Created
October 17, 2018 14:38
-
-
Save iammert/a61042c45ee1d52c60ce7936ddc1e981 to your computer and use it in GitHub Desktop.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| public final class RawCertificatePinner implements OkHttpCertificatePinner{ | |
| private static final String CERTIFICATE_TYPE = "BKS"; | |
| private static final String DEFAULT_TLS_VERSION = "TLSv1.2"; | |
| private final Context context; | |
| @RawRes | |
| private final int certificate; | |
| private final String certificatePassword; | |
| @Inject | |
| public RawCertificatePinner(@NonNull Context context, | |
| @RawRes int certificate, | |
| @NonNull String certificatePassword) { | |
| this.context = context.getApplicationContext(); | |
| this.certificate = certificate; | |
| this.certificatePassword = certificatePassword; | |
| } | |
| @Override | |
| public OkHttpClient.Builder pinCertificate(OkHttpClient.Builder okhttpBuilder) { | |
| final KeyStore trustedCertificate = getTrustedCertificate(); | |
| final TrustManagerFactory trustManagerFactory = getTrustManagerFactory(trustedCertificate); | |
| final SSLContext sslContext = getSSLContext(trustManagerFactory); | |
| X509TrustManager trustManager = getX509TrustManager(trustManagerFactory); | |
| okhttpBuilder.sslSocketFactory(sslContext.getSocketFactory(), trustManager); | |
| return okhttpBuilder; | |
| } | |
| private KeyStore getTrustedCertificate() { | |
| KeyStore trusted = null; | |
| InputStream in = null; | |
| try { | |
| trusted = KeyStore.getInstance(CERTIFICATE_TYPE); | |
| in = context.getResources().openRawResource(certificate); | |
| trusted.load(in, certificatePassword.toCharArray()); | |
| } catch (KeyStoreException e) { | |
| e.printStackTrace(); | |
| } catch (CertificateException e) { | |
| e.printStackTrace(); | |
| } catch (NoSuchAlgorithmException e) { | |
| e.printStackTrace(); | |
| } catch (IOException e) { | |
| e.printStackTrace(); | |
| }finally { | |
| if(in != null){ | |
| try { | |
| in.close(); | |
| } catch (IOException e) { | |
| e.printStackTrace(); | |
| } | |
| } | |
| } | |
| return trusted; | |
| } | |
| private TrustManagerFactory getTrustManagerFactory(KeyStore trustedCertificate) { | |
| TrustManagerFactory trustManagerFactory = null; | |
| try { | |
| trustManagerFactory = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm()); | |
| trustManagerFactory.init(trustedCertificate); | |
| } catch (NoSuchAlgorithmException e) { | |
| e.printStackTrace(); | |
| } catch (KeyStoreException e) { | |
| e.printStackTrace(); | |
| } | |
| return trustManagerFactory; | |
| } | |
| private SSLContext getSSLContext(TrustManagerFactory trustManagerFactory) { | |
| SSLContext sslContext = null; | |
| try { | |
| sslContext = SSLContext.getInstance(DEFAULT_TLS_VERSION); | |
| sslContext.init(null, trustManagerFactory.getTrustManagers(), null); | |
| } catch (NoSuchAlgorithmException e) { | |
| e.printStackTrace(); | |
| } catch (KeyManagementException e) { | |
| e.printStackTrace(); | |
| } | |
| return sslContext; | |
| } | |
| private X509TrustManager getX509TrustManager(TrustManagerFactory trustManagerFactory) { | |
| final TrustManager[] trustManagers = trustManagerFactory.getTrustManagers(); | |
| if (trustManagers == null | |
| || trustManagers.length != 1 | |
| || !(trustManagers[0] instanceof X509TrustManager)) { | |
| final IllegalStateException e = new IllegalStateException("Wrong trust manager: " + Arrays.toString(trustManagers)); | |
| ThrowableReporter.report(e); | |
| throw e; | |
| } | |
| return (X509TrustManager) trustManagers[0]; | |
| } | |
| } |
Remove it. It is just an interface that I wrote.
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Please, Can you tell me where is OkHttpCertificatePinner interface?
because it's not available in OkHttp library