summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--main/build.gradle5
-rw-r--r--main/src/main/java/de/blinkt/openvpn/VpnProfile.java39
2 files changed, 32 insertions, 12 deletions
diff --git a/main/build.gradle b/main/build.gradle
index 18e5a308..6d2d5d05 100644
--- a/main/build.gradle
+++ b/main/build.gradle
@@ -48,8 +48,8 @@ android {
defaultConfig {
minSdkVersion 14
targetSdkVersion 27
- versionCode = 153
- versionName = "0.6.73"
+ versionCode = 154
+ versionName = "0.7.0"
externalNativeBuild {
cmake {
@@ -140,7 +140,6 @@ android.applicationVariants.all { variant ->
android.applicationVariants.all { variant ->
variant.productFlavors.each {
- logger.warn("A warning log message. ${it.dimension}, ${it.name}")
if (it.dimension == 'implementation' && it.name == 'ovpn3')
variant.getJavaCompiler().dependsOn(generateOpenVPN3Swig)
diff --git a/main/src/main/java/de/blinkt/openvpn/VpnProfile.java b/main/src/main/java/de/blinkt/openvpn/VpnProfile.java
index 622cfbe2..5f997f72 100644
--- a/main/src/main/java/de/blinkt/openvpn/VpnProfile.java
+++ b/main/src/main/java/de/blinkt/openvpn/VpnProfile.java
@@ -32,9 +32,7 @@ import java.io.Serializable;
import java.io.StringWriter;
import java.lang.reflect.InvocationTargetException;
import java.lang.reflect.Method;
-import java.security.InvalidKeyException;
-import java.security.NoSuchAlgorithmException;
-import java.security.PrivateKey;
+import java.security.*;
import java.security.cert.Certificate;
import java.security.cert.CertificateException;
import java.security.cert.X509Certificate;
@@ -582,7 +580,7 @@ public class VpnProfile implements Serializable, Cloneable {
SharedPreferences prefs = PreferenceManager.getDefaultSharedPreferences(context);
boolean usesystemproxy = prefs.getBoolean("usesystemproxy", true);
- if (usesystemproxy && !mIsOpenVPN22 && !configForOvpn3) {
+ if (usesystemproxy && !mIsOpenVPN22 && !configForOvpn3) {
cfg += "# Use system proxy setting\n";
cfg += "management-query-proxy\n";
}
@@ -955,6 +953,15 @@ public class VpnProfile implements Serializable, Cloneable {
if (noRemoteEnabled)
return R.string.remote_no_server_selected;
+ if (doUseOpenVPN3(context)) {
+ if (mAuthenticationType == TYPE_STATICKEYS) {
+ return R.string.openvpn3_nostatickeys;
+ }
+ if (mAuthenticationType == TYPE_PKCS12 || mAuthenticationType == TYPE_USERPASS_PKCS12) {
+ return R.string.openvpn3_pkcs12;
+ }
+ }
+
// Everything okay
return R.string.no_error_found;
@@ -1088,19 +1095,33 @@ public class VpnProfile implements Serializable, Cloneable {
try {
+ @SuppressLint("GetInstance")
+ String keyalgorithm = privkey.getAlgorithm();
+
+ byte[] signed_bytes;
+ if (keyalgorithm.equals("EC")) {
+ Signature signer = Signature.getInstance("NONEwithECDSA");
+
+ signer.initSign(privkey);
+ signer.update(data);
+ signed_bytes = signer.sign();
+
+ } else {
/* ECB is perfectly fine in this special case, since we are using it for
the public/private part in the TLS exchange
*/
- @SuppressLint("GetInstance")
- Cipher rsaSigner = Cipher.getInstance("RSA/ECB/PKCS1PADDING");
+ Cipher signer;
+ signer = Cipher.getInstance("RSA/ECB/PKCS1PADDING");
+
- rsaSigner.init(Cipher.ENCRYPT_MODE, privkey);
+ signer.init(Cipher.ENCRYPT_MODE, privkey);
- byte[] signed_bytes = rsaSigner.doFinal(data);
+ signed_bytes = signer.doFinal(data);
+ }
return Base64.encodeToString(signed_bytes, Base64.NO_WRAP);
} catch (NoSuchAlgorithmException | InvalidKeyException | IllegalBlockSizeException
- | BadPaddingException | NoSuchPaddingException e) {
+ | BadPaddingException | NoSuchPaddingException | SignatureException e) {
VpnStatus.logError(R.string.error_rsa_sign, e.getClass().toString(), e.getLocalizedMessage());
return null;
}