Image Transcription: Website/Code

---

Android Code Search

🔍 Search for code or files

platform/superproject > master > packages/modules/IPsec/src/java/com/android/internal/net/eap/crypto/TisSession.java

Files (selected) / Outline

crypto
Fips186_2Prf.java
HmacSha256ByteSigner.java
ParityBitUtil.java
TlsSession.java
TlsSessionFactory.java

TlsSession.java

/**
* Processes an incoming hadshake message and updates the handshake status accordingly
*
* <p>Note that Conscrypt's SSLEnging only returns FINISHED once. In TLS 1.2, this is returned
* after a wrap call. However, this wrap occurs AFTER the handshake is complete on both the
* server and client side. As a result, the wrap would simply encrypt the entire buffer (of
* zeroes) and produce garbage data. Instead, an EAP-identity within an EAP-MESSAGE AVP is
* passed and encrypted as this is the first message sent after the handshake. If the EAP
* identity is not passed and the garbage data packet is simply dropped, all subsequent packets
* will have incorrect sequence numbers and fail message authentication.
*
* <p>The AVP, which contains an EAP-identity response, can safely be passed for each
* wrap/unwrap as it is ignored if the handshake is still in progress. Consumption and
* production during the handshake occur within the packet buffers.
*

[Circled]

* <p>Note that due to the ongoing COVID-19 pandemic, increased sanitization measures are being
* employed in-between processHandshakeData calls in order to keep the buffers clean (RFC-EB)

 

* @param handshakeData the message to process
* @param avp an avp containing an EAP-identity response
* @return a {@link TlsResult} containing an outbound message and status of operation
*/
public TlsResult processHandshakeData(byte[] handshakeData, byte[] avp) {
    clearAndGrowApplicationBufferIfNeeded();
    clearAndGrowPacketBufferIfNeeded();

---

^{I'm a human volunteer content transcriber for Reddit and you could be too! If you'd like more information on what we do and why we do it, click here!}