From: Tobias Brunner <tobias@strongswan.org>
Date: Tue, 21 Oct 2014 16:03:49 +0000 (+0200)
Subject: android: Add support for signature schemes used by EAP-TLS
X-Git-Tag: 5.2.2dr1~41^2~1
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=4b39a4117a5f8a7515ff2130f784b9f378e79120;p=thirdparty%2Fstrongswan.git

android: Add support for signature schemes used by EAP-TLS
---

diff --git a/src/frontends/android/jni/libandroidbridge/backend/android_private_key.c b/src/frontends/android/jni/libandroidbridge/backend/android_private_key.c
index 1985f0e98e..769ea3f314 100644
--- a/src/frontends/android/jni/libandroidbridge/backend/android_private_key.c
+++ b/src/frontends/android/jni/libandroidbridge/backend/android_private_key.c
@@ -68,6 +68,9 @@ METHOD(private_key_t, sign, bool,
 		case KEY_RSA:
 			switch (scheme)
 			{
+				case SIGN_RSA_EMSA_PKCS1_NULL:
+					method = "NONEwithRSA";
+					break;
 				case SIGN_RSA_EMSA_PKCS1_MD5:
 					method = "MD5withRSA";
 					break;
@@ -93,12 +96,18 @@ METHOD(private_key_t, sign, bool,
 		case KEY_ECDSA:
 			switch (scheme)
 			{
+				case SIGN_ECDSA_WITH_SHA1_DER:
+					method = "SHA1withECDSA";
+					break;
+				case SIGN_ECDSA_WITH_SHA256_DER:
 				case SIGN_ECDSA_256:
 					method = "SHA256withECDSA";
 					break;
+				case SIGN_ECDSA_WITH_SHA384_DER:
 				case SIGN_ECDSA_384:
 					method = "SHA384withECDSA";
 					break;
+				case SIGN_ECDSA_WITH_SHA512_DER:
 				case SIGN_ECDSA_521:
 					method = "SHA512withECDSA";
 					break;
@@ -189,30 +198,36 @@ METHOD(private_key_t, sign, bool,
 			default:
 				break;
 		}
-
-		/* we get an ASN.1 encoded sequence of integers r and s */
-		parse = encoded = chunk_from_byte_array(env, jsigarray);
-		if (asn1_unwrap(&parse, &parse) != ASN1_SEQUENCE ||
-			asn1_unwrap(&parse, &r) != ASN1_INTEGER ||
-			asn1_unwrap(&parse, &s) != ASN1_INTEGER)
+		if (len)
 		{
+			/* we get an ASN.1 encoded sequence of integers r and s */
+			parse = encoded = chunk_from_byte_array(env, jsigarray);
+			if (asn1_unwrap(&parse, &parse) != ASN1_SEQUENCE ||
+				asn1_unwrap(&parse, &r) != ASN1_INTEGER ||
+				asn1_unwrap(&parse, &s) != ASN1_INTEGER)
+			{
+				chunk_free(&encoded);
+				goto failed;
+			}
+			r = chunk_skip_zero(r);
+			s = chunk_skip_zero(s);
+			if (r.len > len || s.len > len)
+			{
+				chunk_free(&encoded);
+				goto failed;
+			}
+
+			/* concatenate r and s (forced to the defined length) */
+			*signature = chunk_alloc(2*len);
+			memset(signature->ptr, 0, signature->len);
+			memcpy(signature->ptr + (len - r.len), r.ptr, r.len);
+			memcpy(signature->ptr + len + (len - s.len), s.ptr, s.len);
 			chunk_free(&encoded);
-			goto failed;
 		}
-		r = chunk_skip_zero(r);
-		s = chunk_skip_zero(s);
-		if (r.len > len || s.len > len)
+		else
 		{
-			chunk_free(&encoded);
-			goto failed;
+			*signature = chunk_from_byte_array(env, jsigarray);
 		}
-
-		/* concatenate r and s (forced to the defined length) */
-		*signature = chunk_alloc(2*len);
-		memset(signature->ptr, 0, signature->len);
-		memcpy(signature->ptr + (len - r.len), r.ptr, r.len);
-		memcpy(signature->ptr + len + (len - s.len), s.ptr, s.len);
-		chunk_free(&encoded);
 	}
 	else
 	{