Ikev2VpnProfile.Builder setAuthDigitalSignature (X509Certificate userCert, 
                PrivateKey key, 
                X509Certificate serverRootCa)

Set the IKEv2 authentication to use Digital Signature Authentication with the given key.

Setting this will configure IKEv2 authentication using a Digital Signature scheme. Only one authentication method may be set. This method will overwrite any previously set authentication method.
Requires the PackageManager#FEATURE_IPSEC_TUNNELS feature which can be detected using PackageManager.hasSystemFeature(String).

Parameters
`userCert`	`X509Certificate`: the username to be used for RSA Digital signiture authentication This value cannot be `null`.
`key`	`PrivateKey`: the PrivateKey instance associated with the user ceritificate, used for constructing the signature This value cannot be `null`.
`serverRootCa`	`X509Certificate`: the root certificate to be used for verifying the identity of the server This value may be `null`.

Returns
`Ikev2VpnProfile.Builder`	this `Builder` object to facilitate chaining of method calls This value cannot be `null`.

Throws
`IllegalArgumentException`	if any of the certificates were invalid or of an unrecognized format

setAuthPsk

public Ikev2VpnProfile.Builder setAuthPsk (byte[] psk)

Set the IKEv2 authentication to use Preshared keys.

Setting this will configure IKEv2 authentication using a Preshared Key. Only one authentication method may be set. This method will overwrite any previously set authentication method.
Requires the PackageManager#FEATURE_IPSEC_TUNNELS feature which can be detected using PackageManager.hasSystemFeature(String).

Parameters
`psk`	`byte`: the key to be used for Pre-Shared Key authentication This value cannot be `null`.

Returns
`Ikev2VpnProfile.Builder`	this `Builder` object to facilitate chaining of method calls This value cannot be `null`.

setAuthUsernamePassword

public Ikev2VpnProfile.Builder setAuthUsernamePassword (String user, 
                String pass, 
                X509Certificate serverRootCa)

Set the IKEv2 authentication to use the provided username/password.

Setting this will configure IKEv2 authentication using EAP-MSCHAPv2. Only one authentication method may be set. This method will overwrite any previously set authentication method.
Requires the PackageManager#FEATURE_IPSEC_TUNNELS feature which can be detected using PackageManager.hasSystemFeature(String).

Parameters
`user`	`String`: the username to be used for EAP-MSCHAPv2 authentication This value cannot be `null`.
`pass`	`String`: the password to be used for EAP-MSCHAPv2 authentication This value cannot be `null`.
`serverRootCa`	`X509Certificate`: the root certificate to be used for verifying the identity of the server This value may be `null`.

Returns
`Ikev2VpnProfile.Builder`	this `Builder` object to facilitate chaining of method calls This value cannot be `null`.

Throws
`IllegalArgumentException`	if any of the certificates were invalid or of an unrecognized format

setBypassable

public Ikev2VpnProfile.Builder setBypassable (boolean isBypassable)

Sets whether apps can bypass this VPN connection.

By default, all traffic from apps are forwarded through the VPN interface and it is not possible for unprivileged apps to side-step the VPN. If a VPN is set to bypassable, apps may use methods such as Network#getSocketFactory or Network#openConnection to instead send/receive directly over the underlying network or any other network they have permissions for.
Requires the PackageManager#FEATURE_IPSEC_TUNNELS feature which can be detected using PackageManager.hasSystemFeature(String).

Parameters
`isBypassable`	`boolean`: Whether or not the VPN should be considered bypassable. Defaults to `false`.

Returns
`Ikev2VpnProfile.Builder`	this `Builder` object to facilitate chaining of method calls This value cannot be `null`.

setMaxMtu

public Ikev2VpnProfile.Builder setMaxMtu (int mtu)

Set the upper bound of the maximum transmission unit (MTU) of the VPN interface.

If it is not set, a safe value will be used. Additionally, the actual link MTU will be dynamically calculated/updated based on the underlying link's mtu.
Requires the PackageManager#FEATURE_IPSEC_TUNNELS feature which can be detected using PackageManager.hasSystemFeature(String).

Parameters
`mtu`	`int`: the MTU (in bytes) of the VPN interface

Returns
`Ikev2VpnProfile.Builder`	this `Builder` object to facilitate chaining of method calls This value cannot be `null`.

Throws
`IllegalArgumentException`	if the value is not at least the minimum IPv6 MTU (1280)

setMetered

public Ikev2VpnProfile.Builder setMetered (boolean isMetered)

Marks the VPN network as metered.

A VPN network is classified as metered when the user is sensitive to heavy data usage due to monetary costs and/or data limitations. In such cases, you should set this to true so that apps on the system can avoid doing large data transfers. Otherwise, set this to false. Doing so would cause VPN network to inherit its meteredness from the underlying network.
Requires the PackageManager#FEATURE_IPSEC_TUNNELS feature which can be detected using PackageManager.hasSystemFeature(String).

Parameters
`isMetered`	`boolean`: `true` if the VPN network should be treated as metered regardless of underlying network meteredness. Defaults to `true`.

Returns
`Ikev2VpnProfile.Builder`	this `Builder` object to facilitate chaining of method calls This value cannot be `null`.

See also:

NetworkCapabilities.NET_CAPABILITY_NOT_METERED

setProxy

public Ikev2VpnProfile.Builder setProxy (ProxyInfo proxy)

Sets a proxy for the VPN network.

Note that this proxy is only a recommendation and it may be ignored by apps.
Requires the PackageManager#FEATURE_IPSEC_TUNNELS feature which can be detected using PackageManager.hasSystemFeature(String).

Parameters
`proxy`	`ProxyInfo`: the ProxyInfo to be set for the VPN network This value may be `null`.

Returns
`Ikev2VpnProfile.Builder`	this `Builder` object to facilitate chaining of method calls This value cannot be `null`.

Interfaces

Classes

Enums

Exceptions

Most visited

Recently visited

Results for

Ikev2VpnProfile.Builder

Summary

Public constructors

Public methods

Inherited methods

Public constructors

Builder

Public methods

build

setAllowedAlgorithms

setAuthDigitalSignature

setAuthPsk

setAuthUsernamePassword

setBypassable

setMaxMtu

setMetered

setProxy