TSL

TSL

关注
发信
关注(28)粉丝(399)

android - 为Android Webview启用TSL1.2

我有一个使用webview的android应用程序,并使用网络安全配置XML文件固定了SSL证书。
我无法连接到相应的服务器,因为该服务器配置了TSL 1.2和1.3,并且我的应用发送了TSL 1.1请求

有什么方法可以启用TSL 1.2或其他功能吗?

....
CertificatePinner certificatePinner = new CertificatePinner.Builder()
            .add("abc.xyz.com", "sha256/AAAAABBBBBCCCCCC=")
            .build();
    try {
        tlsSocketFactory = new TLSSocketFactory();
        okHttp = new OkHttpClient.Builder().sslSocketFactory(tlsSocketFactory, tlsSocketFactory.getTrustManager()).certificatePinner(certificatePinner).build();
    } catch (KeyManagementException e) {
        e.printStackTrace();
    } catch (NoSuchAlgorithmException e) {
        e.printStackTrace();
    } catch (KeyStoreException e) {
        e.printStackTrace();
    }
    mWebView.setWebViewClient(new WebViewClient() {


        @Override
        public WebResourceResponse shouldInterceptRequest(WebView view, WebResourceRequest request) {

            String url = request.getUrl().toString();

            Request okHttpRequest = new Request.Builder().url(url)
                    .build();
            try {
                Response response = okHttp.newCall(okHttpRequest).execute();
                return new WebResourceResponse(response.header("content-type"), "", response.body().byteStream());
            } catch (IOException e) {
                e.printStackTrace();
            }
            return null;
        }

......


添加以上代码,将得到纯JSP文本。

最佳答案

您是否尝试过通过设置okhttp客户端启用tls 1.2,否则请按照以下步骤操作

 WebViewClient client = null;
    try {
        client = new WebViewClient() {
            TLSSocketFactory tlsSocketFactory = new TLSSocketFactory();
            private OkHttpClient okHttp = new OkHttpClient.Builder().sslSocketFactory(tlsSocketFactory, tlsSocketFactory.getTrustManager()).build();

            @Override
            public WebResourceResponse shouldInterceptRequest(WebView view, String url) {
                Request okHttpRequest = new Request.Builder().url(url).build();
                try {
                    Response response = okHttp.newCall(okHttpRequest).execute();
                    return new WebResourceResponse("",response.body().byteStream());
                } catch (IOException e) {
                    e.printStackTrace();
                }
                return null;
            }
        };
    } catch (Exception e) {
        e.printStackTrace();
    }
    webView.setWebViewClient(client);


现在创建一个新的TLSSocketFactory.java文件,如下所示

public class TLSSocketFactory extends SSLSocketFactory {

private final SSLSocketFactory delegate;
private TrustManager[] trustManagers;

public TLSSocketFactory() throws KeyStoreException, KeyManagementException, NoSuchAlgorithmException {
    generateTrustManagers();
    SSLContext context = SSLContext.getInstance("TLS");
    context.init(null, trustManagers, null);
    delegate = context.getSocketFactory();
}

private void generateTrustManagers() throws KeyStoreException, NoSuchAlgorithmException {
    TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
    trustManagerFactory.init((KeyStore) null);
    TrustManager[] trustManagers = trustManagerFactory.getTrustManagers();

    if (trustManagers.length != 1 || !(trustManagers[0] instanceof X509TrustManager)) {
        throw new IllegalStateException("Unexpected default trust managers:"
                + Arrays.toString(trustManagers));
    }

    this.trustManagers = trustManagers;
}

@Override
public String[] getDefaultCipherSuites() {
    return delegate.getDefaultCipherSuites();
}

@Override
public String[] getSupportedCipherSuites() {
    return delegate.getSupportedCipherSuites();
}

@Override
public Socket createSocket() throws IOException {
    return enableTLSOnSocket(delegate.createSocket());
}

@Override
public Socket createSocket(Socket s, String host, int port, boolean autoClose) throws IOException {
    return enableTLSOnSocket(delegate.createSocket(s, host, port, autoClose));
}

@Override
public Socket createSocket(String host, int port) throws IOException, UnknownHostException {
    return enableTLSOnSocket(delegate.createSocket(host, port));
}

@Override
public Socket createSocket(String host, int port, InetAddress localHost, int localPort) throws IOException, UnknownHostException {
    return enableTLSOnSocket(delegate.createSocket(host, port, localHost, localPort));
}

@Override
public Socket createSocket(InetAddress host, int port) throws IOException {
    return enableTLSOnSocket(delegate.createSocket(host, port));
}

@Override
public Socket createSocket(InetAddress address, int port, InetAddress localAddress, int localPort) throws IOException {
    return enableTLSOnSocket(delegate.createSocket(address, port, localAddress, localPort));
}

private Socket enableTLSOnSocket(Socket socket) {
    if (socket instanceof SSLSocket) {
        ((SSLSocket) socket).setEnabledProtocols(new String[]{"TLSv1.1", "TLSv1.2"});
    }
    return socket;
}

@Nullable
public X509TrustManager getTrustManager() {
    return  (X509TrustManager) trustManagers[0];
}


}

07-26 05:12
Powered by LMLPHP ©2024 TSL 0.033387