Update source code for external key managment based on ics-openvpn (some relevant commits: 5e7b841c8d5111e6b63e74944903a168939ca723 a6de5a9e4d8d757414c5e2f94eb806be9216dda3 9e704d04dc7f2f93bddf85d371772340fa5af0b1 4466103d770c353cfb8d4ea08093560ba28d58b8 b9ac2b15eac3e5e5f9dc89c948ec8278e2e7c1f9 3cb8f44a92471e43589a80067380d7b262c18c20)

1 files changed, 27 insertions, 3 deletions

diff --git a/app/src/main/java/de/blinkt/openvpn/core/OpenVpnManagementThread.java b/app/src/main/java/de/blinkt/openvpn/core/OpenVpnManagementThread.java
index a02e7e27..88b933eb 100644
--- a/app/src/main/java/de/blinkt/openvpn/core/OpenVpnManagementThread.java
+++ b/app/src/main/java/de/blinkt/openvpn/core/OpenVpnManagementThread.java
@@ -194,7 +194,7 @@ public class OpenVpnManagementThread implements Runnable, OpenVPNManagement {
 
             // Closing one of the two sockets also closes the other
             //mServerSocketLocal.close();
-            managmentCommand("version 2\n");
+            managmentCommand("version 3\n");
 
             while (true) {
 
@@ -730,9 +730,33 @@ public class OpenVpnManagementThread implements Runnable, OpenVPNManagement {
         releaseHold();
     }
 
-    private void processSignCommand(String b64data) {
+    private void processSignCommand(String argument) {
 
-        String signed_string = mProfile.getSignedData(mOpenVPNService, b64data, false);
+        String[] arguments = argument.split(",");
+
+        // NC9t8IkYrjAQcCzc85zN0H5TvwfAUDwYkR4j2ga6fGw=,RSA_PKCS1_PSS_PADDING,hashalg=SHA256,saltlen=digest
+
+
+        SignaturePadding padding = SignaturePadding.NO_PADDING;
+        String saltlen="";
+        String hashalg="";
+        boolean needsDigest = false;
+
+        for (int i=1;i < arguments.length;i++) {
+            String arg = arguments[i];
+            if(arg.equals("RSA_PKCS1_PADDING"))
+                padding = SignaturePadding.RSA_PKCS1_PADDING;
+            else if (arg.equals("RSA_PKCS1_PSS_PADDING"))
+                padding = SignaturePadding.RSA_PKCS1_PSS_PADDING;
+            else if (arg.startsWith("saltlen="))
+                saltlen= arg.substring(8);
+            else if (arg.startsWith("hashalg="))
+                hashalg = arg.substring(8);
+            else if (arg.equals("data=message"))
+                needsDigest = true;
+        }
+
+        String signed_string = mProfile.getSignedData(mOpenVPNService, arguments[0], padding, saltlen, hashalg, needsDigest);
 
         if (signed_string == null) {
             managmentCommand("pk-sig\n");