Last active
June 25, 2022 21:47
-
-
Save ByteHamster/f488f9993eeb6679c2b5f0180615d518 to your computer and use it in GitHub Desktop.
ConscryptProviderInstaller Proof-Of-Concept
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| /* | |
| * This class would be distributed as a small library to be included in apps. | |
| * The library does NOT need the (large) Conscrypt dependency. | |
| */ | |
| package de.danoeh.antennapod.core; | |
| import android.content.Context; | |
| import android.content.pm.PackageManager; | |
| import java.lang.reflect.InvocationTargetException; | |
| import java.lang.reflect.Method; | |
| public class ConscryptProviderInstaller { | |
| private static boolean installed = false; | |
| public static void installIfNeeded(Context context) { | |
| if (installed) { | |
| return; | |
| } | |
| try { | |
| Context targetContext = context.createPackageContext("com.bytehamster.providerinstaller", | |
| Context.CONTEXT_INCLUDE_CODE | Context.CONTEXT_IGNORE_SECURITY); | |
| ClassLoader classLoader = targetContext.getClassLoader(); | |
| Class installClass = classLoader.loadClass("com.bytehamster.providerinstaller.ProviderInstallerImpl"); | |
| Method installMethod = installClass.getMethod("install", new Class[]{ }); | |
| installMethod.invoke(null); | |
| installed = true; | |
| } catch (PackageManager.NameNotFoundException | ClassNotFoundException | |
| | NoSuchMethodException | IllegalAccessException | InvocationTargetException e) { | |
| e.printStackTrace(); | |
| } | |
| } | |
| } |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| /* | |
| * This class is located in another apk that needs to be installed separately. | |
| * Its code and Conscrypt library can be shared with other apps. | |
| * This apk (com.bytehamster.providerinstaller) needs the (large) Conscrypt dependency. | |
| */ | |
| package com.bytehamster.providerinstaller; | |
| import android.util.Log; | |
| import org.conscrypt.Conscrypt; | |
| import java.security.Security; | |
| public class ProviderInstallerImpl { | |
| private static final String TAG = "ProviderInstallerImpl"; | |
| public static void install() { | |
| Log.d(TAG, "Installing provider..."); | |
| Security.insertProviderAt(Conscrypt.newProvider(), 1); | |
| Log.d(TAG, "Provider installed successfully."); | |
| } | |
| } |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Hi all thanks for your efforts on the gist and discussions around it and the blog post. FWIW I decided to take the an easy approach for myself, which is creating a Conscrypt Provider, I'm going to be using it from another app of mine because I wanted to provide TLS 1.3 capabilities to old Android devices.
In theory anyone could call from their own app. I've included instructions on including it from another app including how to check for my signature or F-Droid's signature.
I've also submitted an app inclusion request on F-Droid.