1. 首页
  2. 问答
  3. Android 4.4支持SHA256密码吗?

Android 4.4支持SHA256密码吗?

2017-04-03 58 views
2

我正在运行Android 4.4(API级别19)的设备上工作。但是我需要开发一个连接到服务器的应用程序只支持TLSv1.2和SHA256的密码。我尝试使用旧版apache库和更新后的apache 4.4.1.2(cz.msebera.android)创建SSL上下文。创建上下文并获得支持的密码后,它们都不包含SHA256。该程序在其他Android 5.0+设备上运行良好。Android 4.4支持SHA256密码吗?

我的问题是,我可以在Android 4.4设备上以任何方式支持TLSv1.2和密码SHA256?

谢谢。

来源

2017-04-03 sing lam

回答

0

最后,我通过创建我自己的SSL工厂来解决问题:

package com.bbpos.www.payment_gp.webservice; 

public class NoSSLv3SocketFactory extends SSLSocketFactory { 
private final SSLSocketFactory delegate; 

public NoSSLv3SocketFactory() { 
    this.delegate = HttpsURLConnection.getDefaultSSLSocketFactory(); 
} 

public NoSSLv3SocketFactory(SSLSocketFactory delegate) { 
    this.delegate = delegate; 
} 

@Override 
public String[] getDefaultCipherSuites() { 
    return delegate.getDefaultCipherSuites(); 
} 

@Override 
public String[] getSupportedCipherSuites() { 
    return delegate.getSupportedCipherSuites(); 
} 

private Socket makeSocketSafe(Socket socket) { 
    if (socket instanceof SSLSocket) { 
     String[] protocols = { 
       "TLSv1.1", 
       "TLSv1.2" 
     }; 
     ((SSLSocket) socket).setEnabledProtocols(protocols); 
    } 
    return socket; 
} 

@Override 
public Socket createSocket(Socket s, String host, int port, boolean autoClose) throws IOException { 
    return makeSocketSafe(delegate.createSocket(s, host, port, autoClose)); 
} 

@Override 
public Socket createSocket(String host, int port) throws IOException { 
    return makeSocketSafe(delegate.createSocket(host, port)); 
} 

@Override 
public Socket createSocket(String host, int port, InetAddress localHost, int localPort) throws IOException { 
    return makeSocketSafe(delegate.createSocket(host, port, localHost, localPort)); 
} 

@Override 
public Socket createSocket(InetAddress host, int port) throws IOException { 
    return makeSocketSafe(delegate.createSocket(host, port)); 
} 

@Override 
public Socket createSocket(InetAddress address, int port, InetAddress localAddress, int localPort) throws IOException { 
    return makeSocketSafe(delegate.createSocket(address, port, localAddress, localPort)); 
} 

}

然后在程序开始时初始化工厂:

TrustManager[] trustAllCerts = new TrustManager[]{new X509TrustManager() { 

     public java.security.cert.X509Certificate[] getAcceptedIssuers() { 
      return new java.security.cert.X509Certificate[0]; 
     } 

     public void checkClientTrusted(java.security.cert.X509Certificate[] certs, 
             String authType) { 
     } 

     public void checkServerTrusted(java.security.cert.X509Certificate[] certs, 
             String authType) { 
     } 
    }}; 
    try { 
     SSLContext sc; 
     sc = SSLContext.getInstance("TLS"); 
     sc.init(null, trustAllCerts, new java.security.SecureRandom()); 
     SSLSocketFactory NoSSLv3Factory = new NoSSLv3SocketFactory(sc.getSocketFactory()); 
     HttpsURLConnection 
       .setDefaultSSLSocketFactory(NoSSLv3Factory); 
     HttpsURLConnection.setDefaultHostnameVerifier(new HostnameVerifier() { 
      @Override 
      public boolean verify(String hostname, SSLSession session) { 
       return true; 
      } 
     }); 

    } catch (Exception e) 
    { 

    }

来源

2017-08-15 00:59:22

+0

这是如何解决您的问题?你所做的只是启用TLS 1.1&1.2,但是你将'get * CipherSuites()'委派给一个默认的SSL套接字工厂,它仍然只返回SHA1密码,这是你原来的问题 – Hilikus

相关问题

 相关问题