View gist:1398995
TrustManager[] trustManagers = new TrustManager[1]; | |
trustManagers[0] = new PinningTrustManager(new String[] {"f30012bbc18c231ac1a44b788e410ce754182513"}); | |
SSLContext sslContext = SSLContext.getInstance("TLS"); | |
sslContext.init(null, trustManagers, null); | |
HttpsURLConnection urlConnection = (HttpsURLConnection)new URL("https://encrypted.google.com/").openConnection(); | |
urlConnection.setSSLSocketFactory(sslContext.getSocketFactory()); | |
InputStream in = urlConnection.getInputStream(); |
View gist:1398993
$ git clone https://github.com/moxie0/AndroidPinning.git | |
$ cd AndroidPinning | |
$ python ./pin.py /path/to/cacert.pem |
View gist:1398990
private Socket constructSSLSocket(Context context, String host, int port) { | |
AssetManager assetManager = context.getAssets(); | |
InputStream keyStoreInputStream = assetManager.open("yourapp.store"); | |
KeyStore trustStore = KeyStore.getInstance("BKS"); | |
trustStore.load(keyStoreInputStream, "somepass".toCharArray()); | |
SSLSocketFactory sslSocketFactory = new SSLSocketFactory(trustStore); | |
sslSocketFactory.setHostnameVerifier(SSLSocketFactory.STRICT_HOSTNAME_VERIFIER); | |
View gist:1398985
private InputStream makeRequest(Context context, URL url) { | |
AssetManager assetManager = context.getAssets(); | |
InputStream keyStoreInputStream = assetManager.open("yourapp.store"); | |
KeyStore trustStore = KeyStore.getInstance("BKS"); | |
trustStore.load(keyStoreInputStream, "somepass".toCharArray()); | |
TrustManagerFactory tmf = TrustManagerFactory.getInstance("X509"); | |
tmf.init(trustStore); |
View gist:1398973
$ wget http://bouncycastle.org/download/bcprov-jdk16-146.jar | |
$ keytool -importcert -file your_signing_certificate.pem -keystore yourapp.store -provider org.bouncycastle.jce.provider.BouncyCastleProvider -providerpath bcprov-jdk16-146.jar -storetype BKS |