use TLSv1.2 as SSL context on supported plattforms

2016-02-03 18:17:16 +01:00 · 2016-02-03 18:17:16 +01:00 · 7dd9545ea3
parent 1d572c61d0
commit 7dd9545ea3
3 changed files with 14 additions and 2 deletions
--- a/src/main/java/eu/siacs/conversations/http/HttpConnectionManager.java
+++ b/src/main/java/eu/siacs/conversations/http/HttpConnectionManager.java
@ -23,6 +23,7 @@ import eu.siacs.conversations.entities.Message;
 import eu.siacs.conversations.services.AbstractConnectionManager;
 import eu.siacs.conversations.services.XmppConnectionService;
 import eu.siacs.conversations.utils.CryptoHelper;
+import eu.siacs.conversations.utils.SSLSocketHelper;

 public class HttpConnectionManager extends AbstractConnectionManager {

@ -76,7 +77,7 @@ public class HttpConnectionManager extends AbstractConnectionManager {
 							new StrictHostnameVerifier());
 		}
 		try {
-			final SSLContext sc = SSLContext.getInstance("TLS");
+			final SSLContext sc = SSLSocketHelper.getSSLContext();
 			sc.init(null, new X509TrustManager[]{trustManager},
 					mXmppConnectionService.getRNG());

--- a/src/main/java/eu/siacs/conversations/utils/SSLSocketHelper.java
+++ b/src/main/java/eu/siacs/conversations/utils/SSLSocketHelper.java
@ -1,11 +1,14 @@
 package eu.siacs.conversations.utils;

+import android.os.Build;
+
 import java.lang.reflect.Method;
 import java.security.NoSuchAlgorithmException;
 import java.util.Arrays;
 import java.util.Collection;
 import java.util.LinkedList;

+import javax.net.ssl.SSLContext;
 import javax.net.ssl.SSLSocket;
 import javax.net.ssl.SSLSocketFactory;

@ -59,4 +62,12 @@ public class SSLSocketHelper {
 			// ignore any error, we just can't set the alpn protocol...
 		}
 	}
+
+	public static SSLContext getSSLContext() throws NoSuchAlgorithmException {
+		if (Build.VERSION.SDK_INT >= Build.VERSION_CODES.JELLY_BEAN) {
+			return SSLContext.getInstance("TLSv1.2");
+		} else {
+			return SSLContext.getInstance("TLS");
+		}
+	}
 }
--- a/src/main/java/eu/siacs/conversations/xmpp/XmppConnection.java
+++ b/src/main/java/eu/siacs/conversations/xmpp/XmppConnection.java
@ -408,7 +408,7 @@ public class XmppConnection implements Runnable {
 	}

 	private TlsFactoryVerifier getTlsFactoryVerifier() throws NoSuchAlgorithmException, KeyManagementException, IOException {
-		final SSLContext sc = SSLContext.getInstance("TLS");
+		final SSLContext sc = SSLSocketHelper.getSSLContext();
 		MemorizingTrustManager trustManager = this.mXmppConnectionService.getMemorizingTrustManager();
 		KeyManager[] keyManager;
 		if (account.getPrivateKeyAlias() != null && account.getPassword().isEmpty()) {