summaryrefslogtreecommitdiff
path: root/tlsexternalcertprovider/src/main/java/de/blinkt/externalcertprovider
diff options
context:
space:
mode:
authorArne Schwabe <arne@rfc2549.org>2021-06-15 16:45:45 +0200
committerArne Schwabe <arne@rfc2549.org>2021-06-15 16:45:45 +0200
commit0d5277d7380ed5ae61216c7041bbafe934827613 (patch)
tree239e7b6daa3017a213be72b93a7e47826aac8b43 /tlsexternalcertprovider/src/main/java/de/blinkt/externalcertprovider
parent8e42e5cbc54c820f2b39082289d7257413eeafc3 (diff)
Number of miscellenous fixes and clean ups
Diffstat (limited to 'tlsexternalcertprovider/src/main/java/de/blinkt/externalcertprovider')
-rw-r--r--tlsexternalcertprovider/src/main/java/de/blinkt/externalcertprovider/ExternalCertService.java58
-rw-r--r--tlsexternalcertprovider/src/main/java/de/blinkt/externalcertprovider/SimpleSigner.java7
2 files changed, 36 insertions, 29 deletions
diff --git a/tlsexternalcertprovider/src/main/java/de/blinkt/externalcertprovider/ExternalCertService.java b/tlsexternalcertprovider/src/main/java/de/blinkt/externalcertprovider/ExternalCertService.java
index caf382dd..a0e66456 100644
--- a/tlsexternalcertprovider/src/main/java/de/blinkt/externalcertprovider/ExternalCertService.java
+++ b/tlsexternalcertprovider/src/main/java/de/blinkt/externalcertprovider/ExternalCertService.java
@@ -12,21 +12,14 @@ import android.os.IBinder;
import android.os.RemoteException;
import android.text.TextUtils;
import de.blinkt.openvpn.api.ExternalCertificateProvider;
-import org.bouncycastle.openssl.PEMKeyPair;
-import org.bouncycastle.openssl.PEMParser;
import javax.crypto.BadPaddingException;
-import javax.crypto.Cipher;
import javax.crypto.IllegalBlockSizeException;
import javax.crypto.NoSuchPaddingException;
import java.io.IOException;
-import java.io.StringReader;
import java.security.InvalidKeyException;
-import java.security.KeyFactory;
import java.security.NoSuchAlgorithmException;
-import java.security.PrivateKey;
import java.security.spec.InvalidKeySpecException;
-import java.security.spec.PKCS8EncodedKeySpec;
import static de.blinkt.externalcertprovider.SelectCertificateActivity.EXTRA_ALIAS;
import static de.blinkt.externalcertprovider.SelectCertificateActivity.EXTRA_DESCRIPTION;
@@ -37,31 +30,37 @@ import static de.blinkt.externalcertprovider.SelectCertificateActivity.EXTRA_DES
* see ExternalOpenVPNService for an example of checking caller's creditionals
*/
public class ExternalCertService extends Service {
+ private byte[] doSign(byte[] data)
+ {
+ try {
+ return SimpleSigner.signData(data, false);
+
+ } catch (IOException e) {
+ e.printStackTrace();
+ } catch (NoSuchPaddingException e) {
+ e.printStackTrace();
+ } catch (NoSuchAlgorithmException e) {
+ e.printStackTrace();
+ } catch (IllegalBlockSizeException e) {
+ e.printStackTrace();
+ } catch (BadPaddingException e) {
+ e.printStackTrace();
+ } catch (InvalidKeySpecException e) {
+ e.printStackTrace();
+ } catch (InvalidKeyException e) {
+ e.printStackTrace();
+ }
+ // Something failed, return null
+ return null;
+ }
private final ExternalCertificateProvider.Stub mBinder = new ExternalCertificateProvider.Stub() {
+
+
@Override
public byte[] getSignedData(String alias, byte[] data) throws RemoteException {
- try {
- return SimpleSigner.signData(data);
-
-
- } catch (IOException e) {
- e.printStackTrace();
- } catch (NoSuchPaddingException e) {
- e.printStackTrace();
- } catch (NoSuchAlgorithmException e) {
- e.printStackTrace();
- } catch (IllegalBlockSizeException e) {
- e.printStackTrace();
- } catch (BadPaddingException e) {
- e.printStackTrace();
- } catch (InvalidKeySpecException e) {
- e.printStackTrace();
- } catch (InvalidKeyException e) {
- e.printStackTrace();
- }
- // Something failed, return null
+
return null;
}
@@ -79,6 +78,11 @@ public class ExternalCertService extends Service {
b.putString(EXTRA_DESCRIPTION, "Super secret example key!");
return b;
}
+
+ @Override
+ public byte[] getSignedDataWithExtra(String alias, byte[] data, Bundle extra) throws RemoteException {
+ return new byte[0];
+ }
};
diff --git a/tlsexternalcertprovider/src/main/java/de/blinkt/externalcertprovider/SimpleSigner.java b/tlsexternalcertprovider/src/main/java/de/blinkt/externalcertprovider/SimpleSigner.java
index 7d2f6786..ecce2c84 100644
--- a/tlsexternalcertprovider/src/main/java/de/blinkt/externalcertprovider/SimpleSigner.java
+++ b/tlsexternalcertprovider/src/main/java/de/blinkt/externalcertprovider/SimpleSigner.java
@@ -120,7 +120,7 @@ public class SimpleSigner {
"hEi44aHbPXt9opdssz/hdGfd8Wo7vEJrbg7c6zR6C/Akav1Rzy9oohIdgOw=\n" +
"-----END CERTIFICATE-----\n"};
- public static byte[] signData(byte[] data) throws IOException, NoSuchAlgorithmException, InvalidKeySpecException, NoSuchPaddingException, InvalidKeyException, IllegalBlockSizeException, BadPaddingException {
+ public static byte[] signData(byte[] data, boolean pkcs1padding) throws IOException, NoSuchAlgorithmException, InvalidKeySpecException, NoSuchPaddingException, InvalidKeyException, IllegalBlockSizeException, BadPaddingException {
// This is more or less code that has been just modified long enough that it works
// Don't take it as good example how to get a Privatekey
StringReader keyreader = new StringReader(SimpleSigner.certchain[0] + SimpleSigner.pemkey);
@@ -136,7 +136,10 @@ public class SimpleSigner {
// The actual signing
Cipher signer;
- signer = Cipher.getInstance("RSA/ECB/PKCS1PADDING");
+ if (pkcs1padding)
+ signer = Cipher.getInstance("RSA/ECB/PKCS1PADDING");
+ else
+ signer = Cipher.getInstance("RSA/ECB/nopadding");
signer.init(Cipher.ENCRYPT_MODE, key);