android - 改造:Android 应用程序在 API21+ 设备上启动时无法通过 SSL 握手

Question

我正在构建一个应用程序，它通过 HTTPS 获取一些 JSON 数据，将 Retrofit 与自定义 OkHttp 客户端结合使用。它在 KitKat 上运行良好。一旦我转移到 Android 5、6 或 7，SSL 握手失败。

服务器仅支持 TLSv1。它还使用一个古老的、过期的、自签名的证书。使用 Qualys 的 SSL 工具对其进行了测试，它告诉我所有版本的 Android 都应该能够连接。这是我得到的:

OkHttp客户端:

public class HTTPClient {

public static OkHttpClient getUnsafeOkHttpClient() {
    try {
        // Create a trust manager that does not validate certificate chains

        final TrustManager[] trustAllCerts = new TrustManager[] {
                new X509TrustManager() {
                    @Override
                    public void checkClientTrusted(java.security.cert.X509Certificate[] chain, String authType) {
                    }

                    @Override
                    public void checkServerTrusted(java.security.cert.X509Certificate[] chain, String authType) {
                    }

                    @Override
                    public java.security.cert.X509Certificate[] getAcceptedIssuers() {
                        return new java.security.cert.X509Certificate[]{};
                    }
                }
        };

        // Install the all-trusting trust manager
        final SSLContext sslContext = SSLContext.getInstance("TLSv1");
        sslContext.init(null, trustAllCerts, new java.security.SecureRandom());
        // Create a ssl socket factory with our all-trusting manager
        final SSLSocketFactory sslSocketFactory = sslContext.getSocketFactory();
        //URL url = new URL(ApiIntentService.getHostAddress());
        //final SSLSocketFactory sslSocketFactory = new NoSSLv3SocketFactory(url);

//            ConnectionSpec spec = new ConnectionSpec.Builder(ConnectionSpec.COMPATIBLE_TLS)
//                    .tlsVersions(TlsVersion.TLS_1_0)
//                    .cipherSuites(
//                            CipherSuite.TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256,
//                            CipherSuite.TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256,
//                            CipherSuite.TLS_DHE_RSA_WITH_AES_128_GCM_SHA256,
//                            CipherSuite.TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA,
//                            CipherSuite.TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA,
//                            CipherSuite.TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA,
//                            CipherSuite.TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA,
//                            CipherSuite.TLS_ECDHE_ECDSA_WITH_RC4_128_SHA,
//                            CipherSuite.TLS_ECDHE_RSA_WITH_RC4_128_SHA,
//                            CipherSuite.TLS_DHE_RSA_WITH_AES_128_CBC_SHA)
//                    .build();

//            String hostname = "api.server.domain";
//            CertificatePinner certificatePinner = new CertificatePinner.Builder()
//                    .add(hostname, "sha256/3Iiwgs3a0qjPCnBQzW/GeHhPbZvhaJtxKvMJJVO5KdU=")
//                    .build();

        final OkHttpClient.Builder builder = new OkHttpClient.Builder();
//            builder.connectionSpecs(Collections.singletonList(spec));
//            builder.certificatePinner(certificatePinner);
            builder.sslSocketFactory(sslSocketFactory);
            builder.hostnameVerifier(new HostnameVerifier() {
                @Override
                public boolean verify(String hostname, SSLSession session) {
                    return true;
                }
            });
            builder.authenticator(new Authenticator() {
                @Override
                public Request authenticate(Route route, Response response) throws IOException {
                    String credential = Credentials.basic("user", "pass");
                    return response.request().newBuilder()
                            .header("Authorization", credential)
                            .build();
                }
            });
        OkHttpClient okHttpClient = builder.build();
        return okHttpClient;
    } catch (Exception e) {
        throw new RuntimeException(e);
    }
}

我知道这段代码在安全性方面有多么糟糕。我的主管要求这样做，我告诉他这有多糟糕。

我已经尝试了 2 种方法来解决我的问题，它们在那段代码中被注释掉了 - 证书固定和请求 TLSv1 具体来说，以及密码列表。在其他问题中找到了这两个，但它们没有任何改变(堆栈跟踪完全相同)。

堆栈跟踪

以下是堆栈跟踪中有趣的部分:

I/RETROFIT: Data retrieval failed! javax.net.ssl.SSLHandshakeException: Handshake failed
*snip*
Caused by: javax.net.ssl.SSLProtocolException: SSL handshake aborted: ssl=0xb43eb200: Failure in SSL library, usually a protocol error
error:14077410:SSL routines:SSL23_GET_SERVER_HELLO:sslv3 alert handshake failure (external/openssl/ssl/s23_clnt.c:770 0xac6fedd4:0x00000000)
                at       com.android.org.conscrypt.NativeCrypto.SSL_do_handshake(Native Method)

看起来 Android 似乎突然尝试使用 SSLv3，但 Wireshark 显示通过 TLSv1 进行通信。它应该以 Client Hello 开头，但服务器会立即以 Handshake Failure (40) 进行应答。

非常感谢所有帮助，因为我完全没有想法。如果需要，请要求澄清。

谢谢。

Answer 1

我的解决方案是添加更多 OkHttpClient 可接受的密码。自 API 21 起，Android 已弃用某些 TLS 证书。这可能会有所帮助:

ConnectionSpec spec = new 
ConnectionSpec.Builder(ConnectionSpec.MODERN_TLS)
            .tlsVersions(TlsVersion.TLS_1_2)
            .cipherSuites(      
CipherSuite.TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256,
CipherSuite.TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256,                    
CipherSuite.TLS_DHE_RSA_WITH_AES_128_GCM_SHA256)
            .build();

OkHttpClient client = new OkHttpClient.Builder()
        .connectionSpecs(Collections.singletonList(spec))
        .build();

更多信息请访问:https://github.com/square/okhttp/wiki/HTTPS