如何解决X509TrustManager的此实现有什么问题?
我必须访问PlayStore中的应用,两者的实现方式相同 x509trustmanager的版本,但一直被标记为具有“不安全的实现” ',但是代码是相同的...对于如何改进它,我将不胜感激,这不是我最擅长的领域。谢谢
代码:
public void createTrustManager() {
// Create a trust manager that does not validate certificate chains
TrustManager[] trustAllCerts = new TrustManager[] {new x509trustmanager() {
@Override
public void checkClientTrusted(java.security.cert.X509Certificate[] chain,String authType) {
}
@Override
public void checkServerTrusted(java.security.cert.X509Certificate[] chain,String authType) {
try {
try {
chain[0].checkValidity();
} catch (java.security.cert.CertificateExpiredException e) {
e.printstacktrace();
} catch (java.security.cert.CertificateNotYetValidException e) {
e.printstacktrace();
}
} catch (IllegalArgumentException e) {
try {
throw new IllegalArgumentException("CertificateNotYetValidException");
} catch (IllegalArgumentException ex) {
ex.printstacktrace();
}
}
}
public java.security.cert.X509Certificate[] getAcceptedissuers() {
return null;
}
public void checkClientTrusted(X509Certificate[] certs,String authType) {
}
public void checkServerTrusted(X509Certificate[] certs,String authType) {
}
}
};
// Install the all-trusting trust manager
SSLContext sc = null;
try {
sc = SSLContext.getInstance("SSL");
} catch (NoSuchAlgorithmException e) {
e.printstacktrace();
}
try {
assert sc != null;
sc.init(null,trustAllCerts,new java.security.SecureRandom());
} catch (KeyManagementException e) {
e.printstacktrace();
}
HttpsURLConnection.setDefaultSSLSocketFactory(sc.getSocketFactory());
// Create all-trusting host name verifier
// Install the all-trusting host verifier
HttpsURLConnection.setDefaultHostnameVerifier(new HostnameVerifier() {
@Override
public boolean verify(String hostname,SSLSession arg1) {
return hostname.equalsIgnoreCase(RestFUL_URLS.DOMAIN) || hostname.equalsIgnoreCase(RestFUL_URLS.DOMAIN) || hostname.equalsIgnoreCase("reports.crashlytics.com") || hostname.equalsIgnoreCase("api.crashlytics.com") || hostname.equalsIgnoreCase("api.pushy.me") || hostname.equalsIgnoreCase("mqtt.pushy.me") || hostname.equalsIgnoreCase("play.google.com" );
}
});
}
版权声明:本文内容由互联网用户自发贡献,该文观点与技术仅代表作者本人。本站仅提供信息存储空间服务,不拥有所有权,不承担相关法律责任。如发现本站有涉嫌侵权/违法违规的内容, 请发送邮件至 dio@foxmail.com 举报,一经查实,本站将立刻删除。