2 files changed, 28 insertions, 2 deletions

diff --git a/app/src/main/java/org/pacien/tincapp/commands/TincApp.kt b/app/src/main/java/org/pacien/tincapp/commands/TincApp.kt
index b18a39b..b564b6a 100644
--- a/app/src/main/java/org/pacien/tincapp/commands/TincApp.kt
+++ b/app/src/main/java/org/pacien/tincapp/commands/TincApp.kt
@@ -1,9 +1,14 @@
 package org.pacien.tincapp.commands
 
 import java8.util.concurrent.CompletableFuture
+import org.pacien.tincapp.R
 import org.pacien.tincapp.commands.Executor.runAsyncTask
+import org.pacien.tincapp.context.App
 import org.pacien.tincapp.context.AppPaths
+import org.pacien.tincapp.data.TincConfiguration
 import org.pacien.tincapp.data.VpnInterfaceConfiguration
+import org.pacien.tincapp.utils.PemUtils
+import java.io.FileNotFoundException
 
 /**
  * @author pacien
@@ -16,6 +21,16 @@ object TincApp {
     private fun listScripts(netName: String) = AppPaths.confDir(netName).listFiles { f -> f.name in STATIC_SCRIPTS } +
             AppPaths.hostsDir(netName).listFiles { f -> SCRIPT_SUFFIXES.any { f.name.endsWith(it) } }
 
+    fun listPrivateKeys(netName: String) = try {
+        TincConfiguration.fromTincConfiguration(AppPaths.existing(AppPaths.tincConfFile(netName))).let {
+            listOf(
+                    it.privateKeyFile ?: AppPaths.defaultRsaPrivateKeyFile(netName),
+                    it.ed25519PrivateKeyFile ?: AppPaths.defaultEd25519PrivateKeyFile(netName))
+        }
+    } catch (e: FileNotFoundException) {
+        throw FileNotFoundException(App.getResources().getString(R.string.message_network_config_not_found_format, e.message!!))
+    }
+
     fun removeScripts(netName: String): CompletableFuture<Void> = runAsyncTask {
         listScripts(netName).forEach { it.delete() }
     }
@@ -26,4 +41,13 @@ object TincApp {
                 .write(AppPaths.netConfFile(netName))
     }
 
+    fun setPassphrase(netName: String, currentPassphrase: String? = null, newPassphrase: String?): CompletableFuture<Void> = runAsyncTask {
+        listPrivateKeys(netName)
+                .filter { it.exists() }
+                .map { Pair(PemUtils.read(it), it) }
+                .map { Pair(PemUtils.decrypt(it.first, currentPassphrase), it.second) }
+                .map { Pair(if (newPassphrase?.isNotEmpty() == true) PemUtils.encrypt(it.first, newPassphrase) else it.first, it.second) }
+                .forEach { PemUtils.write(it.first, it.second.writer()) }
+    }
+
 }
diff --git a/app/src/main/java/org/pacien/tincapp/commands/Tincd.kt b/app/src/main/java/org/pacien/tincapp/commands/Tincd.kt
index db113cc..d44d930 100644
--- a/app/src/main/java/org/pacien/tincapp/commands/Tincd.kt
+++ b/app/src/main/java/org/pacien/tincapp/commands/Tincd.kt
@@ -7,14 +7,16 @@ import org.pacien.tincapp.context.AppPaths
  */
 object Tincd {
 
-    fun start(netName: String, fd: Int) {
+    fun start(netName: String, deviceFd: Int, ed25519PrivateKeyFd: Int? = null, rsaPrivateKeyFd: Int? = null) {
         Executor.forkExec(Command(AppPaths.tincd().absolutePath)
                 .withOption("no-detach")
                 .withOption("config", AppPaths.confDir(netName).absolutePath)
                 .withOption("pidfile", AppPaths.pidFile(netName).absolutePath)
                 .withOption("logfile", AppPaths.logFile(netName).absolutePath)
                 .withOption("option", "DeviceType=fd")
-                .withOption("option", "Device=" + fd))
+                .withOption("option", "Device=" + deviceFd)
+                .apply { if (ed25519PrivateKeyFd != null) withOption("option", "Ed25519PrivateKeyFile=/proc/self/fd/$ed25519PrivateKeyFd") }
+                .apply { if (rsaPrivateKeyFd != null) withOption("option", "PrivateKeyFile=/proc/self/fd/$rsaPrivateKeyFd") })
     }
 
 }