Kotlin绕过SSL验证
2019-01-03 本文已影响0人
爱学习的蹭蹭
package com.flong.kotlin.utils.security
import java.security.cert.CertificateException
import java.security.cert.X509Certificate
import javax.net.ssl.*
import javax.net.ssl.HttpsURLConnection.setDefaultHostnameVerifier
import javax.net.ssl.HttpsURLConnection.setDefaultSSLSocketFactory
object SSLContextSecurity {
/**
* 绕过验证
* @return
*/
fun createIgnoreVerifySSL(sslVersion: String): SSLSocketFactory {
var sc = SSLContext.getInstance(sslVersion);
val trustAllCerts: Array<TrustManager> = arrayOf(object : X509TrustManager {
@Throws(CertificateException::class)
override fun checkClientTrusted(
chain: Array<java.security.cert.X509Certificate>, authType: String) {
}
@Throws(CertificateException::class)
override fun checkServerTrusted(chain: Array<java.security.cert.X509Certificate>, authType: String) {
}
override fun getAcceptedIssuers(): Array<X509Certificate?> {
return arrayOfNulls(0)
}
})
sc!!.init(null, trustAllCerts, java.security.SecureRandom())
// Create all-trusting host name verifier
val allHostsValid = HostnameVerifier { _, _ -> true }
/***
* 如果 hostname in certificate didn't match的话就给一个默认的主机验证
*/
setDefaultSSLSocketFactory(sc.getSocketFactory());
setDefaultHostnameVerifier(allHostsValid);
return sc.socketFactory;
}
}
