From f481f5508518f172a39c81829264df8686fe7872 Mon Sep 17 00:00:00 2001 From: Arne Schwabe Date: Fri, 23 Aug 2013 12:35:11 +0200 Subject: Fix TLS 1.2 and Android 4.1 --- jni/jbcrypto.cpp | 15 ++++++++++----- 1 file changed, 10 insertions(+), 5 deletions(-) (limited to 'jni/jbcrypto.cpp') diff --git a/jni/jbcrypto.cpp b/jni/jbcrypto.cpp index 7413a313..2fd1262a 100644 --- a/jni/jbcrypto.cpp +++ b/jni/jbcrypto.cpp @@ -40,7 +40,7 @@ int jniThrowException(JNIEnv* env, const char* className, const char* msg) { return 0; } - +static char opensslerr[1024]; jbyteArray Java_de_blinkt_openvpn_core_NativeUtils_rsasign (JNIEnv* env, jclass, jbyteArray from, jint pkeyRef) { // EVP_MD_CTX* ctx = reinterpret_cast(ctxRef); @@ -58,7 +58,7 @@ jbyteArray Java_de_blinkt_openvpn_core_NativeUtils_rsasign (JNIEnv* env, jclass, if(data==NULL ) jniThrowException(env, "java/lang/NullPointerException", "data is null"); - unsigned int siglen; + int siglen; unsigned char* sigret = (unsigned char*)malloc(RSA_size(pkey->pkey.rsa)); @@ -66,11 +66,16 @@ jbyteArray Java_de_blinkt_openvpn_core_NativeUtils_rsasign (JNIEnv* env, jclass, // unsigned char *sigret, unsigned int *siglen, RSA *rsa); // adapted from s3_clnt.c - if (RSA_sign(NID_md5_sha1, (unsigned char*) data, datalen, - sigret, &siglen, pkey->pkey.rsa) <= 0 ) + /* if (RSA_sign(NID_md5_sha1, (unsigned char*) data, datalen, + sigret, &siglen, pkey->pkey.rsa) <= 0 ) */ + + siglen = RSA_private_encrypt(datalen,(unsigned char*) data,sigret,pkey->pkey.rsa,RSA_PKCS1_PADDING); + + if (siglen < 0) { - jniThrowException(env, "java/security/InvalidKeyException", "rsa_sign went wrong, see logcat"); + ERR_error_string_n(ERR_get_error(), opensslerr ,1024); + jniThrowException(env, "java/security/InvalidKeyException", opensslerr); ERR_print_errors_fp(stderr); return NULL; -- cgit v1.2.3