1 /* SecureLoginSocketFactory.java
3 * This program is free software: you can redistribute it and/or modify
4 * it under the terms of the GNU General Public License as published by
5 * the Free Software Foundation, either version 3 of the License, or
6 * (at your option) any later version.
8 * This program is distributed in the hope that it will be useful,
9 * but WITHOUT ANY WARRANTY; without even the implied warranty of
10 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
11 * GNU General Public License for more details.
13 * You should have received a copy of the GNU General Public License
14 * along with this program. If not, see <http://www.gnu.org/licenses/>.
16 package de.dhbwloe.campusapp.wifi;
18 import android.util.Log;
20 import java.io.IOException;
21 import java.net.InetAddress;
22 import java.net.Socket;
23 import java.net.UnknownHostException;
24 import java.security.KeyManagementException;
25 import java.security.NoSuchAlgorithmException;
26 import java.security.SecureRandom;
27 import java.security.cert.CertificateException;
28 import java.security.cert.X509Certificate;
30 import javax.net.ssl.SSLContext;
31 import javax.net.ssl.SSLSocket;
32 import javax.net.ssl.SSLSocketFactory;
33 import javax.net.ssl.TrustManager;
35 public class SecureLoginSocketFactory extends SSLSocketFactory {
36 private static final String ENABLED_PROTOCOLS[] = {
37 "TLSv1", "TLSv1.1", "TLSv1.2"
39 private static final String ENABLED_CIPHERS[] = {
40 "TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA",
41 "TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA",
42 "TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA",
43 "TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA",
44 "TLS_DHE_RSA_WITH_AES_128_CBC_SHA",
45 "TLS_DHE_RSA_WITH_AES_256_CBC_SHA",
46 "TLS_DHE_DSS_WITH_AES_128_CBC_SHA",
47 "TLS_ECDHE_RSA_WITH_RC4_128_SHA",
48 "TLS_ECDHE_ECDSA_WITH_RC4_128_SHA",
49 "TLS_RSA_WITH_AES_128_CBC_SHA",
50 "TLS_RSA_WITH_AES_256_CBC_SHA",
51 "SSL_RSA_WITH_3DES_EDE_CBC_SHA",
52 "SSL_RSA_WITH_RC4_128_SHA",
53 "SSL_RSA_WITH_RC4_128_MD5",
56 private SSLSocketFactory socketFactory;
57 public SSLContext context;
59 public SecureLoginSocketFactory(SSLContext context, SSLSocketFactory innerSslSocketFactory) {
61 this.context = context;
62 this.socketFactory = innerSslSocketFactory;
66 public String[] getDefaultCipherSuites() {
67 return socketFactory.getDefaultCipherSuites();
71 public String[] getSupportedCipherSuites() {
72 return socketFactory.getSupportedCipherSuites();
76 public Socket createSocket(Socket s, String host, int port, boolean autoClose) throws IOException {
77 return enableTLSOnSocket(socketFactory.createSocket(s, host, port, autoClose));
81 public Socket createSocket(String host, int port) throws IOException, UnknownHostException {
82 return enableTLSOnSocket(socketFactory.createSocket(host, port));
86 public Socket createSocket(String host, int port, InetAddress localHost, int localPort) throws IOException, UnknownHostException {
87 return enableTLSOnSocket(socketFactory.createSocket(host, port, localHost, localPort));
91 public Socket createSocket(InetAddress host, int port) throws IOException {
92 return enableTLSOnSocket(socketFactory.createSocket(host, port));
96 public Socket createSocket(InetAddress address, int port, InetAddress localAddress, int localPort) throws IOException {
97 return enableTLSOnSocket(socketFactory.createSocket(address, port, localAddress, localPort));
100 private Socket enableTLSOnSocket(Socket socket) {
101 if(socket != null && (socket instanceof SSLSocket)) {
102 SSLSocket sslSocket = ((SSLSocket) socket);
104 sslSocket.setEnabledCipherSuites(ENABLED_CIPHERS);
105 sslSocket.setEnabledProtocols(ENABLED_PROTOCOLS);