From 991d5e1d3f0bf8a1daad3ed41bff9489ffb17fe2 Mon Sep 17 00:00:00 2001 From: Arne Schwabe Date: Sat, 30 Jun 2012 11:38:31 +0200 Subject: Relase version 0.5.9 --- openvpn/src/openvpn/options.c | 2 +- res/values/strings.xml | 3 ++- src/de/blinkt/openvpn/OpenVpnManagementThread.java | 8 ++++++-- src/de/blinkt/openvpn/VpnProfile.java | 9 +++++++-- 4 files changed, 16 insertions(+), 6 deletions(-) diff --git a/openvpn/src/openvpn/options.c b/openvpn/src/openvpn/options.c index b83c1de6..b3a41d7b 100644 --- a/openvpn/src/openvpn/options.c +++ b/openvpn/src/openvpn/options.c @@ -2732,7 +2732,7 @@ options_postprocess_filechecks (struct options *options) "--extra-certs"); #ifdef MANAGMENT_EXTERNAL_KEY - if(!(options->management_flags | MF_EXTERNAL_KEY)) + if(!(options->management_flags & MF_EXTERNAL_KEY)) #endif errs |= check_file_access (CHKACC_FILE|CHKACC_INLINE, options->priv_key_file, R_OK, "--key"); diff --git a/res/values/strings.xml b/res/values/strings.xml index ba4f6b02..d6b55458 100644 --- a/res/values/strings.xml +++ b/res/values/strings.xml @@ -220,6 +220,7 @@ Keep the notification displayed after the connection is established to show traffic statistics. Show Traffic Statistics Running on %1$s (%2$s) %3$s, Android API %4$d - Error signing with Android keystore key %s + Error signing with Android keystore key %1$s: %2$s + Reading from Android Keystore does not work in Jelly Beans (Google change the way private keys are returned) diff --git a/src/de/blinkt/openvpn/OpenVpnManagementThread.java b/src/de/blinkt/openvpn/OpenVpnManagementThread.java index e1b37342..69129eb1 100644 --- a/src/de/blinkt/openvpn/OpenVpnManagementThread.java +++ b/src/de/blinkt/openvpn/OpenVpnManagementThread.java @@ -403,9 +403,12 @@ public class OpenVpnManagementThread implements Runnable { private void processSignCommand(String b64data) { PrivateKey privkey = mProfile.getKeystoreKey(); Exception err =null; + try{ byte[] data = Base64.decode(b64data, Base64.DEFAULT); - Cipher rsasinger = javax.crypto.Cipher.getInstance("RSA/ECB/PKCS1PADDING"); + + Cipher rsasinger = Cipher.getInstance("RSA/ECB/PKCS1PADDING"); + rsasinger.init(Cipher.ENCRYPT_MODE, privkey); byte[] signed_bytes = rsasinger.doFinal(data); @@ -425,8 +428,9 @@ public class OpenVpnManagementThread implements Runnable { err =e; } if(err !=null) { - OpenVPN.logError(R.string.error_rsa_sign,err.getLocalizedMessage()); + OpenVPN.logError(R.string.error_rsa_sign,err.getClass().toString(),err.getLocalizedMessage()); } + } } diff --git a/src/de/blinkt/openvpn/VpnProfile.java b/src/de/blinkt/openvpn/VpnProfile.java index 8b758b3b..54eaae88 100644 --- a/src/de/blinkt/openvpn/VpnProfile.java +++ b/src/de/blinkt/openvpn/VpnProfile.java @@ -24,6 +24,7 @@ import org.spongycastle.util.io.pem.PemWriter; import android.content.Context; import android.content.Intent; import android.content.pm.ApplicationInfo; +import android.os.Build; import android.security.KeyChain; import android.security.KeyChainException; @@ -551,8 +552,12 @@ public class VpnProfile implements Serializable{ //! Return an error if somethign is wrong int checkProfile() { - if((mAuthenticationType==TYPE_KEYSTORE || mAuthenticationType==TYPE_USERPASS_KEYSTORE) && mAlias==null) - return R.string.no_keystore_cert_selected; + if(mAuthenticationType==TYPE_KEYSTORE || mAuthenticationType==TYPE_USERPASS_KEYSTORE) { + if(mAlias==null) + return R.string.no_keystore_cert_selected; + if(Build.VERSION.SDK_INT == 16) + return R.string.keychain_jellybeans; + } if(!mUsePull) { if(mIPv4Address == null || cidrToIPAndNetmask(mIPv4Address) == null) -- cgit v1.2.3