Skip to content

Commit 3a523b8

Browse files
author
kiber.io
committed
Support X509ExtendedTrustManager for sdk >= 24
1 parent 861c5fa commit 3a523b8

File tree

1 file changed

+55
-4
lines changed

1 file changed

+55
-4
lines changed

app/src/main/java/just/trust/me/Main.java

Lines changed: 55 additions & 4 deletions
Original file line numberDiff line numberDiff line change
@@ -1,9 +1,12 @@
11
package just.trust.me;
22

3+
import android.annotation.TargetApi;
34
import android.content.Context;
45
import android.net.http.SslError;
56
import android.net.http.X509TrustManagerExtensions;
7+
import android.os.Build;
68
import android.util.Log;
9+
import android.util.Pair;
710
import android.webkit.SslErrorHandler;
811
import android.webkit.WebView;
912

@@ -35,9 +38,11 @@
3538
import javax.net.ssl.HostnameVerifier;
3639
import javax.net.ssl.KeyManager;
3740
import javax.net.ssl.SSLContext;
41+
import javax.net.ssl.SSLEngine;
3842
import javax.net.ssl.SSLParameters;
3943
import javax.net.ssl.SSLSession;
4044
import javax.net.ssl.TrustManager;
45+
import javax.net.ssl.X509ExtendedTrustManager;
4146
import javax.net.ssl.X509TrustManager;
4247

4348
import de.robv.android.xposed.IXposedHookLoadPackage;
@@ -138,7 +143,7 @@ protected void afterHookedMethod(MethodHookParam param) throws Throwable {
138143
keymanagers = (KeyManager[]) callStaticMethod(SSLSocketFactory.class, "createKeyManagers", keystore, keystorePassword);
139144
}
140145

141-
trustmanagers = new TrustManager[]{new ImSureItsLegitTrustManager()};
146+
trustmanagers = new TrustManager[]{getTrustManager()};
142147

143148
setObjectField(param.thisObject, "sslcontext", SSLContext.getInstance(algorithm));
144149
callMethod(getObjectField(param.thisObject, "sslcontext"), "init", keymanagers, trustmanagers, random);
@@ -183,7 +188,7 @@ protected void afterHookedMethod(MethodHookParam param) throws Throwable {
183188
return;
184189
}
185190

186-
param.setResult(new TrustManager[]{new ImSureItsLegitTrustManager()});
191+
param.setResult(new TrustManager[]{getTrustManager()});
187192
}
188193
});
189194

@@ -232,7 +237,7 @@ protected Object replaceHookedMethod(MethodHookParam param) throws Throwable {
232237
protected void beforeHookedMethod(MethodHookParam param) throws Throwable {
233238

234239
param.args[0] = null;
235-
param.args[1] = new TrustManager[]{new ImSureItsLegitTrustManager()};
240+
param.args[1] = new TrustManager[]{getTrustManager()};
236241
param.args[2] = null;
237242

238243
}
@@ -345,7 +350,7 @@ public boolean hasDefaultHTTPClient() {
345350
private javax.net.ssl.SSLSocketFactory getEmptySSLFactory() {
346351
try {
347352
SSLContext sslContext = SSLContext.getInstance("TLS");
348-
sslContext.init(null, new TrustManager[]{new ImSureItsLegitTrustManager()}, null);
353+
sslContext.init(null, new TrustManager[]{getTrustManager()}, null);
349354
return sslContext.getSocketFactory();
350355
} catch (NoSuchAlgorithmException | KeyManagementException e) {
351356
return null;
@@ -566,6 +571,44 @@ void processHttpClientAndroidLib(ClassLoader classLoader) {
566571
}
567572
}
568573

574+
@TargetApi(Build.VERSION_CODES.N)
575+
private class ImSureItsLegitExtendedTrustManager extends X509ExtendedTrustManager {
576+
@Override
577+
public void checkClientTrusted(X509Certificate[] chain, String authType, Socket socket) throws CertificateException {
578+
579+
}
580+
581+
@Override
582+
public void checkServerTrusted(X509Certificate[] chain, String authType, Socket socket) throws CertificateException {
583+
584+
}
585+
586+
@Override
587+
public void checkClientTrusted(X509Certificate[] chain, String authType, SSLEngine engine) throws CertificateException {
588+
589+
}
590+
591+
@Override
592+
public void checkServerTrusted(X509Certificate[] chain, String authType, SSLEngine engine) throws CertificateException {
593+
594+
}
595+
596+
@Override
597+
public void checkClientTrusted(X509Certificate[] chain, String authType) throws CertificateException {
598+
599+
}
600+
601+
@Override
602+
public void checkServerTrusted(X509Certificate[] chain, String authType) throws CertificateException {
603+
604+
}
605+
606+
@Override
607+
public X509Certificate[] getAcceptedIssuers() {
608+
return new X509Certificate[0];
609+
}
610+
}
611+
569612
private class ImSureItsLegitTrustManager implements X509TrustManager {
570613
@Override
571614
public void checkClientTrusted(X509Certificate[] chain, String authType) throws CertificateException {
@@ -586,6 +629,14 @@ public X509Certificate[] getAcceptedIssuers() {
586629
}
587630
}
588631

632+
private X509TrustManager getTrustManager() {
633+
if (Build.VERSION.SDK_INT >= Build.VERSION_CODES.N) {
634+
return new ImSureItsLegitExtendedTrustManager();
635+
} else {
636+
return new ImSureItsLegitTrustManager();
637+
}
638+
}
639+
589640
private class ImSureItsLegitHostnameVerifier implements HostnameVerifier {
590641

591642
@Override

0 commit comments

Comments
 (0)