diff options
| author | Daniel Gultsch <daniel@gultsch.de> | 2016-02-03 18:17:16 +0100 |
|---|---|---|
| committer | Daniel Gultsch <daniel@gultsch.de> | 2016-02-03 18:17:16 +0100 |
| commit | 7dd9545ea3777972b1d80e59dfc5166dd53cceb0 (patch) | |
| tree | 89dc43c8d8833f263f4da6588a37e38027eb91c9 | |
| parent | 1d572c61d0a55d5ac7a96ccaacd0f3243253757e (diff) | |
use TLSv1.2 as SSL context on supported plattforms
3 files changed, 14 insertions, 2 deletions
diff --git a/src/main/java/eu/siacs/conversations/http/HttpConnectionManager.java b/src/main/java/eu/siacs/conversations/http/HttpConnectionManager.java index 910c43f3..a8b31a7a 100644 --- a/src/main/java/eu/siacs/conversations/http/HttpConnectionManager.java +++ b/src/main/java/eu/siacs/conversations/http/HttpConnectionManager.java @@ -23,6 +23,7 @@ import eu.siacs.conversations.entities.Message; import eu.siacs.conversations.services.AbstractConnectionManager; import eu.siacs.conversations.services.XmppConnectionService; import eu.siacs.conversations.utils.CryptoHelper; +import eu.siacs.conversations.utils.SSLSocketHelper; public class HttpConnectionManager extends AbstractConnectionManager { @@ -76,7 +77,7 @@ public class HttpConnectionManager extends AbstractConnectionManager { new StrictHostnameVerifier()); } try { - final SSLContext sc = SSLContext.getInstance("TLS"); + final SSLContext sc = SSLSocketHelper.getSSLContext(); sc.init(null, new X509TrustManager[]{trustManager}, mXmppConnectionService.getRNG()); diff --git a/src/main/java/eu/siacs/conversations/utils/SSLSocketHelper.java b/src/main/java/eu/siacs/conversations/utils/SSLSocketHelper.java index 49e9a81a..3a8c1c0a 100644 --- a/src/main/java/eu/siacs/conversations/utils/SSLSocketHelper.java +++ b/src/main/java/eu/siacs/conversations/utils/SSLSocketHelper.java @@ -1,11 +1,14 @@ package eu.siacs.conversations.utils; +import android.os.Build; + import java.lang.reflect.Method; import java.security.NoSuchAlgorithmException; import java.util.Arrays; import java.util.Collection; import java.util.LinkedList; +import javax.net.ssl.SSLContext; import javax.net.ssl.SSLSocket; import javax.net.ssl.SSLSocketFactory; @@ -59,4 +62,12 @@ public class SSLSocketHelper { // ignore any error, we just can't set the alpn protocol... } } + + public static SSLContext getSSLContext() throws NoSuchAlgorithmException { + if (Build.VERSION.SDK_INT >= Build.VERSION_CODES.JELLY_BEAN) { + return SSLContext.getInstance("TLSv1.2"); + } else { + return SSLContext.getInstance("TLS"); + } + } } diff --git a/src/main/java/eu/siacs/conversations/xmpp/XmppConnection.java b/src/main/java/eu/siacs/conversations/xmpp/XmppConnection.java index c911f654..8b7eae39 100644 --- a/src/main/java/eu/siacs/conversations/xmpp/XmppConnection.java +++ b/src/main/java/eu/siacs/conversations/xmpp/XmppConnection.java @@ -408,7 +408,7 @@ public class XmppConnection implements Runnable { } private TlsFactoryVerifier getTlsFactoryVerifier() throws NoSuchAlgorithmException, KeyManagementException, IOException { - final SSLContext sc = SSLContext.getInstance("TLS"); + final SSLContext sc = SSLSocketHelper.getSSLContext(); MemorizingTrustManager trustManager = this.mXmppConnectionService.getMemorizingTrustManager(); KeyManager[] keyManager; if (account.getPrivateKeyAlias() != null && account.getPassword().isEmpty()) { |