android: Add flag to enable RSA/PSS

src/frontends/android/app/src/main/java/org/strongswan/android/data/VpnProfile.java

@@ -35,6 +35,7 @@ public class VpnProfile implements Cloneable
 	public static final int FLAGS_DISABLE_CRL = 1 << 1;
 	public static final int FLAGS_DISABLE_OCSP = 1 << 2;
 	public static final int FLAGS_STRICT_REVOCATION = 1 << 3;
+	public static final int FLAGS_RSA_PSS = 1 << 4;
 
 	private String mName, mGateway, mUsername, mPassword, mCertificate, mUserCertificate;
 	private String mRemoteId, mLocalId, mExcludedSubnets, mIncludedSubnets, mSelectedApps;

src/frontends/android/app/src/main/java/org/strongswan/android/logic/CharonVpnService.java

@@ -301,6 +301,7 @@ public class CharonVpnService extends VpnService implements Runnable, VpnStateSe
 							writer.setValue("global.language", Locale.getDefault().getLanguage());
 							writer.setValue("global.mtu", mCurrentProfile.getMTU());
 							writer.setValue("global.nat_keepalive", mCurrentProfile.getNATKeepAlive());
+							writer.setValue("global.rsa_pss", (mCurrentProfile.getFlags() & VpnProfile.FLAGS_RSA_PSS) != 0);
 							writer.setValue("global.crl", (mCurrentProfile.getFlags() & VpnProfile.FLAGS_DISABLE_CRL) == 0);
 							writer.setValue("global.ocsp", (mCurrentProfile.getFlags() & VpnProfile.FLAGS_DISABLE_OCSP) == 0);
 							writer.setValue("connection.type", mCurrentProfile.getVpnType().getIdentifier());

src/frontends/android/app/src/main/jni/libandroidbridge/charonservice.c

@@ -418,6 +418,9 @@ static void initiate(settings_t *settings)
 	lib->settings->set_bool(lib->settings,
 						"charon.plugins.revocation.enable_ocsp",
 						settings->get_bool(settings, "global.ocsp", TRUE));
+	lib->settings->set_bool(lib->settings,
+						"charon.rsa_pss",
+						settings->get_bool(settings, "global.rsa_pss", FALSE));
 	/* this is actually the size of the complete IKE/IP packet, so if the MTU
 	 * for the TUN devices has to be reduced to pass traffic the IKE packets
 	 * will be a bit smaller than necessary as there is no IPsec overhead like