GitHub/JustTrustMe
1
0
Fork 0
mirror of https://github.com/Fuzion24/JustTrustMe.git synced 2026-03-15 04:43:17 +08:00
Code Issues Packages Projects Releases 1 Wiki Activity

Updated TrustManagerImpl Support

Browse Source 
The previous versions were only hooking 1 of 3 methods used to
perform server certificate checks. This commit adds the remaining
2 methods.
This commit is contained in:
Jake Valletta
2017-06-19 13:40:37 -07:00
parent 40594e973a
commit e9bbd648b6
1 changed files with 59 additions and 34 deletions
Download Patch File Download Diff File Expand all files Collapse all files

93
app/src/main/java/just/trust/me/Main.java
View File

@@ -6,38 +6,38 @@ import android.util.Log;
import android.webkit.SslErrorHandler;
import android.webkit.WebView;
import java.io.IOException;
import java.net.Socket;
import java.net.UnknownHostException;
import java.util.ArrayList;
import java.util.List;
import java.security.SecureRandom;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.cert.CertificateException;
import java.security.cert.X509Certificate;
import java.security.KeyManagementException;
import java.security.NoSuchAlgorithmException;
import java.security.UnrecoverableKeyException;
import javax.net.ssl.HostnameVerifier;
import javax.net.ssl.KeyManager;
import javax.net.ssl.SSLContext;
import javax.net.ssl.TrustManager;
import javax.net.ssl.X509TrustManager;
import org.apache.http.conn.ClientConnectionManager;
import org.apache.http.conn.scheme.HostNameResolver;
import org.apache.http.conn.scheme.PlainSocketFactory;
import org.apache.http.conn.scheme.SchemeRegistry;
import org.apache.http.conn.scheme.Scheme;
import org.apache.http.conn.scheme.SchemeRegistry;
import org.apache.http.conn.ssl.SSLSocketFactory;
import org.apache.http.impl.client.DefaultHttpClient;
import org.apache.http.impl.conn.SingleClientConnManager;
import org.apache.http.impl.conn.tsccm.ThreadSafeClientConnManager;
import org.apache.http.params.HttpParams;
import java.io.IOException;
import java.net.Socket;
import java.net.UnknownHostException;
import java.security.KeyManagementException;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.SecureRandom;
import java.security.UnrecoverableKeyException;
import java.security.cert.CertificateException;
import java.security.cert.X509Certificate;
import java.util.ArrayList;
import java.util.List;
import javax.net.ssl.HostnameVerifier;
import javax.net.ssl.KeyManager;
import javax.net.ssl.SSLContext;
import javax.net.ssl.SSLSession;
import javax.net.ssl.TrustManager;
import javax.net.ssl.X509TrustManager;
import de.robv.android.xposed.IXposedHookLoadPackage;
import de.robv.android.xposed.XC_MethodHook;
import de.robv.android.xposed.XC_MethodReplacement;
@@ -47,10 +47,10 @@ import static de.robv.android.xposed.XposedHelpers.callMethod;
import static de.robv.android.xposed.XposedHelpers.callStaticMethod;
import static de.robv.android.xposed.XposedHelpers.findAndHookConstructor;
import static de.robv.android.xposed.XposedHelpers.findAndHookMethod;
import static de.robv.android.xposed.XposedHelpers.findClass;
import static de.robv.android.xposed.XposedHelpers.getObjectField;
import static de.robv.android.xposed.XposedHelpers.newInstance;
import static de.robv.android.xposed.XposedHelpers.setObjectField;
import static de.robv.android.xposed.XposedHelpers.findClass;
public class Main implements IXposedHookLoadPackage {
@@ -251,21 +251,46 @@ public class Main implements IXposedHookLoadPackage {
/* Only for newer devices should we try to hook TrustManagerImpl */
if (hasTrustManagerImpl()) {
/* TrustManagerImpl Hooks */
/* external/conscrypt/src/platform/java/org/conscrypt/TrustManagerImpl.java */
Log.d(TAG, "Hooking com.android.org.conscrypt.TrustManagerImpl for: " + currentPackageName);
/* public void checkServerTrusted(X509Certificate[] chain, String authType) */
findAndHookMethod("com.android.org.conscrypt.TrustManagerImpl", lpparam.classLoader,
"checkServerTrusted", X509Certificate[].class, String.class,
new XC_MethodReplacement() {
@Override
protected Object replaceHookedMethod(MethodHookParam param) throws Throwable {
return 0;
}
});
/* external/conscrypt/src/platform/java/org/conscrypt/TrustManagerImpl.java#217 */
/* public List<X509Certificate> checkServerTrusted(X509Certificate[] chain,
String authType, String host) throws CertificateException */
Log.d(TAG, "Hooking com.android.org.conscrypt.TrustManagerImpl.checkServerTrusted(X509Certificate[]) for: " + currentPackageName);
findAndHookMethod("com.android.org.conscrypt.TrustManagerImpl", lpparam.classLoader,
"checkServerTrusted", X509Certificate[].class, String.class,
String.class, new XC_MethodReplacement() {
@Override
protected Object replaceHookedMethod(MethodHookParam param) throws Throwable {
ArrayList<X509Certificate> list = new ArrayList<X509Certificate>();
return list;
}
});
}
"checkServerTrusted", X509Certificate[].class, String.class,
String.class, new XC_MethodReplacement() {
@Override
protected Object replaceHookedMethod(MethodHookParam param) throws Throwable {
ArrayList<X509Certificate> list = new ArrayList<X509Certificate>();
return list;
}
});
/* public List<X509Certificate> checkServerTrusted(X509Certificate[] chain,
String authType, SSLSession session) throws CertificateException */
findAndHookMethod("com.android.org.conscrypt.TrustManagerImpl", lpparam.classLoader,
"checkServerTrusted", X509Certificate[].class, String.class,
SSLSession.class, new XC_MethodReplacement() {
@Override
protected Object replaceHookedMethod(MethodHookParam param) throws Throwable {
ArrayList<X509Certificate> list = new ArrayList<X509Certificate>();
return list;
}
});
}
} // End Hooks
/* Helpers */