Как отключить SSLv3 в Jsoup android? (Javax.net.ssl.SSLHandshakeException)

Я получил эту ошибку при попытке подключиться к сайту prozis.com через Jsoup в Android 4.2.2, но не удалось, потому что сайт принимает только TLS 1.2. Я немного почитал и обнаружил, что проблема в том, что протокол SSLv3 не включен по умолчанию в этой версии Android. Но так как я использую Jsoup, я не могу расширить основной класс и использовать собственный класс SSLSocketFactory. Есть ли другой способ отключить SSLv3 или заставить TLS1.x в Android 4?

String url;
@Override
protected Document doInBackground(String... params) {
    this.url = params[0];
    Document resultDocument = null;
    try {
        resultDocument = Jsoup
                .connect(url)
                .validateTLSCertificates(false)
                .userAgent(userAgent)
                .timeout(NET_TIMEOUT)
                .maxBodySize(0) //sem limite de tamanho do doc recebido
                .get();

    } catch (IOException e) {
        e.printStackTrace();
    }
    return resultDocument;


09-29 01:45:51.662 3447-3471 W/System.err: javax.net.ssl.SSLHandshakeException: javax.net.ssl.SSLProtocolException: SSL handshake aborted: ssl=0xb835f708: Failure in SSL library, usually a protocol error
09-29 01:45:51.662 3447-3471 W/System.err: error:14077410:SSL routines:SSL23_GET_SERVER_HELLO:sslv3 alert handshake failure (external/openssl/ssl/s23_clnt.c:741 0x9db03901:0x00000000)
09-29 01:45:51.662 3447-3471 W/System.err:     at org.apache.harmony.xnet.provider.jsse.OpenSSLSocketImpl.startHandshake(OpenSSLSocketImpl.java:420)
09-29 01:45:51.674 3447-3471 W/System.err:     at libcore.net.http.HttpConnection.setupSecureSocket(HttpConnection.java:209)
09-29 01:45:51.674 3447-3471 W/System.err:     at libcore.net.http.HttpsURLConnectionImpl$HttpsEngine.makeSslConnection(HttpsURLConnectionImpl.java:478)
09-29 01:45:51.674 3447-3471 W/System.err:     at libcore.net.http.HttpsURLConnectionImpl$HttpsEngine.connect(HttpsURLConnectionImpl.java:442)
09-29 01:45:51.674 3447-3471 W/System.err:     at libcore.net.http.HttpEngine.sendSocketRequest(HttpEngine.java:290)
09-29 01:45:51.674 3447-3471 W/System.err:     at libcore.net.http.HttpEngine.sendRequest(HttpEngine.java:240)
09-29 01:45:51.674 3447-3471 W/System.err:     at libcore.net.http.HttpURLConnectionImpl.connect(HttpURLConnectionImpl.java:81)
09-29 01:45:51.674 3447-3471 W/System.err:     at libcore.net.http.HttpsURLConnectionImpl.connect(HttpsURLConnectionImpl.java:165)
09-29 01:45:51.674 3447-3471 W/System.err:     at org.jsoup.helper.HttpConnection$Response.execute(HttpConnection.java:652)
09-29 01:45:51.674 3447-3471 W/System.err:     at org.jsoup.helper.HttpConnection$Response.execute(HttpConnection.java:629)
09-29 01:45:51.674 3447-3471 W/System.err:     at org.jsoup.helper.HttpConnection.execute(HttpConnection.java:261)
09-29 01:45:51.674 3447-3471 W/System.err:     at org.jsoup.helper.HttpConnection.get(HttpConnection.java:250)
09-29 01:45:51.674 3447-3471 W/System.err:     at com.cruz.sergio.myproteinpricechecker.VoucherFragment$GetPRZVouchersAsync.doInBackground(VoucherFragment.java:195)
09-29 01:45:51.674 3447-3471 W/System.err:     at com.cruz.sergio.myproteinpricechecker.VoucherFragment$GetPRZVouchersAsync.doInBackground(VoucherFragment.java:186)
09-29 01:45:51.674 3447-3471 W/System.err:     at android.os.AsyncTask$2.call(AsyncTask.java:287)
09-29 01:45:51.674 3447-3471 W/System.err:     at java.util.concurrent.FutureTask.run(FutureTask.java:234)
09-29 01:45:51.674 3447-3471 W/System.err:     at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1080)
09-29 01:45:51.674 3447-3471 W/System.err:     at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:573)
09-29 01:45:51.674 3447-3471 W/System.err:     at java.lang.Thread.run(Thread.java:856)
09-29 01:45:51.674 3447-3471 W/System.err: Caused by: javax.net.ssl.SSLProtocolException: SSL handshake aborted: ssl=0xb835f708: Failure in SSL library, usually a protocol error
09-29 01:45:51.674 3447-3471 W/System.err: error:14077410:SSL routines:SSL23_GET_SERVER_HELLO:sslv3 alert handshake failure (external/openssl/ssl/s23_clnt.c:741 0x9db03901:0x00000000)
09-29 01:45:51.674 3447-3471 W/System.err:     at org.apache.harmony.xnet.provider.jsse.NativeCrypto.SSL_do_handshake(Native Method)
09-29 01:45:51.674 3447-3471 W/System.err:     at org.apache.harmony.xnet.provider.jsse.OpenSSLSocketImpl.startHandshake(OpenSSLSocketImpl.java:378)
09-29 01:45:51.674 3447-3471 W/System.err:  ... 18 more
09-29 01:45:51.682 3447-3465 W/System.err: javax.net.ssl.SSLHandshakeException: javax.net.ssl.SSLProtocolException: SSL handshake aborted: ssl=0xb836c108: Failure in SSL library, usually a protocol error
09-29 01:45:51.682 3447-3465 W/System.err: error:14077410:SSL routines:SSL23_GET_SERVER_HELLO:sslv3 alert handshake failure (external/openssl/ssl/s23_clnt.c:741 0x9db03901:0x00000000)
09-29 01:45:51.682 3447-3465 W/System.err:     at org.apache.harmony.xnet.provider.jsse.OpenSSLSocketImpl.startHandshake(OpenSSLSocketImpl.java:420)
09-29 01:45:51.682 3447-3465 W/System.err:     at libcore.net.http.HttpConnection.setupSecureSocket(HttpConnection.java:209)
09-29 01:45:51.682 3447-3465 W/System.err:     at libcore.net.http.HttpsURLConnectionImpl$HttpsEngine.makeSslConnection(HttpsURLConnectionImpl.java:478)
09-29 01:45:51.682 3447-3465 W/System.err:     at libcore.net.http.HttpsURLConnectionImpl$HttpsEngine.connect(HttpsURLConnectionImpl.java:442)
09-29 01:45:51.682 3447-3465 W/System.err:     at libcore.net.http.HttpEngine.sendSocketRequest(HttpEngine.java:290)
09-29 01:45:51.682 3447-3465 W/System.err:     at libcore.net.http.HttpEngine.sendRequest(HttpEngine.java:240)
09-29 01:45:51.682 3447-3465 W/System.err:     at libcore.net.http.HttpURLConnectionImpl.connect(HttpURLConnectionImpl.java:81)
09-29 01:45:51.682 3447-3465 W/System.err:     at libcore.net.http.HttpsURLConnectionImpl.connect(HttpsURLConnectionImpl.java:165)
09-29 01:45:51.682 3447-3465 W/System.err:     at org.jsoup.helper.HttpConnection$Response.execute(HttpConnection.java:652)
09-29 01:45:51.682 3447-3465 W/System.err:     at org.jsoup.helper.HttpConnection$Response.execute(HttpConnection.java:629)
09-29 01:45:51.682 3447-3465 W/System.err:     at org.jsoup.helper.HttpConnection.execute(HttpConnection.java:261)
09-29 01:45:51.682 3447-3465 W/System.err:     at org.jsoup.helper.HttpConnection.get(HttpConnection.java:250)
09-29 01:45:51.682 3447-3465 W/System.err:     at com.cruz.sergio.myproteinpricechecker.NewsFragment$GetPRZNewsAsync.doInBackground(NewsFragment.java:346)
09-29 01:45:51.682 3447-3465 W/System.err:     at com.cruz.sergio.myproteinpricechecker.NewsFragment$GetPRZNewsAsync.doInBackground(NewsFragment.java:328)
09-29 01:45:51.682 3447-3465 W/System.err:     at android.os.AsyncTask$2.call(AsyncTask.java:287)
09-29 01:45:51.682 3447-3465 W/System.err:     at java.util.concurrent.FutureTask.run(FutureTask.java:234)
09-29 01:45:51.682 3447-3465 W/System.err:     at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1080)
09-29 01:45:51.682 3447-3465 W/System.err:     at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:573)
09-29 01:45:51.682 3447-3465 W/System.err:     at java.lang.Thread.run(Thread.java:856)
09-29 01:45:51.682 3447-3465 W/System.err: Caused by: javax.net.ssl.SSLProtocolException: SSL handshake aborted: ssl=0xb836c108: Failure in SSL library, usually a protocol error
09-29 01:45:51.682 3447-3465 W/System.err: error:14077410:SSL routines:SSL23_GET_SERVER_HELLO:sslv3 alert handshake failure (external/openssl/ssl/s23_clnt.c:741 0x9db03901:0x00000000)
09-29 01:45:51.682 3447-3465 W/System.err:     at org.apache.harmony.xnet.provider.jsse.NativeCrypto.SSL_do_handshake(Native Method)
09-29 01:45:51.682 3447-3465 W/System.err:     at org.apache.harmony.xnet.provider.jsse.OpenSSLSocketImpl.startHandshake(OpenSSLSocketImpl.java:378)

09-29 01: 45: 51.682 3447-3465 W / System.err:... еще 18

Источник

2 ответа

Решение

Выяснили, как это сделать, используя библиотеку NetCipher. Ответ на другой вопрос, на который ответил Ханс-Кристоф Штайнер: /questions/36913410/kak-otklyuchit-sslv3-v-android-dlya-httpsurlconnection/36913434#36913434

В файл build.gradle (модуль приложения) включите зависимость компиляции NetCipher, последняя версия 1.2:

compile 'info.guardianproject.netcipher:netcipher:1.2'

(Или вы можете скачать netcipher-1.2.jar и включить его прямо в свое приложение.)

Использование:

HttpsURLConnection netCipherconnection = NetCipher.getHttpsURLConnection(url);
netCipherconnection.connect();

BufferedReader bufferedReader = new BufferedReader(new InputStreamReader(netCipherconnection.getInputStream()));
StringBuilder stringBuilder = new StringBuilder();
String stringHTML;
while ((stringHTML = bufferedReader.readLine()) != null)
    stringBuilder.append(stringHTML);
bufferedReader.close();
Document resultDocument = Jsoup.parse(String.valueOf(stringBuilder));
Источник

попробуйте эту работу, а сначала сделайте SSLHelper

ключевое слово: Jsoup SSl SSLHandshakeException

import java.security.KeyManagementException;
import java.security.NoSuchAlgorithmException;
import java.security.SecureRandom;
import java.security.cert.CertificateException;
import java.security.cert.X509Certificate;

import javax.net.ssl.HostnameVerifier;
import javax.net.ssl.HttpsURLConnection;
import javax.net.ssl.SSLContext;
import javax.net.ssl.SSLSession;
import javax.net.ssl.X509TrustManager;

/**
 * Created by Javad on 2017-12-05 at 8:29 PM.
 */
public class SSLHelper {

  public static void enableSSLSocket() throws KeyManagementException, NoSuchAlgorithmException {
    HttpsURLConnection.setDefaultHostnameVerifier(new HostnameVerifier() {
      public boolean verify(String hostname, SSLSession session) {
        return true;
      }
    });

    SSLContext context = SSLContext.getInstance("TLS");
    context.init(null, new X509TrustManager[]{new X509TrustManager() {
      public void checkClientTrusted(X509Certificate[] chain, String authType) throws CertificateException {
      }

      public void checkServerTrusted(X509Certificate[] chain, String authType) throws CertificateException {
      }

      public X509Certificate[] getAcceptedIssuers() {
        return new X509Certificate[0];
      }
    }}, new SecureRandom());
    HttpsURLConnection.setDefaultSSLSocketFactory(context.getSocketFactory());
  }
}

затем подключитесь к вашему серверу следующим образом:

    private void connectToServer() {
  new Thread(new Runnable() {
    @Override
    public void run() {
      try {
        SSLHelper.enableSSLSocket();
        Connection.Response response = Jsoup
          .connect("https://URL")
          .method(Connection.Method.POST)
          .data("KEY", "VALUE")
          .validateTLSCertificates(true)
          .followRedirects(true)
          .execute();
        Log.i("response", response.toString());
        Log.i("response", response.headers().toString());
        Log.i("response", response.body());

        Document doc = response.parse();
        String result = doc.body().text();

      } catch (IOException e) {
        e.printStackTrace();
        G.toast("ERROR !");
      } catch (java.security.NoSuchAlgorithmException | java.security.KeyManagementException e) {
        e.printStackTrace();
      }
    }
  }).start();
}
Источник
Другие вопросы по тегам