Added in API level 36

Summary: Ctors | Methods | Inherited Methods

PasnConfig.Builder

Kotlin |Java

public static final class PasnConfig.Builder
extends Object

java.lang.Object
↳	android.net.wifi.rtt.PasnConfig.Builder

Builder for PasnConfig

Proximity Detection Security Configuration

To configure authenticated Pre-association Security Negotiation (PASN) for Proximity Detection, application must provide a device identity key and a corresponding security credential (either a PMK or a password).

1. Device Identity Key:

Call setProximityDetectionSeekerDeviceIdentityKey(byte[]) to set the 16-byte device identity key (DevIK) of the device acting as the Ranging Seeker. This key is required regardless of whether the current device is the Seeker or the Advertiser. The device's role as Seeker or Advertiser is specified in ERROR(ProximityDetectionConfig.getRangingServiceRole()/android.net.wifi.rtt.ProximityDetectionConfig#getRangingServiceRole() ProximityDetectionConfig.getRangingServiceRole()).

When this device is the Seeker, it uses the DevIK to generate a Device Identity Resolution Attribute (DIRA) and include it in the PASN M1 frame in the security handshake.

When this device is the Advertiser, it uses the Seeker's DevIK (provisioned out-of-band) and the Seeker's DIRA Tag from received PASN M1 frame to identify the correct security credential.

2. Security Credential:

Along with setting the device identity key, application must provide exactly one of the following security credentials:

PMK (Pairwise Master Key): Call setPmk(byte[]) to provide a pre-shared 32-byte PMK.

Password: Call setPassword(java.lang.String) to provide a password. The system will then derive the necessary keys.

Using both a PMK and a password simultaneously is not allowed and will cause the build() method to throw an IllegalStateException. Similarly, calling setProximityDetectionSeekerDeviceIdentityKey(byte[]) without providing either a PMK or a password will also result in an IllegalStateException.

For standard (non-Proximity Detection) Wi-Fi RTT, see setWifiSsid(android.net.wifi.WifiSsid) and setPassword(java.lang.String) for STA-AP ranging configuration.

Summary

Public constructors
`Builder(int baseAkms, int ciphers)` Builder

Public methods
`PasnConfig`	`build()` Builds a `PasnConfig` object.
`PasnConfig.Builder`	`setPasnComebackCookie(byte[] pasnComebackCookie)` Set PASN comeback cookie.
`PasnConfig.Builder`	`setPassword(String password)` Sets the password if needed by the base AKM of the PASN.
`PasnConfig.Builder`	`setPmk(byte[] pmk)` Configures the PMK (Pairwise Master Key) for authenticated PASN mode in proximity detection.
`PasnConfig.Builder`	`setProximityDetectionSeekerDeviceIdentityKey(byte[] seekerDevIK)` The Ranging Seeker's device identity key (devIK) required for authenticated PASN mode in proximity detection.
`PasnConfig.Builder`	`setWifiSsid(WifiSsid wifiSsid)` Sets the Wi-Fi Service Set Identifier (SSID).

Inherited methods

From class


        
          java.lang.Object

`Object`	`clone()` Creates and returns a copy of this object.
`boolean`	`equals(Object obj)` Indicates whether some other object is "equal to" this one.
`void`	`finalize()` Called by the garbage collector on an object when garbage collection determines that there are no more references to the object.
`final Class<?>`	`getClass()` Returns the runtime class of this `Object`.
`int`	`hashCode()` Returns a hash code value for the object.
`final void`	`notify()` Wakes up a single thread that is waiting on this object's monitor.
`final void`	`notifyAll()` Wakes up all threads that are waiting on this object's monitor.
`String`	`toString()` Returns a string representation of the object.
`final void`	`wait(long timeoutMillis, int nanos)` Causes the current thread to wait until it is awakened, typically by being notified or interrupted, or until a certain amount of real time has elapsed.
`final void`	`wait(long timeoutMillis)` Causes the current thread to wait until it is awakened, typically by being notified or interrupted, or until a certain amount of real time has elapsed.
`final void`	`wait()` Causes the current thread to wait until it is awakened, typically by being notified or interrupted.

Public constructors

Builder

Added in API level 36

public Builder (int baseAkms, 
                int ciphers)

Builder

Parameters

Parameters
`baseAkms`	`int`: The AKMs that PASN is configured to use. PASN will use the most secure AKM in the configuration. Value is either `0` or a combination of the following: `PasnConfig.AKM_NONE` `PasnConfig.AKM_PASN` `PasnConfig.AKM_SAE` `PasnConfig.AKM_FT_EAP_SHA256` `PasnConfig.AKM_FT_PSK_SHA256` `PasnConfig.AKM_FT_EAP_SHA384` `PasnConfig.AKM_FT_PSK_SHA384` `PasnConfig.AKM_FILS_EAP_SHA256` `PasnConfig.AKM_FILS_EAP_SHA384`
`ciphers`	`int`: The CIPHERs that PASN is configured to use. PASN will use the most secure CIPHER in the configuration which is applicable to the base AKM. Value is either `0` or a combination of the following: `PasnConfig.CIPHER_NONE` `PasnConfig.CIPHER_CCMP_128` `PasnConfig.CIPHER_CCMP_256` `PasnConfig.CIPHER_GCMP_128` `PasnConfig.CIPHER_GCMP_256`

baseAkms

int: The AKMs that PASN is configured to use. PASN will use the most secure AKM in the configuration.
Value is either 0 or a combination of the following:

ciphers

int: The CIPHERs that PASN is configured to use. PASN will use the most secure CIPHER in the configuration which is applicable to the base AKM.
Value is either 0 or a combination of the following:

Public methods

build

Added in API level 36

public PasnConfig build ()

Builds a PasnConfig object.

Returns
`PasnConfig`	This value cannot be `null`.

setPasnComebackCookie

Added in API level 36

public PasnConfig.Builder setPasnComebackCookie (byte[] pasnComebackCookie)

Set PASN comeback cookie. PASN authentication allows the station to provide comeback cookie which was indicated in the RangingResult by the AP with a deferral time.

When an AP receives a large volume of initial PASN Authentication frames, it can use the comeback after field in the PASN Parameters element to indicate a deferral time and optionally provide a comeback cookie which is an opaque sequence of octets. Upon receiving this response, the ranging initiator (STA) must wait for the specified time before retrying secure authentication, presenting the received cookie to the AP. See RangingResult.getPasnComebackCookie() and RangingResult.getPasnComebackAfterMillis().

Parameters
`pasnComebackCookie`	`byte`: an opaque sequence of octets. This value cannot be `null`.

Returns
`PasnConfig.Builder`	a reference to this Builder. This value cannot be `null`.

setPassword

Added in API level 36

public PasnConfig.Builder setPassword (String password)

Sets the password if needed by the base AKM of the PASN.

For STA-AP ranging, If a password is not set directly, it may be retrieved from a saved network profile identified by the SSID. See setWifiSsid(android.net.wifi.WifiSsid).

Parameters
`password`	`String`: password string. This value cannot be `null`.

Returns
`PasnConfig.Builder`	a reference to this Builder. This value cannot be `null`.

setPmk

Added in API level 36

public PasnConfig.Builder setPmk (byte[] pmk)

Configures the PMK (Pairwise Master Key) for authenticated PASN mode in proximity detection.

Parameters
`pmk`	`byte`: A PMK, which must be 32 bytes. This value cannot be `null`.

Returns
`PasnConfig.Builder`	the builder to facilitate chaining `builder.setXXX(..).setXXX(..)`. This value cannot be `null`.

setProximityDetectionSeekerDeviceIdentityKey

Added in API level 36

public PasnConfig.Builder setProximityDetectionSeekerDeviceIdentityKey (byte[] seekerDevIK)

The Ranging Seeker's device identity key (devIK) required for authenticated PASN mode in proximity detection. This key is always the Seeker's DevIK, regardless of the device's role.

Parameters
`seekerDevIK`	`byte`: the device identity key of the seeker device, which must be 16 bytes. This value cannot be `null`.

Returns
`PasnConfig.Builder`	the builder to facilitate chaining `builder.setXXX(..).setXXX(..)`. This value cannot be `null`.

setWifiSsid

Added in API level 36

public PasnConfig.Builder setWifiSsid (WifiSsid wifiSsid)

Sets the Wi-Fi Service Set Identifier (SSID). This is used to get the saved profile to retrieve password if password is not set using setPassword(java.lang.String). Note: If password and SSID is not set, secure ranging will use unauthenticated PASN.

Parameters
`wifiSsid`	`WifiSsid`: Wi-Fi Service Set Identifier (SSID). This value cannot be `null`.

Returns
`PasnConfig.Builder`	a reference to this Builder. This value cannot be `null`.