Android Volley - 动态绕过证书验证
Android Volley - Bypass the certificate validation dynamically
在我的 Android 应用程序中,我使用的是 Volley 网络库。我必须在应用程序中为用户提供一个选项,以便如果启用它,我需要在建立网络连接时绕过证书验证。如果未启用,我已禁用绕过验证编码部分,以便在服务器具有有效证书时建立连接。
有人可以建议我如何在这两者之间动态切换吗?
我使用了下面的代码来绕过验证。
/**
* By passing SSL
*/
@SuppressLint("TrulyRandom")
public static void handleSSLHandshake() {
try {
TrustManager[] trustAllCerts = new TrustManager[]{new X509TrustManager() {
public X509Certificate[] getAcceptedIssuers() {
return new X509Certificate[0];
}
@Override
public void checkClientTrusted(X509Certificate[] certs, String authType) {
}
@Override
public void checkServerTrusted(X509Certificate[] certs, String authType) {
}
}};
SSLContext sc = SSLContext.getInstance("SSL");
sc.init(null, trustAllCerts, new SecureRandom());
HttpsURLConnection.setDefaultSSLSocketFactory(sc.getSocketFactory());
HttpsURLConnection.setDefaultHostnameVerifier(new HostnameVerifier() {
@Override
public boolean verify(String arg0, SSLSession arg1) {
return true;
}
});
} catch (Exception ex ) {
ex.printStackTrace();
}
}
提前致谢。
我已经解决了下面提到的这个问题。
将默认 ssl 套接字工厂和默认主机名验证器的最终对象定义为
// define the default variables for proper certificate validation
private static final SSLSocketFactory defaultSSLSocketFactory = HttpsURLConnection.getDefaultSSLSocketFactory();
private static final HostnameVerifier defaultSSLHostnameVerifier = HttpsURLConnection.getDefaultHostnameVerifier();
我已经定义了以下 3 个方法。
private void setDefaultSettingsForHttpsConnection(){
HttpsURLConnection.setDefaultSSLSocketFactory(defaultSSLSocketFactory);
HttpsURLConnection.setDefaultHostnameVerifier(defaultSSLHostnameVerifier);
}
/**
* By passing SSL
*/
@SuppressLint("TrulyRandom")
private void bypassSSLValidation() {
try {
TrustManager[] trustAllCerts = new TrustManager[]{new X509TrustManager() {
public X509Certificate[] getAcceptedIssuers() {
return new X509Certificate[0];
}
@Override
public void checkClientTrusted(X509Certificate[] certs, String authType) {
}
@Override
public void checkServerTrusted(X509Certificate[] certs, String authType) {
}
}};
SSLContext sc = SSLContext.getInstance("SSL");
sc.init(null, trustAllCerts, new SecureRandom());
HttpsURLConnection.setDefaultSSLSocketFactory(sc.getSocketFactory());
HttpsURLConnection.setDefaultHostnameVerifier(new HostnameVerifier() {
@Override
public boolean verify(String arg0, SSLSession arg1) {
return true;
}
});
} catch (NoSuchAlgorithmException | KeyManagementException ex ) {
ex.printStackTrace();
} catch(Exception ex){
ex.printStackTrace();
}
}
private void checkAndHandleSSLHandshake(Activity activity){
if(SPUtils.getBoolean(activity, SPUtils.KEY_ALLOW_SELF_SIGNED_PREF)){
bypassSSLValidation();
}else{
setDefaultSettingsForHttpsConnection();
}
}
在将网络请求添加到队列之前,我调用了 checkAndHandleSSLHandshake(context) 以便它会为每个请求动态更改设置。
在我的 Android 应用程序中,我使用的是 Volley 网络库。我必须在应用程序中为用户提供一个选项,以便如果启用它,我需要在建立网络连接时绕过证书验证。如果未启用,我已禁用绕过验证编码部分,以便在服务器具有有效证书时建立连接。
有人可以建议我如何在这两者之间动态切换吗?
我使用了下面的代码来绕过验证。
/**
* By passing SSL
*/
@SuppressLint("TrulyRandom")
public static void handleSSLHandshake() {
try {
TrustManager[] trustAllCerts = new TrustManager[]{new X509TrustManager() {
public X509Certificate[] getAcceptedIssuers() {
return new X509Certificate[0];
}
@Override
public void checkClientTrusted(X509Certificate[] certs, String authType) {
}
@Override
public void checkServerTrusted(X509Certificate[] certs, String authType) {
}
}};
SSLContext sc = SSLContext.getInstance("SSL");
sc.init(null, trustAllCerts, new SecureRandom());
HttpsURLConnection.setDefaultSSLSocketFactory(sc.getSocketFactory());
HttpsURLConnection.setDefaultHostnameVerifier(new HostnameVerifier() {
@Override
public boolean verify(String arg0, SSLSession arg1) {
return true;
}
});
} catch (Exception ex ) {
ex.printStackTrace();
}
}
提前致谢。
我已经解决了下面提到的这个问题。
将默认 ssl 套接字工厂和默认主机名验证器的最终对象定义为
// define the default variables for proper certificate validation
private static final SSLSocketFactory defaultSSLSocketFactory = HttpsURLConnection.getDefaultSSLSocketFactory();
private static final HostnameVerifier defaultSSLHostnameVerifier = HttpsURLConnection.getDefaultHostnameVerifier();
我已经定义了以下 3 个方法。
private void setDefaultSettingsForHttpsConnection(){
HttpsURLConnection.setDefaultSSLSocketFactory(defaultSSLSocketFactory);
HttpsURLConnection.setDefaultHostnameVerifier(defaultSSLHostnameVerifier);
}
/**
* By passing SSL
*/
@SuppressLint("TrulyRandom")
private void bypassSSLValidation() {
try {
TrustManager[] trustAllCerts = new TrustManager[]{new X509TrustManager() {
public X509Certificate[] getAcceptedIssuers() {
return new X509Certificate[0];
}
@Override
public void checkClientTrusted(X509Certificate[] certs, String authType) {
}
@Override
public void checkServerTrusted(X509Certificate[] certs, String authType) {
}
}};
SSLContext sc = SSLContext.getInstance("SSL");
sc.init(null, trustAllCerts, new SecureRandom());
HttpsURLConnection.setDefaultSSLSocketFactory(sc.getSocketFactory());
HttpsURLConnection.setDefaultHostnameVerifier(new HostnameVerifier() {
@Override
public boolean verify(String arg0, SSLSession arg1) {
return true;
}
});
} catch (NoSuchAlgorithmException | KeyManagementException ex ) {
ex.printStackTrace();
} catch(Exception ex){
ex.printStackTrace();
}
}
private void checkAndHandleSSLHandshake(Activity activity){
if(SPUtils.getBoolean(activity, SPUtils.KEY_ALLOW_SELF_SIGNED_PREF)){
bypassSSLValidation();
}else{
setDefaultSettingsForHttpsConnection();
}
}
在将网络请求添加到队列之前,我调用了 checkAndHandleSSLHandshake(context) 以便它会为每个请求动态更改设置。