1. 首頁
  2. 問答
  3. Android 4.4支持SHA256密碼嗎?

Android 4.4支持SHA256密碼嗎?

2017-04-03 92 views
2

我正在運行Android 4.4(API級別19)的設備上工作。但是我需要開發一個連接到服務器的應用程序只支持TLSv1.2和SHA256的密碼。我嘗試使用舊版apache庫和更新後的apache 4.4.1.2(cz.msebera.android)創建SSL上下文。創建上下文並獲得支持的密碼後,它們都不包含SHA256。該程序在其他Android 5.0+設備上運行良好。Android 4.4支持SHA256密碼嗎?

我的問題是,我可以在Android 4.4設備上以任何方式支持TLSv1.2和密碼SHA256?

謝謝。

來源

2017-04-03 sing lam

回答

0

最後,我通過創建我自己的SSL工廠來解決問題:

package com.bbpos.www.payment_gp.webservice; 

public class NoSSLv3SocketFactory extends SSLSocketFactory { 
private final SSLSocketFactory delegate; 

public NoSSLv3SocketFactory() { 
    this.delegate = HttpsURLConnection.getDefaultSSLSocketFactory(); 
} 

public NoSSLv3SocketFactory(SSLSocketFactory delegate) { 
    this.delegate = delegate; 
} 

@Override 
public String[] getDefaultCipherSuites() { 
    return delegate.getDefaultCipherSuites(); 
} 

@Override 
public String[] getSupportedCipherSuites() { 
    return delegate.getSupportedCipherSuites(); 
} 

private Socket makeSocketSafe(Socket socket) { 
    if (socket instanceof SSLSocket) { 
     String[] protocols = { 
       "TLSv1.1", 
       "TLSv1.2" 
     }; 
     ((SSLSocket) socket).setEnabledProtocols(protocols); 
    } 
    return socket; 
} 

@Override 
public Socket createSocket(Socket s, String host, int port, boolean autoClose) throws IOException { 
    return makeSocketSafe(delegate.createSocket(s, host, port, autoClose)); 
} 

@Override 
public Socket createSocket(String host, int port) throws IOException { 
    return makeSocketSafe(delegate.createSocket(host, port)); 
} 

@Override 
public Socket createSocket(String host, int port, InetAddress localHost, int localPort) throws IOException { 
    return makeSocketSafe(delegate.createSocket(host, port, localHost, localPort)); 
} 

@Override 
public Socket createSocket(InetAddress host, int port) throws IOException { 
    return makeSocketSafe(delegate.createSocket(host, port)); 
} 

@Override 
public Socket createSocket(InetAddress address, int port, InetAddress localAddress, int localPort) throws IOException { 
    return makeSocketSafe(delegate.createSocket(address, port, localAddress, localPort)); 
} 

}

然後在程序開始時初始化工廠:

TrustManager[] trustAllCerts = new TrustManager[]{new X509TrustManager() { 

     public java.security.cert.X509Certificate[] getAcceptedIssuers() { 
      return new java.security.cert.X509Certificate[0]; 
     } 

     public void checkClientTrusted(java.security.cert.X509Certificate[] certs, 
             String authType) { 
     } 

     public void checkServerTrusted(java.security.cert.X509Certificate[] certs, 
             String authType) { 
     } 
    }}; 
    try { 
     SSLContext sc; 
     sc = SSLContext.getInstance("TLS"); 
     sc.init(null, trustAllCerts, new java.security.SecureRandom()); 
     SSLSocketFactory NoSSLv3Factory = new NoSSLv3SocketFactory(sc.getSocketFactory()); 
     HttpsURLConnection 
       .setDefaultSSLSocketFactory(NoSSLv3Factory); 
     HttpsURLConnection.setDefaultHostnameVerifier(new HostnameVerifier() { 
      @Override 
      public boolean verify(String hostname, SSLSession session) { 
       return true; 
      } 
     }); 

    } catch (Exception e) 
    { 

    }

來源

2017-08-15 00:59:22

+0

這是如何解決您的問題?你所做的只是啓用TLS 1.1&1.2,但是你將'get * CipherSuites()'委派給一個默認的SSL套接字工廠,它仍然只返回SHA1密碼,這是你原來的問題 – Hilikus

相關問題

 相關問題