Menu
First of all, I am new to this encryption operations and I don't know whether my question is proper to ask or not! any solution is appreciated ...
In my project I use this code to create SSLSocketFactory for services:
public static SSLSocketFactory getGlobalSSlFactory() {
try {
CertificateFactory cf = CertificateFactory.getInstance("X.509", "BC");
InputStream caInput = context.getResources().openRawResource(xxxxxxx);
Certificate ca = cf.generateCertificate(caInput);
caInput.close();
KeyStore keyStore = KeyStore.getInstance("BKS");
keyStore.load(null, null);
keyStore.setCertificateEntry("ca", ca);
String tmfAlgorithm = TrustManagerFactory.getDefaultAlgorithm();
TrustManagerFactory tmf = TrustManagerFactory.getInstance(tmfAlgorithm);
tmf.init(keyStore);
KeyManagerFactory kmf = KeyManagerFactory.getInstance(
KeyManagerFactory.getDefaultAlgorithm());
kmf.init(keyStore, "xxxxxxx".toCharArray());
final SSLContext sslContext = SSLContext.getInstance("TLS");
sslContext.init(null, tmf.getTrustManagers(), null);
return sslContext.getSocketFactory();
} catch (Exception e) {
e.printStackTrace();
return null;
}
}
The error I get when testing on device with android ( Pie ) :
google says: https://android-developers.googleblog.com/2018/03/cryptography-changes-in-android-p.html
Important part :
"To resolve this, you should stop specifying a provider and use the default implementation."
How should I change my code ?
** more explanations **
I did what @sonhvp said but after testing that this error comes :
And error come to this line :
Certificate ca = cf.generateCertificate(caInput);
This is my android version :
982
As the document said, "From Android N, we don’t recommend specifying the provider". So just remove all provider in your crypto.
In your method
CertificateFactory cf = CertificateFactory.getInstance("X.509", "BC");
remove provider ("BC")
CertificateFactory cf = CertificateFactory.getInstance("X.509");
Other methods is fine. Because it doesn't specifying a provider
KeyStore.getInstance("BKS"); //no provider
TrustManagerFactory.getInstance(tmfAlgorithm); //no provider
KeyManagerFactory.getInstance(KeyManagerFactory.getDefaultAlgorithm()); //no provider
SSLContext.getInstance("TLS"); //no provider
Something is wrong with your cert file in raw folder. I created an cert file an run it with your code without any issue. Just change to CertificateFactory.getInstance("X.509"). Try with my cert file
public class Test {
public Test(AppCompatActivity activity) {
context = activity;
}
private Context context;
public SSLSocketFactory getGlobalSSlFactory() {
try {
CertificateFactory cf = CertificateFactory.getInstance("X.509");
InputStream caInput = context.getResources().openRawResource(R.raw.test);
Certificate ca = cf.generateCertificate(caInput);
caInput.close();
KeyStore keyStore = KeyStore.getInstance("BKS");
keyStore.load(null, null);
keyStore.setCertificateEntry("ca", ca);
String tmfAlgorithm = TrustManagerFactory.getDefaultAlgorithm();
TrustManagerFactory tmf = TrustManagerFactory.getInstance(tmfAlgorithm);
tmf.init(keyStore);
KeyManagerFactory kmf = KeyManagerFactory.getInstance(
KeyManagerFactory.getDefaultAlgorithm());
kmf.init(keyStore, "xxxxxxx".toCharArray());
final SSLContext sslContext = SSLContext.getInstance("TLS");
sslContext.init(null, tmf.getTrustManagers(), null);
return sslContext.getSocketFactory();
} catch (Exception e) {
e.printStackTrace();
return null;
}
}
}
My Activity
class MainActivity : AppCompatActivity() {
override fun onCreate(savedInstanceState: Bundle?) {
super.onCreate(savedInstanceState)
setContentView(R.layout.activity_main)
val test = Test(this)
test.globalSSlFactory.createSocket()
}
}
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
