Android 4.4能否支持SHA256的密码?

时间:2017-04-03 01:14:45

标签: android ssl encryption sha256

我正在开发运行Android 4.4(API级别19)的设备。但是我需要开发一个连接到服务器的应用程序,只支持TLSv1.2和SHA256的密码。我尝试使用旧版apache库和更新的apache 4.4.1.2(cz.msebera.android)创建SSL上下文。在创建上下文并获得支持的密码后,它们中没有任何内容包含SHA256。该程序在其他Android 5.0+设备上正常运行。

我的问题是,我可以在Android 4.4设备上支持TLSv1.2和密码SHA256吗?

感谢。

2 个答案:

答案 0 :(得分:1)

  

...运行Android 4.4(API级别19)

根据documentation of SSLSocket任何使用SHA-256作为HMAC的密码仅在API级别20以后可用。

答案 1 :(得分:0)

最后,我通过创建我自己的SSL工厂解决了这个问题:

package com.bbpos.www.payment_gp.webservice; 

public class NoSSLv3SocketFactory extends SSLSocketFactory {
private final SSLSocketFactory delegate;

public NoSSLv3SocketFactory() {
    this.delegate = HttpsURLConnection.getDefaultSSLSocketFactory();
}

public NoSSLv3SocketFactory(SSLSocketFactory delegate) {
    this.delegate = delegate;
}

@Override
public String[] getDefaultCipherSuites() {
    return delegate.getDefaultCipherSuites();
}

@Override
public String[] getSupportedCipherSuites() {
    return delegate.getSupportedCipherSuites();
}

private Socket makeSocketSafe(Socket socket) {
    if (socket instanceof SSLSocket) {
        String[] protocols = {
                "TLSv1.1",
                "TLSv1.2"
        };
        ((SSLSocket) socket).setEnabledProtocols(protocols);
    }
    return socket;
}

@Override
public Socket createSocket(Socket s, String host, int port, boolean autoClose) throws IOException {
    return makeSocketSafe(delegate.createSocket(s, host, port, autoClose));
}

@Override
public Socket createSocket(String host, int port) throws IOException {
    return makeSocketSafe(delegate.createSocket(host, port));
}

@Override
public Socket createSocket(String host, int port, InetAddress localHost, int localPort) throws IOException {
    return makeSocketSafe(delegate.createSocket(host, port, localHost, localPort));
}

@Override
public Socket createSocket(InetAddress host, int port) throws IOException {
    return makeSocketSafe(delegate.createSocket(host, port));
}

@Override
public Socket createSocket(InetAddress address, int port, InetAddress localAddress, int localPort) throws IOException {
    return makeSocketSafe(delegate.createSocket(address, port, localAddress, localPort));
}

}

然后在程序开始时初始化工厂:

TrustManager[] trustAllCerts = new TrustManager[]{new X509TrustManager() {

        public java.security.cert.X509Certificate[] getAcceptedIssuers() {
            return new java.security.cert.X509Certificate[0];
        }

        public void checkClientTrusted(java.security.cert.X509Certificate[] certs,
                                       String authType) {
        }

        public void checkServerTrusted(java.security.cert.X509Certificate[] certs,
                                       String authType) {
        }
    }};
    try {
        SSLContext sc;
        sc = SSLContext.getInstance("TLS");
        sc.init(null, trustAllCerts, new java.security.SecureRandom());
        SSLSocketFactory NoSSLv3Factory = new NoSSLv3SocketFactory(sc.getSocketFactory());
        HttpsURLConnection
                .setDefaultSSLSocketFactory(NoSSLv3Factory);
        HttpsURLConnection.setDefaultHostnameVerifier(new HostnameVerifier() {
            @Override
            public boolean verify(String hostname, SSLSession session) {
                return true;
            }
        });

    } catch (Exception e)
    {

    }
相关问题
最新问题