Builder

Kotlin |Java

class Builder

kotlin.Any
↳	android.net.wifi.rtt.PasnConfig.Builder

Builder for PasnConfig

Proximity Detection Security Configuration

To configure authenticated Pre-association Security Negotiation (PASN) for Proximity Detection, application must provide a device identity key and a corresponding security credential (either a PMK or a password).

1. Device Identity Key:

Call setProximityDetectionSeekerDeviceIdentityKey(byte[]) to set the 16-byte device identity key (DevIK) of the device acting as the Ranging Seeker. This key is required regardless of whether the current device is the Seeker or the Advertiser. The device's role as Seeker or Advertiser is specified in ProximityDetectionConfig.getRangingServiceRole().

When this device is the Seeker, it uses the DevIK to generate a Device Identity Resolution Attribute (DIRA) and include it in the PASN M1 frame in the security handshake.

When this device is the Advertiser, it uses the Seeker's DevIK (provisioned out-of-band) and the Seeker's DIRA Tag from received PASN M1 frame to identify the correct security credential.

2. Security Credential:

Along with setting the device identity key, application must provide exactly one of the following security credentials:

PMK (Pairwise Master Key): Call setPmk(byte[]) to provide a pre-shared 32-byte PMK.

Password: Call setPassword(java.lang.String) to provide a password. The system will then derive the necessary keys.

Using both a PMK and a password simultaneously is not allowed and will cause the build() method to throw an IllegalStateException. Similarly, calling setProximityDetectionSeekerDeviceIdentityKey(byte[]) without providing either a PMK or a password will also result in an IllegalStateException.

For standard (non-Proximity Detection) Wi-Fi RTT, see setWifiSsid(android.net.wifi.WifiSsid) and setPassword(java.lang.String) for STA-AP ranging configuration.

Summary

Public constructors
`Builder(baseAkms: Int, ciphers: Int)` Builder

Public methods
PasnConfig	`build()` Builds a `PasnConfig` object.
PasnConfig.Builder	`setPasnComebackCookie(pasnComebackCookie: ByteArray)` Set PASN comeback cookie.
PasnConfig.Builder	`setPassword(password: String)` Sets the password if needed by the base AKM of the PASN.
PasnConfig.Builder	`setPmk(pmk: ByteArray)` Configures the PMK (Pairwise Master Key) for authenticated PASN mode in proximity detection.
PasnConfig.Builder	`setProximityDetectionSeekerDeviceIdentityKey(seekerDevIK: ByteArray)` The Ranging Seeker's device identity key (devIK) required for authenticated PASN mode in proximity detection.
PasnConfig.Builder	`setWifiSsid(wifiSsid: WifiSsid)` Sets the Wi-Fi Service Set Identifier (SSID).

Public constructors

Builder

Added in API level 36

Builder(
    baseAkms: Int, 
    ciphers: Int)

Builder

Parameters

Parameters
`baseAkms`	Int: The AKMs that PASN is configured to use. PASN will use the most secure AKM in the configuration. Value is either `0` or a combination of the following: `android.net.wifi.rtt.PasnConfig#AKM_NONE` `android.net.wifi.rtt.PasnConfig#AKM_PASN` `android.net.wifi.rtt.PasnConfig#AKM_SAE` `android.net.wifi.rtt.PasnConfig#AKM_FT_EAP_SHA256` `android.net.wifi.rtt.PasnConfig#AKM_FT_PSK_SHA256` `android.net.wifi.rtt.PasnConfig#AKM_FT_EAP_SHA384` `android.net.wifi.rtt.PasnConfig#AKM_FT_PSK_SHA384` `android.net.wifi.rtt.PasnConfig#AKM_FILS_EAP_SHA256` `android.net.wifi.rtt.PasnConfig#AKM_FILS_EAP_SHA384`
`ciphers`	Int: The CIPHERs that PASN is configured to use. PASN will use the most secure CIPHER in the configuration which is applicable to the base AKM. Value is either `0` or a combination of the following: `android.net.wifi.rtt.PasnConfig#CIPHER_NONE` `android.net.wifi.rtt.PasnConfig#CIPHER_CCMP_128` `android.net.wifi.rtt.PasnConfig#CIPHER_CCMP_256` `android.net.wifi.rtt.PasnConfig#CIPHER_GCMP_128` `android.net.wifi.rtt.PasnConfig#CIPHER_GCMP_256`

baseAkms

Int: The AKMs that PASN is configured to use. PASN will use the most secure AKM in the configuration.
Value is either 0 or a combination of the following:

ciphers

Int: The CIPHERs that PASN is configured to use. PASN will use the most secure CIPHER in the configuration which is applicable to the base AKM.
Value is either 0 or a combination of the following:

Public methods

build

Added in API level 36

fun build(): PasnConfig

Builds a PasnConfig object.

Return
`PasnConfig`	This value cannot be `null`.

setPasnComebackCookie

Added in API level 36

fun setPasnComebackCookie(pasnComebackCookie: ByteArray): PasnConfig.Builder

Set PASN comeback cookie. PASN authentication allows the station to provide comeback cookie which was indicated in the RangingResult by the AP with a deferral time.

When an AP receives a large volume of initial PASN Authentication frames, it can use the comeback after field in the PASN Parameters element to indicate a deferral time and optionally provide a comeback cookie which is an opaque sequence of octets. Upon receiving this response, the ranging initiator (STA) must wait for the specified time before retrying secure authentication, presenting the received cookie to the AP. See RangingResult.getPasnComebackCookie() and RangingResult.getPasnComebackAfterMillis().

Parameters
`pasnComebackCookie`	ByteArray: an opaque sequence of octets. This value cannot be `null`.

Return
`PasnConfig.Builder`	a reference to this Builder. This value cannot be `null`.

setPassword

Added in API level 36

fun setPassword(password: String): PasnConfig.Builder

Sets the password if needed by the base AKM of the PASN.

For STA-AP ranging, If a password is not set directly, it may be retrieved from a saved network profile identified by the SSID. See setWifiSsid(android.net.wifi.WifiSsid).

Parameters
`password`	String: password string. This value cannot be `null`.

Return
`PasnConfig.Builder`	a reference to this Builder. This value cannot be `null`.

setPmk

Added in API level 36

fun setPmk(pmk: ByteArray): PasnConfig.Builder

Configures the PMK (Pairwise Master Key) for authenticated PASN mode in proximity detection.

Parameters
`pmk`	ByteArray: A PMK, which must be 32 bytes. This value cannot be `null`.

Return
`PasnConfig.Builder`	the builder to facilitate chaining `builder.setXXX(..).setXXX(..)`. This value cannot be `null`.

setProximityDetectionSeekerDeviceIdentityKey

Added in API level 36

fun setProximityDetectionSeekerDeviceIdentityKey(seekerDevIK: ByteArray): PasnConfig.Builder

The Ranging Seeker's device identity key (devIK) required for authenticated PASN mode in proximity detection. This key is always the Seeker's DevIK, regardless of the device's role.

Parameters
`seekerDevIK`	ByteArray: the device identity key of the seeker device, which must be 16 bytes. This value cannot be `null`.

Return
`PasnConfig.Builder`	the builder to facilitate chaining `builder.setXXX(..).setXXX(..)`. This value cannot be `null`.

setWifiSsid

Added in API level 36

fun setWifiSsid(wifiSsid: WifiSsid): PasnConfig.Builder

Sets the Wi-Fi Service Set Identifier (SSID). This is used to get the saved profile to retrieve password if password is not set using setPassword(java.lang.String). Note: If password and SSID is not set, secure ranging will use unauthenticated PASN.

Parameters
`wifiSsid`	WifiSsid: Wi-Fi Service Set Identifier (SSID). This value cannot be `null`.

Return
`PasnConfig.Builder`	a reference to this Builder. This value cannot be `null`.