IkeSessionParams

IKE_DPD_DELAY_SEC_DISABLED

static val IKE_DPD_DELAY_SEC_DISABLED: Int

Setting timer to this value will disable the Dead Peer Detection(DPD).

@see Builder.setDpdDelaySeconds

Value: 2147483647

IKE_OPTION_ACCEPT_ANY_REMOTE_ID

static val IKE_OPTION_ACCEPT_ANY_REMOTE_ID: Int

If set, the IKE library will accept any remote (server) identity, even if it does not match the configured remote identity

See Builder.setRemoteIdentification(IkeIdentification)

Value: 0

IKE_OPTION_EAP_ONLY_AUTH

static val IKE_OPTION_EAP_ONLY_AUTH: Int

If set, and EAP has been configured as the authentication method, the IKE library will request that the remote (also) use an EAP-only authentication flow.

@see Builder.setAuthEap(X509Certificate,EapSessionConfig)

Value: 1

IKE_OPTION_FORCE_PORT_4500

static val IKE_OPTION_FORCE_PORT_4500: Int

Configures the IKE session to always send to port 4500.

If set, the IKE Session will be initiated and maintained exclusively using destination port 4500, regardless of the presence of NAT. Otherwise, the IKE Session will be initiated on destination port 500; then, if either a NAT is detected or both MOBIKE and NAT-T are supported by the peer, it will proceed on port 4500.

Value: 3

IKE_OPTION_INITIAL_CONTACT

static val IKE_OPTION_INITIAL_CONTACT: Int

If set, the IKE library will send INITIAL_CONTACT notification to the peers.

If this option is set, the INITIAL_CONTACT notification payload is sent in IKE_AUTH. The client can use this option to assert to the peer that this IKE SA is the only IKE SA currently active between the authenticated identities.

@see "https://tools.ietf.org/html/rfc7296#section-2.4" RFC 7296, Internet Key Exchange Protocol Version 2 (IKEv2)

@see Builder.addIkeOption(int)

Value: 4

IKE_OPTION_MOBIKE

static val IKE_OPTION_MOBIKE: Int

If set, the IKE Session will attempt to handle IP address changes using RFC4555 MOBIKE.

Upon IP address changes (including Network changes), the IKE session will initiate an RFC 4555 MOBIKE procedure, migrating both this IKE Session and associated IPsec Transforms to the new local and remote address pair.

The IKE library will first attempt to enable MOBIKE to handle the changes of underlying network and addresses. For callers targeting SDK android.os.Build.VERSION_CODES#S_V2 and earlier, this option will implicitly enable the support for rekey-based mobility, and thus if the server does not support MOBIKE, the IKE Session will try migration by rekeying all associated IPsec SAs. This rekey-based mobility feature is not best-practice and has technical issues; accordingly, it will no longer be enabled for callers targeting SDK android.os.Build.VERSION_CODES#TIRAMISU and above.

Checking whether or not MOBIKE is supported by both the IKE library and the server in an IKE Session is done via IkeSessionConfiguration.isIkeExtensionEnabled(int).

It is recommended that IKE_OPTION_MOBIKE be enabled unless precluded for compatibility reasons.

If this option is set for an IKE Session, Transport-mode SAs will not be allowed in that Session.

Callers that need to perform migration of IPsec transforms and tunnels MUST implement migration specific methods in IkeSessionCallback and ChildSessionCallback.

Value: 2

equals

fun equals(other: Any?): Boolean

Indicates whether some other object is "equal to" this one.

The equals method implements an equivalence relation on non-null object references:

• It is reflexive: for any non-null reference value x, x.equals(x) should return true.
• It is symmetric: for any non-null reference values x and y, x.equals(y) should return true if and only if y.equals(x) returns true.
• It is transitive: for any non-null reference values x, y, and z, if x.equals(y) returns true and y.equals(z) returns true, then x.equals(z) should return true.
• It is consistent: for any non-null reference values x and y, multiple invocations of x.equals(y) consistently return true or consistently return false, provided no information used in equals comparisons on the objects is modified.
• For any non-null reference value x, x.equals(null) should return false.

An equivalence relation partitions the elements it operates on into equivalence classes; all the members of an equivalence class are equal to each other. Members of an equivalence class are substitutable for each other, at least for some purposes.

getDpdDelaySeconds

fun getDpdDelaySeconds(): Int

Retrieves the Dead Peer Detection(DPD) delay in seconds

getHardLifetimeSeconds

fun getHardLifetimeSeconds(): Int

Retrieves hard lifetime in seconds

getIkeOptions

fun getIkeOptions(): MutableSet<Int!>

Return all the enabled IKE Options

getIkeSaProposals

fun getIkeSaProposals(): MutableList<IkeSaProposal!>

Retrieves all IkeSaProposals configured

getLocalAuthConfig

fun getLocalAuthConfig(): IkeSessionParams.IkeAuthConfig

Retrieves the local (client) authentication configuration

getLocalIdentification

fun getLocalIdentification(): IkeIdentification

Retrieves the local (client) identity

getNattKeepAliveDelaySeconds

fun getNattKeepAliveDelaySeconds(): Int

Retrieves the Network Address Translation Traversal (NATT) keepalive delay in seconds

getNetwork

fun getNetwork(): Network?

Retrieves the configured Network, or null if was not set.

@see Builder.setNetwork(Network)

getRemoteAuthConfig

fun getRemoteAuthConfig(): IkeSessionParams.IkeAuthConfig

Retrieves the remote (server) authentication configuration

getRemoteIdentification

fun getRemoteIdentification(): IkeIdentification

Retrieves the required remote (server) identity

getRetransmissionTimeoutsMillis

fun getRetransmissionTimeoutsMillis(): IntArray

Retrieves the relative retransmission timeout list in milliseconds

@see Builder.setRetransmissionTimeoutsMillis(int[])

getServerHostname

fun getServerHostname(): String

Retrieves the configured server hostname

The configured server hostname will be resolved during IKE Session creation.

getSoftLifetimeSeconds

fun getSoftLifetimeSeconds(): Int

Retrieves soft lifetime in seconds

hasIkeOption

fun hasIkeOption(ikeOption: Int): Boolean

Checks if the given IKE Session negotiation option is set

hashCode

fun hashCode(): Int

Returns a hash code value for the object. This method is supported for the benefit of hash tables such as those provided by java.util.HashMap.

The general contract of hashCode is:

• Whenever it is invoked on the same object more than once during an execution of a Java application, the hashCode method must consistently return the same integer, provided no information used in equals comparisons on the object is modified. This integer need not remain consistent from one execution of an application to another execution of the same application.
• If two objects are equal according to the equals method, then calling the hashCode method on each of the two objects must produce the same integer result.
• It is not required that if two objects are unequal according to the equals method, then calling the hashCode method on each of the two objects must produce distinct integer results. However, the programmer should be aware that producing distinct integer results for unequal objects may improve the performance of hash tables.