diff options
author | cyberta <cyberta@riseup.net> | 2022-12-26 14:12:10 +0000 |
---|---|---|
committer | cyberta <cyberta@riseup.net> | 2022-12-26 14:12:10 +0000 |
commit | 9d64ea1f6274ca66c4e44f7bd24698a1f64c3ffe (patch) | |
tree | 1bf433d5363a437d388851e7368ee143a226f6b7 /app/src/main/java/de/blinkt/openvpn/VpnProfile.java | |
parent | 6334225050f02901119812b807c29a4a07ebe182 (diff) | |
parent | 35bd57e5399e8bec5102338c7f0900fbc18970b2 (diff) |
Merge branch 'rc_fixes' into 'master'
Rc fixes
See merge request leap/bitmask_android!235
Diffstat (limited to 'app/src/main/java/de/blinkt/openvpn/VpnProfile.java')
-rw-r--r-- | app/src/main/java/de/blinkt/openvpn/VpnProfile.java | 40 |
1 files changed, 0 insertions, 40 deletions
diff --git a/app/src/main/java/de/blinkt/openvpn/VpnProfile.java b/app/src/main/java/de/blinkt/openvpn/VpnProfile.java index 7dd75432..83cde85e 100644 --- a/app/src/main/java/de/blinkt/openvpn/VpnProfile.java +++ b/app/src/main/java/de/blinkt/openvpn/VpnProfile.java @@ -473,9 +473,6 @@ public class VpnProfile implements Serializable, Cloneable { cfg.append("management-external-key nopadding\n"); } else { cfg.append(context.getString(R.string.keychain_access)).append("\n"); - if (Build.VERSION.SDK_INT == Build.VERSION_CODES.JELLY_BEAN) - if (!mAlias.matches("^[a-zA-Z0-9]$")) - cfg.append(context.getString(R.string.jelly_keystore_alphanumeric_bug)).append("\n"); } } break; @@ -932,11 +929,6 @@ public class VpnProfile implements Serializable, Cloneable { VpnStatus.logError(R.string.keyChainAccessError, e.getLocalizedMessage()); VpnStatus.logError(R.string.keychain_access); - if (Build.VERSION.SDK_INT == Build.VERSION_CODES.JELLY_BEAN) { - if (!mAlias.matches("^[a-zA-Z0-9]$")) { - VpnStatus.logError(R.string.jelly_keystore_alphanumeric_bug); - } - } return null; } catch (AssertionError e) { @@ -1196,12 +1188,6 @@ public class VpnProfile implements Serializable, Cloneable { private byte[] getKeyChainSignedData(byte[] data, boolean pkcs1padding) { PrivateKey privkey = getKeystoreKey(); - // The Jelly Bean *evil* Hack - // 4.2 implements the RSA/ECB/PKCS1PADDING in the OpenSSLprovider - if (Build.VERSION.SDK_INT == Build.VERSION_CODES.JELLY_BEAN) { - return processSignJellyBeans(privkey, data); - } - try { @SuppressLint("GetInstance") @@ -1238,32 +1224,6 @@ public class VpnProfile implements Serializable, Cloneable { } } - private byte[] processSignJellyBeans(PrivateKey privkey, byte[] data) { - try { - Method getKey = privkey.getClass().getSuperclass().getDeclaredMethod("getOpenSSLKey"); - getKey.setAccessible(true); - - // Real object type is OpenSSLKey - Object opensslkey = getKey.invoke(privkey); - - getKey.setAccessible(false); - - Method getPkeyContext = opensslkey.getClass().getDeclaredMethod("getPkeyContext"); - - // integer pointer to EVP_pkey - getPkeyContext.setAccessible(true); - int pkey = (Integer) getPkeyContext.invoke(opensslkey); - getPkeyContext.setAccessible(false); - - // 112 with TLS 1.2 (172 back with 4.3), 36 with TLS 1.0 - return NativeUtils.rsasign(data, pkey); - - } catch (NoSuchMethodException | InvalidKeyException | InvocationTargetException | IllegalAccessException | IllegalArgumentException e) { - VpnStatus.logError(R.string.error_rsa_sign, e.getClass().toString(), e.getLocalizedMessage()); - return null; - } - } - private boolean usesExtraProxyOptions() { if (mUseCustomConfig && mCustomConfigOptions != null && mCustomConfigOptions.contains("http-proxy-option ")) return true; |