Skip to content

Instantly share code, notes, and snippets.

Avatar

Moxie Marlinspike moxie0

View GitHub Profile
View gist:1398985
private InputStream makeRequest(Context context, URL url) {
AssetManager assetManager = context.getAssets();
InputStream keyStoreInputStream = assetManager.open("yourapp.store");
KeyStore trustStore = KeyStore.getInstance("BKS");
trustStore.load(keyStoreInputStream, "somepass".toCharArray());
TrustManagerFactory tmf = TrustManagerFactory.getInstance("X509");
tmf.init(trustStore);
View gist:1398993
$ git clone https://github.com/moxie0/AndroidPinning.git
$ cd AndroidPinning
$ python ./pin.py /path/to/cacert.pem
View gist:1398973
$ wget http://bouncycastle.org/download/bcprov-jdk16-146.jar
$ keytool -importcert -file your_signing_certificate.pem -keystore yourapp.store -provider org.bouncycastle.jce.provider.BouncyCastleProvider -providerpath bcprov-jdk16-146.jar -storetype BKS
View gist:1398990
private Socket constructSSLSocket(Context context, String host, int port) {
AssetManager assetManager = context.getAssets();
InputStream keyStoreInputStream = assetManager.open("yourapp.store");
KeyStore trustStore = KeyStore.getInstance("BKS");
trustStore.load(keyStoreInputStream, "somepass".toCharArray());
SSLSocketFactory sslSocketFactory = new SSLSocketFactory(trustStore);
sslSocketFactory.setHostnameVerifier(SSLSocketFactory.STRICT_HOSTNAME_VERIFIER);
View gist:1398995
TrustManager[] trustManagers = new TrustManager[1];
trustManagers[0] = new PinningTrustManager(new String[] {"f30012bbc18c231ac1a44b788e410ce754182513"});
SSLContext sslContext = SSLContext.getInstance("TLS");
sslContext.init(null, trustManagers, null);
HttpsURLConnection urlConnection = (HttpsURLConnection)new URL("https://encrypted.google.com/").openConnection();
urlConnection.setSSLSocketFactory(sslContext.getSocketFactory());
InputStream in = urlConnection.getInputStream();
You can’t perform that action at this time.