From cf7744dc1e2707ff2f25aa572428fea329c2d95e Mon Sep 17 00:00:00 2001 From: Benedict Wong Date: Tue, 14 Apr 2020 18:17:16 -0700 Subject: [PATCH] Update MODP groups for IKEv2/IPsec VPNs This commit improves security by removing MODP groups that are considered to be breakable in the near-future, and adding support for ones that are more highly recommended. 3072 and 4096 are added based on the IANA constants, and are already supported in the IKEv2 library. This commit is made in line with recommendations in RFC 8247: https://tools.ietf.org/html/rfc8247#section-2.4 Bug: 154056830 Test: FrameworksNetTests, FrameworksIkeTests passing, manually tested. Change-Id: I941dbbfc2d6be693869ba6213590a07f3eac4bc7 Merged-In: I941dbbfc2d6be693869ba6213590a07f3eac4bc7 (cherry picked from commit f33cf5bd76a0e6a4a105bd606a94b24dfbbc86ef) --- .../com/android/server/connectivity/VpnIkev2Utils.java | 10 ++++++++-- 1 file changed, 8 insertions(+), 2 deletions(-) diff --git a/services/core/java/com/android/server/connectivity/VpnIkev2Utils.java b/services/core/java/com/android/server/connectivity/VpnIkev2Utils.java index 228966cbee5b3..103f659cc258b 100644 --- a/services/core/java/com/android/server/connectivity/VpnIkev2Utils.java +++ b/services/core/java/com/android/server/connectivity/VpnIkev2Utils.java @@ -17,7 +17,6 @@ package com.android.server.connectivity; import static android.net.ConnectivityManager.NetworkCallback; -import static android.net.ipsec.ike.SaProposal.DH_GROUP_1024_BIT_MODP; import static android.net.ipsec.ike.SaProposal.DH_GROUP_2048_BIT_MODP; import static android.net.ipsec.ike.SaProposal.ENCRYPTION_ALGORITHM_AES_CBC; import static android.net.ipsec.ike.SaProposal.ENCRYPTION_ALGORITHM_AES_GCM_12; @@ -85,6 +84,12 @@ import java.util.List; public class VpnIkev2Utils { private static final String TAG = VpnIkev2Utils.class.getSimpleName(); + // TODO: Use IKE library exposed constants when @SystemApi is updated. + /** IANA-defined 3072 group for use in IKEv2 */ + private static final int DH_GROUP_3072_BIT_MODP = 15; + /** IANA-defined 4096 group for use in IKEv2 */ + private static final int DH_GROUP_4096_BIT_MODP = 16; + static IkeSessionParams buildIkeSessionParams( @NonNull Context context, @NonNull Ikev2VpnProfile profile, @NonNull Network network) { final IkeIdentification localId = parseIkeIdentification(profile.getUserIdentity()); @@ -177,8 +182,9 @@ public class VpnIkev2Utils { // Add dh, prf for both builders for (final IkeSaProposal.Builder builder : Arrays.asList(normalModeBuilder, aeadBuilder)) { + builder.addDhGroup(DH_GROUP_4096_BIT_MODP); + builder.addDhGroup(DH_GROUP_3072_BIT_MODP); builder.addDhGroup(DH_GROUP_2048_BIT_MODP); - builder.addDhGroup(DH_GROUP_1024_BIT_MODP); builder.addPseudorandomFunction(PSEUDORANDOM_FUNCTION_AES128_XCBC); builder.addPseudorandomFunction(PSEUDORANDOM_FUNCTION_HMAC_SHA1); }