Android Volley-动态绕过证书验证

问题描述 投票:0回答:1

在我的Android应用程序中,我正在使用Volley网络库。我必须在应用程序中为用户提供一个选项,以便如果启用该选项,则在建立网络连接时需要绕过证书验证。如果未启用,则禁用旁路验证编码部分,以便在服务器具有有效证书的情况下建立连接。

有人可以建议我如何动态地在这两个之间切换吗?

我已使用以下代码绕过验证。

/**
* By passing SSL
*/
@SuppressLint("TrulyRandom")
public static void handleSSLHandshake() {
    try {
        TrustManager[] trustAllCerts = new TrustManager[]{new X509TrustManager() {
            public X509Certificate[] getAcceptedIssuers() {
                return new X509Certificate[0];
            }

            @Override
            public void checkClientTrusted(X509Certificate[] certs, String authType) {
            }

            @Override
            public void checkServerTrusted(X509Certificate[] certs, String authType) {
            }
        }};

        SSLContext sc = SSLContext.getInstance("SSL");
        sc.init(null, trustAllCerts, new SecureRandom());
        HttpsURLConnection.setDefaultSSLSocketFactory(sc.getSocketFactory());
        HttpsURLConnection.setDefaultHostnameVerifier(new HostnameVerifier() {
            @Override
            public boolean verify(String arg0, SSLSession arg1) {
                return true;
            }
        });
    } catch (Exception ex ) {
        ex.printStackTrace();
    }
}

提前感谢。

android android-volley
1个回答
0
投票

我已经解决了如下所述的问题。

将默认ssl套接字工厂和默认主机名验证程序的最终对象定义为

// define the default variables for proper certificate validation
private static final SSLSocketFactory defaultSSLSocketFactory = HttpsURLConnection.getDefaultSSLSocketFactory();
private static final HostnameVerifier defaultSSLHostnameVerifier = HttpsURLConnection.getDefaultHostnameVerifier();

我已经定义了以下三种方法。

private void setDefaultSettingsForHttpsConnection(){
    HttpsURLConnection.setDefaultSSLSocketFactory(defaultSSLSocketFactory);
    HttpsURLConnection.setDefaultHostnameVerifier(defaultSSLHostnameVerifier);
}

/**
 * By passing SSL
 */
@SuppressLint("TrulyRandom")
private void bypassSSLValidation() {
    try {
        TrustManager[] trustAllCerts = new TrustManager[]{new X509TrustManager() {
            public X509Certificate[] getAcceptedIssuers() {
                return new X509Certificate[0];
            }

            @Override
            public void checkClientTrusted(X509Certificate[] certs, String authType) {
            }

            @Override
            public void checkServerTrusted(X509Certificate[] certs, String authType) {
            }
        }};

        SSLContext sc = SSLContext.getInstance("SSL");
        sc.init(null, trustAllCerts, new SecureRandom());
        HttpsURLConnection.setDefaultSSLSocketFactory(sc.getSocketFactory());
        HttpsURLConnection.setDefaultHostnameVerifier(new HostnameVerifier() {
            @Override
            public boolean verify(String arg0, SSLSession arg1) {
                return true;
            }
        });
    } catch (NoSuchAlgorithmException | KeyManagementException ex ) {
        ex.printStackTrace();
    } catch(Exception ex){
        ex.printStackTrace();
    }
}

private void checkAndHandleSSLHandshake(Activity activity){
    if(SPUtils.getBoolean(activity, SPUtils.KEY_ALLOW_SELF_SIGNED_PREF)){
        bypassSSLValidation();
    }else{
        setDefaultSettingsForHttpsConnection();
    }
}

在将网络请求添加到队列之前,我正在调用checkAndHandleSSLHandshake(context),以便它将为每个请求动态更改设置。

最新问题
© www.soinside.com 2019 - 2024. All rights reserved.