Skip to content

Instantly share code, notes, and snippets.

@Danesz
Forked from Kishanjvaghela/TLSSocketFactory.java
Created March 6, 2017 08:09
Show Gist options
  • Save Danesz/0bc5c4d9b060abdf6be9d3d45efc3dfc to your computer and use it in GitHub Desktop.
Save Danesz/0bc5c4d9b060abdf6be9d3d45efc3dfc to your computer and use it in GitHub Desktop.
Custom SSLSocketFactory Implementation to enable tls 1.1 and tls 1.2 for android 4.1 (16+)
package net.cogindo.ssl;
import java.io.IOException;
import java.net.InetAddress;
import java.net.Socket;
import java.net.UnknownHostException;
import java.security.KeyManagementException;
import java.security.NoSuchAlgorithmException;
import javax.net.ssl.SSLContext;
import javax.net.ssl.SSLSocket;
import javax.net.ssl.SSLSocketFactory;
/**
* @author fkrauthan
*/
public class TLSSocketFactory extends SSLSocketFactory {
private SSLSocketFactory internalSSLSocketFactory;
public TLSSocketFactory() throws KeyManagementException, NoSuchAlgorithmException {
SSLContext context = SSLContext.getInstance("TLS");
context.init(null, null, null);
internalSSLSocketFactory = context.getSocketFactory();
}
@Override
public String[] getDefaultCipherSuites() {
return internalSSLSocketFactory.getDefaultCipherSuites();
}
@Override
public String[] getSupportedCipherSuites() {
return internalSSLSocketFactory.getSupportedCipherSuites();
}
@Override
public Socket createSocket(Socket s, String host, int port, boolean autoClose) throws IOException {
return enableTLSOnSocket(internalSSLSocketFactory.createSocket(s, host, port, autoClose));
}
@Override
public Socket createSocket(String host, int port) throws IOException, UnknownHostException {
return enableTLSOnSocket(internalSSLSocketFactory.createSocket(host, port));
}
@Override
public Socket createSocket(String host, int port, InetAddress localHost, int localPort) throws IOException, UnknownHostException {
return enableTLSOnSocket(internalSSLSocketFactory.createSocket(host, port, localHost, localPort));
}
@Override
public Socket createSocket(InetAddress host, int port) throws IOException {
return enableTLSOnSocket(internalSSLSocketFactory.createSocket(host, port));
}
@Override
public Socket createSocket(InetAddress address, int port, InetAddress localAddress, int localPort) throws IOException {
return enableTLSOnSocket(internalSSLSocketFactory.createSocket(address, port, localAddress, localPort));
}
private Socket enableTLSOnSocket(Socket socket) {
if(socket != null && (socket instanceof SSLSocket)) {
((SSLSocket)socket).setEnabledProtocols(new String[] {"TLSv1.1", "TLSv1.2"});
}
return socket;
}
}
private void setUpAdapter() {
OkHttpClient.Builder builder = new OkHttpClient.Builder();
try {
X509TrustManager trustManager = getTrustManager();
if (trustManager != null) {
TLSSocketFactory socketFactory = new TLSSocketFactory();
builder.sslSocketFactory(socketFactory, getTrustManager());
}
} catch (KeyManagementException | IllegalStateException | NoSuchAlgorithmException e) {
e.printStackTrace();
}
OkHttpClient okHttpClient = builder.build();
}
private static X509TrustManager getTrustManager() {
TrustManagerFactory trustManagerFactory = null;
try {
trustManagerFactory =
TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
trustManagerFactory.init((KeyStore) null);
TrustManager[] trustManagers = trustManagerFactory.getTrustManagers();
if (trustManagers.length != 1 || !(trustManagers[0] instanceof X509TrustManager)) {
//throw new IllegalStateException(
// "Unexpected default trust managers:" + Arrays.toString(trustManagers));
return null;
}
return (X509TrustManager) trustManagers[0];
} catch (NoSuchAlgorithmException e) {
e.printStackTrace();
return null;
} catch (KeyStoreException e) {
e.printStackTrace();
return null;
}
}
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment