fedilab-Android-App/app/src/main/java/app/fedilab/android/client/TLSSocketFactory.java

package app.fedilab.android.client;


import android.annotation.SuppressLint;
import android.content.SharedPreferences;

import java.io.IOException;
import java.net.InetAddress;
import java.net.Socket;
import java.security.KeyManagementException;
import java.security.NoSuchAlgorithmException;

import javax.net.ssl.SSLContext;
import javax.net.ssl.SSLSocket;
import javax.net.ssl.SSLSocketFactory;
import javax.net.ssl.TrustManager;
import javax.net.ssl.X509TrustManager;

import app.fedilab.android.activities.MainApplication;
import app.fedilab.android.helper.Helper;

/**
 * Created by Thomas on 29/08/2017.
 */

public class TLSSocketFactory extends SSLSocketFactory {

    private final SSLSocketFactory sSLSocketFactory;
    private final SSLContext sslContext;
    private final boolean isOnion;

    public TLSSocketFactory(String instance) throws KeyManagementException, NoSuchAlgorithmException {


        if (instance == null || !instance.endsWith(".onion")) {
            sslContext = SSLContext.getInstance("TLS");
            isOnion = false;
            sslContext.init(null, null, null);
        } else { //Onion URLs
            sslContext = SSLContext.getInstance("SSL");
            isOnion = true;
            TrustManager[] trustAllCerts = new TrustManager[]{
                    new X509TrustManager() {
                        public java.security.cert.X509Certificate[] getAcceptedIssuers() {
                            return null;
                        }

                        @SuppressLint("TrustAllX509TrustManager")
                        public void checkClientTrusted(
                                java.security.cert.X509Certificate[] certs, String authType) {
                        }

                        @SuppressLint("TrustAllX509TrustManager")
                        public void checkServerTrusted(
                                java.security.cert.X509Certificate[] certs, String authType) {
                        }
                    }
            };
            sslContext.init(null, trustAllCerts, null);

        }
        sSLSocketFactory = sslContext.getSocketFactory();

    }

    public SSLContext getSSLContext() {
        return this.sslContext;
    }


    @Override
    public String[] getDefaultCipherSuites() {
        return sSLSocketFactory.getDefaultCipherSuites();
    }

    @Override
    public String[] getSupportedCipherSuites() {
        return sSLSocketFactory.getSupportedCipherSuites();
    }

    @Override
    public Socket createSocket() throws IOException {
        return enableTLSOnSocket(sSLSocketFactory.createSocket());
    }

    @Override
    public Socket createSocket(Socket s, String host, int port, boolean autoClose) throws IOException {
        return enableTLSOnSocket(sSLSocketFactory.createSocket(s, host, port, autoClose));
    }

    @Override
    public Socket createSocket(String host, int port) throws IOException {
        return enableTLSOnSocket(sSLSocketFactory.createSocket(host, port));
    }

    @Override
    public Socket createSocket(String host, int port, InetAddress localHost, int localPort) throws IOException {
        return enableTLSOnSocket(sSLSocketFactory.createSocket(host, port, localHost, localPort));
    }

    @Override
    public Socket createSocket(InetAddress host, int port) throws IOException {
        return enableTLSOnSocket(sSLSocketFactory.createSocket(host, port));
    }

    @Override
    public Socket createSocket(InetAddress address, int port, InetAddress localAddress, int localPort) throws IOException {
        return enableTLSOnSocket(sSLSocketFactory.createSocket(address, port, localAddress, localPort));
    }

    private Socket enableTLSOnSocket(Socket socket) {
        if ((socket instanceof SSLSocket)) {
            if (!isOnion) {
                boolean security_provider = false;
                try {
                    SharedPreferences sharedpreferences = MainApplication.getApp().getSharedPreferences(Helper.APP_PREFS, android.content.Context.MODE_PRIVATE);
                    security_provider = sharedpreferences.getBoolean(Helper.SET_SECURITY_PROVIDER, true);
                } catch (Exception ignored) {
                }
                if (security_provider)
                    ((SSLSocket) socket).setEnabledProtocols(new String[]{"TLSv1.1", "TLSv1.2", "TLSv1.3"});
                else
                    ((SSLSocket) socket).setEnabledProtocols(new String[]{"TLSv1.1", "TLSv1.2"});
            } else {
                ((SSLSocket) socket).setEnabledProtocols(new String[]{"TLSv1.1", "TLSv1.2",});
            }
        }
        return socket;
    }
}
Change package name + app id 2019-05-18 11:10:30 +02:00			`package app.fedilab.android.client;`
new code 2017-08-29 15:57:51 +02:00

CLean some classes 2020-03-08 11:28:51 +01:00			`import android.annotation.SuppressLint;`
Disable conscrypt in login page 2019-02-14 10:06:18 +01:00			`import android.content.SharedPreferences;`
Reformat code 2019-09-06 17:55:14 +02:00
new code 2017-08-29 15:57:51 +02:00			`import java.io.IOException;`
			`import java.net.InetAddress;`
			`import java.net.Socket;`
			`import java.security.KeyManagementException;`
			`import java.security.NoSuchAlgorithmException;`
Fix TLS 1_2 on Android 4+ 2018-11-27 18:18:05 +01:00
new code 2017-08-29 15:57:51 +02:00			`import javax.net.ssl.SSLContext;`
			`import javax.net.ssl.SSLSocket;`
			`import javax.net.ssl.SSLSocketFactory;`
Manage with the instance for ignoring certificates 2019-05-22 19:13:21 +02:00			`import javax.net.ssl.TrustManager;`
			`import javax.net.ssl.X509TrustManager;`
new code 2017-08-29 15:57:51 +02:00
Change package name + app id 2019-05-18 11:10:30 +02:00			`import app.fedilab.android.activities.MainApplication;`
			`import app.fedilab.android.helper.Helper;`
Disable conscrypt in login page 2019-02-14 10:06:18 +01:00
new code 2017-08-29 15:57:51 +02:00			`/**`
			`* Created by Thomas on 29/08/2017.`
			`*/`

			`public class TLSSocketFactory extends SSLSocketFactory {`

Remove asyncTask 2021-01-19 17:43:51 +01:00			`private final SSLSocketFactory sSLSocketFactory;`
			`private final SSLContext sslContext;`
			`private final boolean isOnion;`
new code 2017-08-29 15:57:51 +02:00
Manage with the instance for ignoring certificates 2019-05-22 19:13:21 +02:00			`public TLSSocketFactory(String instance) throws KeyManagementException, NoSuchAlgorithmException {`
new code 2017-08-29 15:57:51 +02:00
Improve proxy 2019-05-24 15:13:28 +02:00
Reformat code 2019-09-06 17:55:14 +02:00			`if (instance == null \|\| !instance.endsWith(".onion")) {`
Improve proxy 2019-05-24 15:13:28 +02:00			`sslContext = SSLContext.getInstance("TLS");`
Some changes 2019-05-23 21:36:02 +02:00			`isOnion = false;`
Manage with the instance for ignoring certificates 2019-05-22 19:13:21 +02:00			`sslContext.init(null, null, null);`
CLean some classes 2020-03-08 11:28:51 +01:00			`} else { //Onion URLs`
Improve proxy 2019-05-24 15:13:28 +02:00			`sslContext = SSLContext.getInstance("SSL");`
Some changes 2019-05-23 21:36:02 +02:00			`isOnion = true;`
Improve proxy 2019-05-24 15:13:28 +02:00			`TrustManager[] trustAllCerts = new TrustManager[]{`
			`new X509TrustManager() {`
			`public java.security.cert.X509Certificate[] getAcceptedIssuers() {`
			`return null;`
			`}`
Reformat code 2019-09-06 17:55:14 +02:00
CLean some classes 2020-03-08 11:28:51 +01:00			`@SuppressLint("TrustAllX509TrustManager")`
Improve proxy 2019-05-24 15:13:28 +02:00			`public void checkClientTrusted(`
			`java.security.cert.X509Certificate[] certs, String authType) {`
			`}`
Reformat code 2019-09-06 17:55:14 +02:00
CLean some classes 2020-03-08 11:28:51 +01:00			`@SuppressLint("TrustAllX509TrustManager")`
Improve proxy 2019-05-24 15:13:28 +02:00			`public void checkServerTrusted(`
			`java.security.cert.X509Certificate[] certs, String authType) {`
			`}`
			`}`
Manage with the instance for ignoring certificates 2019-05-22 19:13:21 +02:00			`};`
Improve proxy 2019-05-24 15:13:28 +02:00			`sslContext.init(null, trustAllCerts, null);`
Some changes 2019-05-23 21:36:02 +02:00
Manage with the instance for ignoring certificates 2019-05-22 19:13:21 +02:00			`}`
Fix TLS 1_2 on Android 4+ 2018-11-27 18:18:05 +01:00			`sSLSocketFactory = sslContext.getSocketFactory();`
Some changes 2019-05-23 21:36:02 +02:00
new code 2017-08-29 15:57:51 +02:00			`}`

Reformat code 2019-09-06 17:55:14 +02:00			`public SSLContext getSSLContext() {`
Fix TLS 1_2 on Android 4+ 2018-11-27 18:18:05 +01:00			`return this.sslContext;`
some fixes 2018-10-30 13:46:24 +01:00			`}`
some fixes 2018-10-30 17:15:29 +01:00

new code 2017-08-29 15:57:51 +02:00			`@Override`
			`public String[] getDefaultCipherSuites() {`
Fixes issue #209 - HTTP Strict Transport Security 2017-12-31 19:04:52 +01:00			`return sSLSocketFactory.getDefaultCipherSuites();`
new code 2017-08-29 15:57:51 +02:00			`}`

			`@Override`
			`public String[] getSupportedCipherSuites() {`
Fixes issue #209 - HTTP Strict Transport Security 2017-12-31 19:04:52 +01:00			`return sSLSocketFactory.getSupportedCipherSuites();`
new code 2017-08-29 15:57:51 +02:00			`}`

			`@Override`
			`public Socket createSocket() throws IOException {`
Fixes issue #209 - HTTP Strict Transport Security 2017-12-31 19:04:52 +01:00			`return enableTLSOnSocket(sSLSocketFactory.createSocket());`
new code 2017-08-29 15:57:51 +02:00			`}`

			`@Override`
			`public Socket createSocket(Socket s, String host, int port, boolean autoClose) throws IOException {`
Fixes issue #209 - HTTP Strict Transport Security 2017-12-31 19:04:52 +01:00			`return enableTLSOnSocket(sSLSocketFactory.createSocket(s, host, port, autoClose));`
new code 2017-08-29 15:57:51 +02:00			`}`

			`@Override`
some fixes 2017-12-02 08:39:01 +01:00			`public Socket createSocket(String host, int port) throws IOException {`
Fixes issue #209 - HTTP Strict Transport Security 2017-12-31 19:04:52 +01:00			`return enableTLSOnSocket(sSLSocketFactory.createSocket(host, port));`
new code 2017-08-29 15:57:51 +02:00			`}`

			`@Override`
some fixes 2017-12-02 08:39:01 +01:00			`public Socket createSocket(String host, int port, InetAddress localHost, int localPort) throws IOException {`
Fixes issue #209 - HTTP Strict Transport Security 2017-12-31 19:04:52 +01:00			`return enableTLSOnSocket(sSLSocketFactory.createSocket(host, port, localHost, localPort));`
new code 2017-08-29 15:57:51 +02:00			`}`

			`@Override`
			`public Socket createSocket(InetAddress host, int port) throws IOException {`
Fixes issue #209 - HTTP Strict Transport Security 2017-12-31 19:04:52 +01:00			`return enableTLSOnSocket(sSLSocketFactory.createSocket(host, port));`
new code 2017-08-29 15:57:51 +02:00			`}`

			`@Override`
			`public Socket createSocket(InetAddress address, int port, InetAddress localAddress, int localPort) throws IOException {`
Fixes issue #209 - HTTP Strict Transport Security 2017-12-31 19:04:52 +01:00			`return enableTLSOnSocket(sSLSocketFactory.createSocket(address, port, localAddress, localPort));`
new code 2017-08-29 15:57:51 +02:00			`}`

			`private Socket enableTLSOnSocket(Socket socket) {`
Reformat code 2019-09-06 17:55:14 +02:00			`if ((socket instanceof SSLSocket)) {`
			`if (!isOnion) {`
Some changes 2019-05-23 21:36:02 +02:00			`boolean security_provider = false;`
			`try {`
			`SharedPreferences sharedpreferences = MainApplication.getApp().getSharedPreferences(Helper.APP_PREFS, android.content.Context.MODE_PRIVATE);`
			`security_provider = sharedpreferences.getBoolean(Helper.SET_SECURITY_PROVIDER, true);`
Reformat code 2019-09-06 17:55:14 +02:00			`} catch (Exception ignored) {`
			`}`
			`if (security_provider)`
			`((SSLSocket) socket).setEnabledProtocols(new String[]{"TLSv1.1", "TLSv1.2", "TLSv1.3"});`
Some changes 2019-05-23 21:36:02 +02:00			`else`
Reformat code 2019-09-06 17:55:14 +02:00			`((SSLSocket) socket).setEnabledProtocols(new String[]{"TLSv1.1", "TLSv1.2"});`
			`} else {`
			`((SSLSocket) socket).setEnabledProtocols(new String[]{"TLSv1.1", "TLSv1.2",});`
Some changes 2019-05-23 21:36:02 +02:00			`}`
new code 2017-08-29 15:57:51 +02:00			`}`
			`return socket;`
			`}`
			`}`