From fd3554ab36b8ab20e34a187afdc82ceead470739 Mon Sep 17 00:00:00 2001 From: Arne Schwabe Date: Fri, 22 Jul 2022 13:18:18 +0200 Subject: Update OpenVPN/OpenVPN3, use xkey in OpenVPN3 --- main/src/ui/java/de/blinkt/openvpn/core/OpenVPNThreadv3.java | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) (limited to 'main/src/ui') diff --git a/main/src/ui/java/de/blinkt/openvpn/core/OpenVPNThreadv3.java b/main/src/ui/java/de/blinkt/openvpn/core/OpenVPNThreadv3.java index 780fa217..0cbd7ce5 100644 --- a/main/src/ui/java/de/blinkt/openvpn/core/OpenVPNThreadv3.java +++ b/main/src/ui/java/de/blinkt/openvpn/core/OpenVPNThreadv3.java @@ -237,6 +237,9 @@ public class OpenVPNThreadv3 extends ClientAPI_OpenVPNClient implements Runnable VpnStatus.logDebug("Got external PKI signing request from OpenVPN core for algorithm " + signreq.getAlgorithm()); SignaturePadding padding; switch (signreq.getAlgorithm()) { + case "RSA_PKCS1_PSS_PADDING": + padding = SignaturePadding.RSA_PKCS1_PSS_PADDING; + break; case "RSA_PKCS1_PADDING": padding = SignaturePadding.RSA_PKCS1_PADDING; break; @@ -249,7 +252,8 @@ public class OpenVPNThreadv3 extends ClientAPI_OpenVPNClient implements Runnable default: throw new IllegalArgumentException("Illegal padding in sign request" + signreq.getAlgorithm()); } - signreq.setSig(mVp.getSignedData(mService, signreq.getData(), padding, "", "", false)); + boolean needDigest = !signreq.getHashalg().isEmpty(); + signreq.setSig(mVp.getSignedData(mService, signreq.getData(), padding, signreq.getSaltlen(), signreq.getHashalg(), needDigest)); } void setUserPW() { -- cgit v1.2.3