Introduction:

VPN App has been developed using IKEV2 protocol the most secure and fast of all the protocols. As android did not have built-in support for IKEV2 protocol so I have used StronSwan (the OpenSource IPsec-based VPN Solution).

Architecture Overview:

The App consists of a Java part, the native strongSwan libraries (libstrongswan, libcharon etc.) and a library to glue these two parts together. The Java part and the libraries communicate by means of the Java Native Interface (JNI).

StrongSwan Configuration:

I am working on windows platform. For configuring StrongSwan there are some shell commands, As windows cmd does not support shell commands for this I have used CENTOS virtual machine. Download VMWare or Vitual box to host your virtual machine on windows and then open .vmx file.

In CENTOS you need the following tools:

  • a recent GNU C compiler (>= 3.x)
  • automake
  • Autoconf
  • Libtool
  • pkg-config
  • gettext
  • perl
  • Python
  • lex/flex
  • yacc/bison
  • gperf

Open terminal window in CENTOS

1. Clone StrongSwan using command:

git clone https://git.strongswan.org/strongswan.git

After a successful check out, give the autotools a try:

2. First go to the strongswan directory that you have cloned by running following command:

cd strongswan/

3. Then run these commands one by one after each command done successful :

•	./autogen.sh
•	./configure
•	Make
•	make install

This creates several pre-built source files.

4. Next go to JNI directory by running the following command:

cd src/frontends/android/app/src/main/jni

And run this command:

Git clone https://git.strongswan.org/android-ndk-boringssl.git -b ndk-staticopenssl

Now copy the code from CENTOS to window and run the app in android studio the code for the App can be found in the source: strongswan/src/frontends/android directory of our repository. To build it the Android SDK and NDK are required.

5. After that we need .so files for native classes to communicate with java classes. Download the Strongswan project from Github and copy JniLibs folder from this github project and paste it in your project that have copied from CENTOS in the following path:

strongswan/src/frontends/android /app/src/main

Try to build the project if there is ndk path problem try replacing this

task buildNative(type: Exec) {
    workingDir 'src/main/jni'
commandLine "${android.ndkDirectory}/ndk-build", '-j', Runtime.runtime.availableProcessors()
}

with this

task buildNative(type: Exec) {
    workingDir 'src/main/jni'
commandLine "${android.ndkDirectory}\ndk-build.cmd", '-j', Runtime.runtime.availableProcessors()
}

and sync now.

6. One last thing
Replace following code from

strongswan\src\frontends\android\app\src\main\java\org\strongswan\android\logic/CharonVpnService.java
SettingsWriter writer = new SettingsWriter();
writer.setValue("global.language", Locale.getDefault().getLanguage());
writer.setValue("global.mtu", mCurrentProfile.getMTU());
writer.setValue("global.nat_keepalive", mCurrentProfile.getNATKeepAlive());
writer.setValue("global.rsa_pss", (mCurrentProfile.getFlags() & VpnProfile.FLAGS_RSA_PSS) != 0);
writer.setValue("global.crl", (mCurrentProfile.getFlags() & VpnProfile.FLAGS_DISABLE_CRL) == 0);
writer.setValue("global.ocsp", (mCurrentProfile.getFlags() & VpnProfile.FLAGS_DISABLE_OCSP) == 0);
writer.setValue("connection.type", mCurrentProfile.getVpnType().getIdentifier());
writer.setValue("connection.server", mCurrentProfile.getGateway());
writer.setValue("connection.port", mCurrentProfile.getPort());
writer.setValue("connection.username", mCurrentProfile.getUsername());
writer.setValue("connection.password", mCurrentProfile.getPassword());
writer.setValue("connection.local_id", mCurrentProfile.getLocalId());
writer.setValue("connection.remote_id", mCurrentProfile.getRemoteId());
writer.setValue("connection.certreq", (mCurrentProfile.getFlags() & VpnProfile.FLAGS_SUPPRESS_CERT_REQS) == 0);
writer.setValue("connection.strict_revocation", (mCurrentProfile.getFlags() & VpnProfile.FLAGS_STRICT_REVOCATION) != 0);
writer.setValue("connection.ike_proposal", mCurrentProfile.getIkeProposal());
writer.setValue("connection.esp_proposal", mCurrentProfile.getEspProposal());
initiate(writer.serialize());

With this

initiate(mCurrentProfile.getVpnType().getIdentifier(),
mCurrentProfile.getGateway(), mCurrentProfile.getUsername(),
mCurrentProfile.getPassword());

Now it should work.

Add Strongswan as a Module in Android app:

If u want to use strongswan in your app, add android folder from this path strongswan\src\frontends\android in your app as a module and use this project in your app.

1. Got to File->New->import module

2. Select android folder from the strongswan project directory
It will give error that the app module is already exist so change the module name from “app” to “strongswan” you can write what u want. And click finish.

3. Right click on app and click open module settings

4. Select Dependencies tab from side menu, click on “+”and select module dependency

5. Select strongswan and click ok.

6. Now you can see strongswan module is added

RECENT POSTS

Do you want us to build an App for you ?