package fr.gouv.etalab.mastodon.client; /** * Created by Thomas on 20/05/2017. * Custom MySSLSocketFactory */ import java.io.IOException; import java.net.Socket; import java.security.KeyManagementException; import java.security.KeyStore; import java.security.KeyStoreException; import java.security.NoSuchAlgorithmException; import java.security.UnrecoverableKeyException; import java.security.cert.CertificateException; import java.security.cert.X509Certificate; import javax.net.ssl.SSLContext; import javax.net.ssl.SSLSocket; import javax.net.ssl.TrustManager; import javax.net.ssl.X509TrustManager; /** * This file is introduced to fix HTTPS Post bug on API < ICS see * https://code.google.com/p/android/issues/detail?id=13117#c14

 

Warning! This omits SSL * certificate validation on every device, use with caution */ public class MastalabSSLSocketFactory extends com.loopj.android.http.MySSLSocketFactory { private final SSLContext sslContext = SSLContext.getInstance("TLS"); /** * Creates a new SSL Socket Factory with the given KeyStore. * * @param truststore A KeyStore to create the SSL Socket Factory in context of * @throws NoSuchAlgorithmException NoSuchAlgorithmException * @throws KeyManagementException KeyManagementException * @throws KeyStoreException KeyStoreException * @throws UnrecoverableKeyException UnrecoverableKeyException */ public MastalabSSLSocketFactory(KeyStore truststore) throws NoSuchAlgorithmException, KeyManagementException, KeyStoreException, UnrecoverableKeyException { super(truststore); X509TrustManager tm = new X509TrustManager() { public void checkClientTrusted(X509Certificate[] chain, String authType) throws CertificateException { } public void checkServerTrusted(X509Certificate[] chain, String authType) throws CertificateException { } public X509Certificate[] getAcceptedIssuers() { return null; } }; sslContext.init(null, new TrustManager[]{tm}, null); } @Override public Socket createSocket(Socket socket, String host, int port, boolean autoClose) throws IOException { return enableTLSOnSocket(sslContext.getSocketFactory().createSocket(socket, host, port, autoClose)); } @Override public Socket createSocket() throws IOException { return enableTLSOnSocket(sslContext.getSocketFactory().createSocket()); } private Socket enableTLSOnSocket(Socket socket) { if(socket != null && (socket instanceof SSLSocket)) { ((SSLSocket)socket).setEnabledProtocols(new String[] {"TLSv1.1", "TLSv1.2"}); } return socket; } }