由于Android 5.0棒棒糖我无法通过SSL或使用TLSv1通信服务器(X509TrustManager) [英] Since Android Lollipop 5.0 I am not able to communicate to server (X509TrustManager) via SSL or TLSv1
问题描述
我希望有人能帮助我在这里。由于Android 5.0棒棒糖我无法通过SSL通信服务器(X509TrustManager)。
这似乎是应用程序是一个无限循环试图建立握手进入。这里是我的code:
I hope someone can help me here. Since Android Lollipop 5.0 I am not able to communicate to server (X509TrustManager) via SSL. It seems like the app is entering in a infinity loop trying to establish handshake. Here is my code:
SSLContext sc;
SSLSocket sslsock;
Socket sock;
// Constructor
RfbProto(String h, int p) throws IOException{
host = h;
port = p;
TrustManager[] trustAllCerts = new TrustManager[] {
new X509TrustManager() {
public java.security.cert.X509Certificate[] getAcceptedIssuers() {
return null;
}
public void checkClientTrusted(X509Certificate[] certs, String authType){}
public void checkServerTrusted(X509Certificate[] certs, String authType){}
}
};
try {
sc = SSLContext.getInstance("SSL");
sc.init(null, trustAllCerts, new java.security.SecureRandom());
} catch (Exception e) { }
sock = new Socket();
sock.connect(new InetSocketAddress(host, port), 5000);
sock.setSoTimeout(10000);
SSLSocketFactory factory = (SSLSocketFactory)sc.getSocketFactory();
sslsock = (SSLSocket)factory.createSocket(sock, null, 0, false);
is = new DataInputStream(new BufferedInputStream(sock.getInputStream(), 16384));
os = sock.getOutputStream();
timing = false;
timeWaitedIn100us = 5;
timedKbits = 0;
}
public void enableSSL() throws IOException{
this.sslEnabled = true;
final SSLSocket fSock = sslsock;
sslsock.addHandshakeCompletedListener(new HandshakeCompletedListener() {
@Override
public void handshakeCompleted(HandshakeCompletedEvent event) {
try {
Certificate[] peerCertificates = event.getPeerCertificates();
if (peerCertificates.length > 0) {
serverCertificate = (X509Certificate)peerCertificates[0];
}
is = new DataInputStream(new BufferedInputStream(fSock.getInputStream(), 16384));
os = fSock.getOutputStream();
} catch (SSLPeerUnverifiedException e) {
e.printStackTrace();
} catch (IOException e) {
e.printStackTrace();
}
}
});
try {
fSock.startHandshake();
} catch (IOException e) {
e.printStackTrace();
}
}
纵观的是Android 5.0的更改,也有一些变化在TLS / SSL默认配置,但我不知道从哪里开始。
任何帮助将是AP preciated
Looking at the Android 5.0 changes, there are some changes at the TLS/SSL default configuration, but I'm not sure where to start. Any help would be appreciated
推荐答案
特里出强制使用TLSv1 handhsake。自去年yeat SSL年底被假定为弱势(狮子狗),并在大量的服务器应用程序被禁用(例如,所有的支付组织,如签证/万事达卡)。
Trie out to force TLSv1 handhsake. Since end of last yeat SSL is assumed as vulnerable (POODLE) and in a lots of servers apps was disabled (eg, all payment organisations like Visa / MasterCard).
这篇关于由于Android 5.0棒棒糖我无法通过SSL或使用TLSv1通信服务器(X509TrustManager)的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!