app: trust all HTTPS connection

hariimurti · Jul 8, 2021 · 1ce2944 · 1ce2944
1 parent e4f989a
commit 1ce2944
Show file tree

Hide file tree

Showing 4 changed files with 78 additions and 22 deletions.
diff --git a/app/src/main/java/net/harimurti/tv/MainActivity.java b/app/src/main/java/net/harimurti/tv/MainActivity.java
@@ -92,13 +92,12 @@ protected void onCreate(Bundle savedInstanceState) {
         btnReload.setOnClickListener(view -> queueRequest(reqPlaylist));
 
         // volley library
-        BaseHttpStack stack = new HurlStack();
-        if (Build.VERSION.SDK_INT == VERSION_CODES.KITKAT) {
-            try {
-                stack = new HurlStack(null, new TLSSocketFactory());
-            } catch (KeyManagementException | NoSuchAlgorithmException e) {
-                Log.e("Volley", "Could not create new stack for TLS v1.2!", e);
-            }
+        BaseHttpStack stack;
+        try {
+            stack = new HurlStack(null, new TLSSocketFactory());
+        } catch (KeyManagementException | NoSuchAlgorithmException e) {
+            stack = new HurlStack();
+            Log.e("Main", "Could not create new stack for TLS connection!", e);
         }
         request = Volley.newRequestQueue(this, stack);
         reqPlaylist = new StringRequest(Request.Method.GET,

diff --git a/app/src/main/java/net/harimurti/tv/PlayerActivity.java b/app/src/main/java/net/harimurti/tv/PlayerActivity.java
@@ -26,7 +26,10 @@
 import net.harimurti.tv.extra.JsonPlaylist;
 import net.harimurti.tv.extra.Network;
 import net.harimurti.tv.extra.Preferences;
+import net.harimurti.tv.extra.TLSSocketFactory;
 
+import java.security.KeyManagementException;
+import java.security.NoSuchAlgorithmException;
 import java.util.Objects;
 
 public class PlayerActivity extends AppCompatActivity {
@@ -46,6 +49,13 @@ protected void onCreate(Bundle savedInstanceState) {
         isFirst = false;
         Preferences preferences = new Preferences(this);
 
+        // trust all https connection
+        try {
+            new TLSSocketFactory().trustAllHttps();
+        } catch (KeyManagementException | NoSuchAlgorithmException e) {
+            Log.e("Player", "Could not trust all HTTPS connection!", e);
+        }
+
         // define some view
         layoutStatus = findViewById(R.id.layout_status);
         layoutSpin = findViewById(R.id.layout_spin);

diff --git a/app/src/main/java/net/harimurti/tv/extra/HttpsTrustManager.java b/app/src/main/java/net/harimurti/tv/extra/HttpsTrustManager.java
@@ -0,0 +1,33 @@
+package net.harimurti.tv.extra;
+
+import android.annotation.SuppressLint;
+
+import java.security.cert.X509Certificate;
+import javax.net.ssl.X509TrustManager;
+
+public class HttpsTrustManager implements X509TrustManager {
+
+    private static final X509Certificate[] _AcceptedIssuers = new X509Certificate[] { };
+
+    @SuppressLint("TrustAllX509TrustManager")
+    @Override
+    public void checkClientTrusted(java.security.cert.X509Certificate[] x509Certificates, String s) { }
+
+    @SuppressLint("TrustAllX509TrustManager")
+    @Override
+    public void checkServerTrusted(java.security.cert.X509Certificate[] x509Certificates, String s) { }
+
+    public boolean isClientTrusted(X509Certificate[] chain) {
+        return true;
+    }
+
+    public boolean isServerTrusted(X509Certificate[] chain) {
+        return true;
+    }
+
+    @Override
+    public X509Certificate[] getAcceptedIssuers() {
+        return _AcceptedIssuers;
+    }
+
+}
diff --git a/app/src/main/java/net/harimurti/tv/extra/TLSSocketFactory.java b/app/src/main/java/net/harimurti/tv/extra/TLSSocketFactory.java
@@ -3,62 +3,76 @@
 import java.io.IOException;
 import java.net.InetAddress;
 import java.net.Socket;
-import java.net.UnknownHostException;
 import java.security.KeyManagementException;
 import java.security.NoSuchAlgorithmException;
+import java.security.SecureRandom;
 
+import javax.net.ssl.HttpsURLConnection;
 import javax.net.ssl.SSLContext;
 import javax.net.ssl.SSLSocket;
 import javax.net.ssl.SSLSocketFactory;
+import javax.net.ssl.TrustManager;
 
 public class TLSSocketFactory extends SSLSocketFactory {
 
-    private SSLSocketFactory internalSSLSocketFactory;
+    private static TrustManager[] trustManagers;
+    private final SSLSocketFactory factory;
 
     public TLSSocketFactory() throws KeyManagementException, NoSuchAlgorithmException {
-        SSLContext context = SSLContext.getInstance("TLS");
-        context.init(null, null, null);
-        internalSSLSocketFactory = context.getSocketFactory();
+        if (trustManagers == null) {
+            trustManagers = new TrustManager[] {
+                    new HttpsTrustManager()
+            };
+        }
+
+        SSLContext sslContext = SSLContext.getInstance("TLS");
+        sslContext.init(null, trustManagers, new SecureRandom());
+        factory = sslContext.getSocketFactory();
+    }
+
+    public void trustAllHttps() {
+        HttpsURLConnection.setDefaultHostnameVerifier((arg0, arg1) -> true);
+        HttpsURLConnection.setDefaultSSLSocketFactory(factory);
     }
 
     @Override
     public String[] getDefaultCipherSuites() {
-        return internalSSLSocketFactory.getDefaultCipherSuites();
+        return factory.getDefaultCipherSuites();
     }
 
     @Override
     public String[] getSupportedCipherSuites() {
-        return internalSSLSocketFactory.getSupportedCipherSuites();
+        return factory.getSupportedCipherSuites();
     }
 
     @Override
     public Socket createSocket() throws IOException {
-        return enableTLSOnSocket(internalSSLSocketFactory.createSocket());
+        return enableTLSOnSocket(factory.createSocket());
     }
 
     @Override
     public Socket createSocket(Socket s, String host, int port, boolean autoClose) throws IOException {
-        return enableTLSOnSocket(internalSSLSocketFactory.createSocket(s, host, port, autoClose));
+        return enableTLSOnSocket(factory.createSocket(s, host, port, autoClose));
     }
 
     @Override
-    public Socket createSocket(String host, int port) throws IOException, UnknownHostException {
-        return enableTLSOnSocket(internalSSLSocketFactory.createSocket(host, port));
+    public Socket createSocket(String host, int port) throws IOException {
+        return enableTLSOnSocket(factory.createSocket(host, port));
     }
 
     @Override
-    public Socket createSocket(String host, int port, InetAddress localHost, int localPort) throws IOException, UnknownHostException {
-        return enableTLSOnSocket(internalSSLSocketFactory.createSocket(host, port, localHost, localPort));
+    public Socket createSocket(String host, int port, InetAddress localHost, int localPort) throws IOException {
+        return enableTLSOnSocket(factory.createSocket(host, port, localHost, localPort));
     }
 
     @Override
     public Socket createSocket(InetAddress host, int port) throws IOException {
-        return enableTLSOnSocket(internalSSLSocketFactory.createSocket(host, port));
+        return enableTLSOnSocket(factory.createSocket(host, port));
     }
 
     @Override
     public Socket createSocket(InetAddress address, int port, InetAddress localAddress, int localPort) throws IOException {
-        return enableTLSOnSocket(internalSSLSocketFactory.createSocket(address, port, localAddress, localPort));
+        return enableTLSOnSocket(factory.createSocket(address, port, localAddress, localPort));
     }
 
     private Socket enableTLSOnSocket(Socket socket) {