How to implement TLS V1.1 and V1.2 in my android studio application?

Question

I've already bought a SSL certificated in my hosting, but i don't know how to implement in my java code side (using Android Studio).

This is my TLSSocketFactory.java (I copied this class from another page and I put it in my java code)

import java.io.IOException;
import java.net.InetAddress;
import java.net.Socket;
import java.net.UnknownHostException;
import java.security.KeyManagementException;
import java.security.NoSuchAlgorithmException;

import javax.net.ssl.SSLContext;
import javax.net.ssl.SSLSocket;
import javax.net.ssl.SSLSocketFactory;

public class TLSSocketFactory extends SSLSocketFactory {

private SSLSocketFactory internalSSLSocketFactory;

public TLSSocketFactory() throws KeyManagementException, NoSuchAlgorithmException {
    SSLContext context = SSLContext.getInstance("TLS");
    context.init(null, null, null);
    internalSSLSocketFactory = context.getSocketFactory();
}

@Override
public String[] getDefaultCipherSuites() {
    return internalSSLSocketFactory.getDefaultCipherSuites();
}

@Override
public String[] getSupportedCipherSuites() {
    return internalSSLSocketFactory.getSupportedCipherSuites();
}

@Override
public Socket createSocket(Socket s, String host, int port, boolean autoClose) throws IOException {
    return enableTLSOnSocket(internalSSLSocketFactory.createSocket(s, host, port, autoClose));
}

@Override
public Socket createSocket(String host, int port) throws IOException, UnknownHostException {
    return enableTLSOnSocket(internalSSLSocketFactory.createSocket(host, port));
}

@Override
public Socket createSocket(String host, int port, InetAddress localHost, int localPort) throws IOException, UnknownHostException {
    return enableTLSOnSocket(internalSSLSocketFactory.createSocket(host, port, localHost, localPort));
}

@Override
public Socket createSocket(InetAddress host, int port) throws IOException {
    return enableTLSOnSocket(internalSSLSocketFactory.createSocket(host, port));
}

@Override
public Socket createSocket(InetAddress address, int port, InetAddress localAddress, int localPort) throws IOException {
    return enableTLSOnSocket(internalSSLSocketFactory.createSocket(address, port, localAddress, localPort));
}

private Socket enableTLSOnSocket(Socket socket) {
    if(socket != null && (socket instanceof SSLSocket)) {
        ((SSLSocket)socket).setEnabledProtocols(new String[] {"TLSv1.1", "TLSv1.2"});
    }
    return socket;
}
}

And this is my methods to use get and post:

GET method:

import org.json.JSONException;
import org.json.JSONObject;
import java.io.BufferedReader;
import java.io.IOException;
import java.io.InputStream;
import java.io.InputStreamReader;
import java.io.Reader;
import java.net.URL;
import java.nio.charset.Charset;

public class JSONParser {

public static JSONObject readJsonFromUrl(String url) throws IOException, JSONException {
    InputStream is = new URL(url).openStream();
    try  {
        BufferedReader rd = new BufferedReader(new InputStreamReader(is, Charset.forName("UTF-8")));
        String jsonText = readAll(rd);
        return new JSONObject(jsonText);
    } finally {
        is.close();
    }
}

private static String readAll(Reader rd) throws IOException {
    StringBuilder sb = new StringBuilder();
    int cp;
    while ((cp = rd.read()) != -1) {
        sb.append((char) cp);
    }
    return sb.toString();
}

}

POST method:

public String  performPostCall(String requestURL, HashMap<String, String> postDataParams) {

    URL url;

    StringBuffer response = new StringBuffer();
    try {
        url = new URL(requestURL);

        HttpURLConnection conn = (HttpURLConnection) url.openConnection();
        conn.setReadTimeout(15000);
        conn.setConnectTimeout(15000);
        conn.setRequestMethod("POST");
        conn.setDoInput(true);
        conn.setDoOutput(true);


        OutputStream os = conn.getOutputStream();
        BufferedWriter writer = new BufferedWriter(
                new OutputStreamWriter(os, "UTF-8"));
        writer.write(getPostDataString(postDataParams));

        writer.flush();
        writer.close();
        os.close();
        int responseCode=conn.getResponseCode();

        if (responseCode == HttpsURLConnection.HTTP_OK) {
            String line;
            BufferedReader br=new BufferedReader(new InputStreamReader(conn.getInputStream()));

            while ((line=br.readLine()) != null) {
                response.append(line);
            }
            br.close();
        }
        else {
            response.append("");
        }
    } catch (Exception e) {
        e.printStackTrace();
    }
    return response.toString();
}
private String getPostDataString(HashMap<String, String> params) throws UnsupportedEncodingException {
    StringBuilder result = new StringBuilder();
    boolean first = true;
    for(Map.Entry<String, String> entry : params.entrySet()){
        if (first)
            first = false;
        else
            result.append("&");

        result.append(URLEncoder.encode(entry.getKey(), "UTF-8"));
        result.append("=");
        result.append(URLEncoder.encode(entry.getValue(), "UTF-8"));
    }

    return result.toString();
}

1. question N° 1: how can I mix my intance of TLSSocketFactory with my POST and GET request? Sorry for my noob question.

2. question N° 2: Have I make something in my web services? Or just getting my web services with the certificate is ok?

Thanks!

score 0 · Answer 1 · answered Apr 15 '16 at 12:30

0

If your URL starts with https:// the returned connection is an HttpsUrlConnection on which you can set the used socket factory before connecting to the server:

TLSSocketFactory myTlsSocketFactory = new TLSSocketFactory();
...
HttpsURLConnection conn = (HttpsURLConnection) url.openConnection();
conn.setSSLSocketFactory(myTlsSocketFactory);

answered Apr 15 '16 at 12:30

Robert

39,162
17
99
152

Thanks Robert, this is working for my POST method, but for my get methods? – Federick Jons Apr 15 '16 at 12:39

score -2 · Answer 2 · edited May 23 '17 at 12:16

-2

You don't need a TLSSocketFactory, Android uses Apache Commons Http Client to manage that for you, see (Android - Sending HTTPS Get Request)

If you bought a certificate from a valid entity, that means the Certificate Chain is valid, to which you should not have any problems.

I recommend reading this

UPDATE I recommend using this library for HTTP Requests

edited May 23 '17 at 12:16

Community

1
1

answered Apr 15 '16 at 12:30

Driver

538
5
12

The Apache commons client in Anroid is deprecated. – Robert Apr 15 '16 at 12:31
I didn't know that, sorry :( – Driver Apr 15 '16 at 12:41
Updated the Answer – Driver Apr 15 '16 at 12:43
As far I have seen the linked library does not allow to set a custom SSLSocketFactory besides the unnecessary trust-all version. How would you use the posted TLSSocketFactory with it? – Robert Apr 15 '16 at 12:51
Try this: HttpsURLConnection.setDefaultSSLSocketFactory(socketFactory); – Driver Apr 15 '16 at 15:22

How to implement TLS V1.1 and V1.2 in my android studio application?

2 Answers2