This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
$ wget http://bouncycastle.org/download/bcprov-jdk16-146.jar | |
$ keytool -importcert -file your_signing_certificate.pem -keystore yourapp.store -provider org.bouncycastle.jce.provider.BouncyCastleProvider -providerpath bcprov-jdk16-146.jar -storetype BKS |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
private InputStream makeRequest(Context context, URL url) { | |
AssetManager assetManager = context.getAssets(); | |
InputStream keyStoreInputStream = assetManager.open("yourapp.store"); | |
KeyStore trustStore = KeyStore.getInstance("BKS"); | |
trustStore.load(keyStoreInputStream, "somepass".toCharArray()); | |
TrustManagerFactory tmf = TrustManagerFactory.getInstance("X509"); | |
tmf.init(trustStore); |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
private Socket constructSSLSocket(Context context, String host, int port) { | |
AssetManager assetManager = context.getAssets(); | |
InputStream keyStoreInputStream = assetManager.open("yourapp.store"); | |
KeyStore trustStore = KeyStore.getInstance("BKS"); | |
trustStore.load(keyStoreInputStream, "somepass".toCharArray()); | |
SSLSocketFactory sslSocketFactory = new SSLSocketFactory(trustStore); | |
sslSocketFactory.setHostnameVerifier(SSLSocketFactory.STRICT_HOSTNAME_VERIFIER); | |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
$ git clone https://github.com/moxie0/AndroidPinning.git | |
$ cd AndroidPinning | |
$ python ./pin.py /path/to/cacert.pem |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
TrustManager[] trustManagers = new TrustManager[1]; | |
trustManagers[0] = new PinningTrustManager(new String[] {"f30012bbc18c231ac1a44b788e410ce754182513"}); | |
SSLContext sslContext = SSLContext.getInstance("TLS"); | |
sslContext.init(null, trustManagers, null); | |
HttpsURLConnection urlConnection = (HttpsURLConnection)new URL("https://encrypted.google.com/").openConnection(); | |
urlConnection.setSSLSocketFactory(sslContext.getSocketFactory()); | |
InputStream in = urlConnection.getInputStream(); |