From c118f4e69b6da369fd4ac76391bd6495f1c5940a Mon Sep 17 00:00:00 2001 From: crackededed <90209774+crackededed@users.noreply.github.com> Date: Sat, 14 Sep 2024 17:43:47 +0300 Subject: [PATCH] ISRG Root X1 certificate for android 7 and below --- app/build.gradle.kts | 3 +- .../andreyasadchy/xtra/di/XtraModule.kt | 21 ++++++++++++- app/src/main/res/raw/isrgrootx1.pem | 31 +++++++++++++++++++ gradle/libs.versions.toml | 1 + 4 files changed, 54 insertions(+), 2 deletions(-) create mode 100644 app/src/main/res/raw/isrgrootx1.pem diff --git a/app/build.gradle.kts b/app/build.gradle.kts index 48f45fffd..b6403d992 100644 --- a/app/build.gradle.kts +++ b/app/build.gradle.kts @@ -30,7 +30,7 @@ android { minSdk = 21 targetSdk = 35 versionCode = 121 - versionName = "2.34.3" + versionName = "2.34.4" } buildTypes { @@ -85,6 +85,7 @@ dependencies { //Misc implementation(libs.okhttp) implementation(libs.okhttp.logging) + implementation(libs.okhttp.tls) implementation(libs.retrofit) implementation(libs.retrofit.converter.serialization) implementation(libs.serialization.json) diff --git a/app/src/main/java/com/github/andreyasadchy/xtra/di/XtraModule.kt b/app/src/main/java/com/github/andreyasadchy/xtra/di/XtraModule.kt index a101318d7..baad91989 100644 --- a/app/src/main/java/com/github/andreyasadchy/xtra/di/XtraModule.kt +++ b/app/src/main/java/com/github/andreyasadchy/xtra/di/XtraModule.kt @@ -1,8 +1,11 @@ package com.github.andreyasadchy.xtra.di +import android.app.Application +import android.os.Build import com.apollographql.apollo3.ApolloClient import com.apollographql.apollo3.network.okHttpClient import com.github.andreyasadchy.xtra.BuildConfig +import com.github.andreyasadchy.xtra.R import com.github.andreyasadchy.xtra.api.GraphQLApi import com.github.andreyasadchy.xtra.api.HelixApi import com.github.andreyasadchy.xtra.api.IdApi @@ -16,6 +19,8 @@ import kotlinx.serialization.json.Json import okhttp3.MediaType.Companion.toMediaType import okhttp3.OkHttpClient import okhttp3.logging.HttpLoggingInterceptor +import okhttp3.tls.HandshakeCertificates +import okhttp3.tls.decodeCertificatePem import retrofit2.Converter import retrofit2.Retrofit import retrofit2.converter.kotlinx.serialization.asConverterFactory @@ -105,11 +110,25 @@ class XtraModule { @Singleton @Provides - fun providesOkHttpClient(): OkHttpClient { + fun providesOkHttpClient(application: Application): OkHttpClient { val builder = OkHttpClient.Builder().apply { if (BuildConfig.DEBUG) { addInterceptor(HttpLoggingInterceptor().apply { level = HttpLoggingInterceptor.Level.BODY }) } + if (Build.VERSION.SDK_INT <= Build.VERSION_CODES.N) { + try { + val certificate = application.resources.openRawResource(R.raw.isrgrootx1).bufferedReader().use { + it.readText() + }.decodeCertificatePem() + val certificates = HandshakeCertificates.Builder() + .addTrustedCertificate(certificate) + .addPlatformTrustedCertificates() + .build() + sslSocketFactory(certificates.sslSocketFactory(), certificates.trustManager) + } catch (e: Exception) { + + } + } connectTimeout(5, TimeUnit.MINUTES) writeTimeout(5, TimeUnit.MINUTES) readTimeout(5, TimeUnit.MINUTES) diff --git a/app/src/main/res/raw/isrgrootx1.pem b/app/src/main/res/raw/isrgrootx1.pem new file mode 100644 index 000000000..b85c8037f --- /dev/null +++ b/app/src/main/res/raw/isrgrootx1.pem @@ -0,0 +1,31 @@ +-----BEGIN CERTIFICATE----- +MIIFazCCA1OgAwIBAgIRAIIQz7DSQONZRGPgu2OCiwAwDQYJKoZIhvcNAQELBQAw +TzELMAkGA1UEBhMCVVMxKTAnBgNVBAoTIEludGVybmV0IFNlY3VyaXR5IFJlc2Vh +cmNoIEdyb3VwMRUwEwYDVQQDEwxJU1JHIFJvb3QgWDEwHhcNMTUwNjA0MTEwNDM4 +WhcNMzUwNjA0MTEwNDM4WjBPMQswCQYDVQQGEwJVUzEpMCcGA1UEChMgSW50ZXJu +ZXQgU2VjdXJpdHkgUmVzZWFyY2ggR3JvdXAxFTATBgNVBAMTDElTUkcgUm9vdCBY +MTCCAiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIBAK3oJHP0FDfzm54rVygc +h77ct984kIxuPOZXoHj3dcKi/vVqbvYATyjb3miGbESTtrFj/RQSa78f0uoxmyF+ +0TM8ukj13Xnfs7j/EvEhmkvBioZxaUpmZmyPfjxwv60pIgbz5MDmgK7iS4+3mX6U +A5/TR5d8mUgjU+g4rk8Kb4Mu0UlXjIB0ttov0DiNewNwIRt18jA8+o+u3dpjq+sW +T8KOEUt+zwvo/7V3LvSye0rgTBIlDHCNAymg4VMk7BPZ7hm/ELNKjD+Jo2FR3qyH +B5T0Y3HsLuJvW5iB4YlcNHlsdu87kGJ55tukmi8mxdAQ4Q7e2RCOFvu396j3x+UC +B5iPNgiV5+I3lg02dZ77DnKxHZu8A/lJBdiB3QW0KtZB6awBdpUKD9jf1b0SHzUv +KBds0pjBqAlkd25HN7rOrFleaJ1/ctaJxQZBKT5ZPt0m9STJEadao0xAH0ahmbWn +OlFuhjuefXKnEgV4We0+UXgVCwOPjdAvBbI+e0ocS3MFEvzG6uBQE3xDk3SzynTn +jh8BCNAw1FtxNrQHusEwMFxIt4I7mKZ9YIqioymCzLq9gwQbooMDQaHWBfEbwrbw +qHyGO0aoSCqI3Haadr8faqU9GY/rOPNk3sgrDQoo//fb4hVC1CLQJ13hef4Y53CI +rU7m2Ys6xt0nUW7/vGT1M0NPAgMBAAGjQjBAMA4GA1UdDwEB/wQEAwIBBjAPBgNV +HRMBAf8EBTADAQH/MB0GA1UdDgQWBBR5tFnme7bl5AFzgAiIyBpY9umbbjANBgkq +hkiG9w0BAQsFAAOCAgEAVR9YqbyyqFDQDLHYGmkgJykIrGF1XIpu+ILlaS/V9lZL +ubhzEFnTIZd+50xx+7LSYK05qAvqFyFWhfFQDlnrzuBZ6brJFe+GnY+EgPbk6ZGQ +3BebYhtF8GaV0nxvwuo77x/Py9auJ/GpsMiu/X1+mvoiBOv/2X/qkSsisRcOj/KK +NFtY2PwByVS5uCbMiogziUwthDyC3+6WVwW6LLv3xLfHTjuCvjHIInNzktHCgKQ5 +ORAzI4JMPJ+GslWYHb4phowim57iaztXOoJwTdwJx4nLCgdNbOhdjsnvzqvHu7Ur +TkXWStAmzOVyyghqpZXjFaH3pO3JLF+l+/+sKAIuvtd7u+Nxe5AW0wdeRlN8NwdC +jNPElpzVmbUq4JUagEiuTDkHzsxHpFKVK7q4+63SM1N95R1NbdWhscdCb+ZAJzVc +oyi3B43njTOQ5yOf+1CceWxG1bQVs5ZufpsMljq4Ui0/1lvh+wjChP4kqKOJ2qxq +4RgqsahDYVvTH9w7jXbyLeiNdd8XM2w9U/t7y0Ff/9yi0GE44Za4rF2LN9d11TPA +mRGunUHBcnWEvgJBQl9nJEiU0Zsnvgc/ubhPgXRR4Xq37Z0j4r7g1SgEEzwxA57d +emyPxgcYxn/eR44/KJ4EBs+lVDR3veyJm+kXQ99b21/+jh5Xos1AnX5iItreGCc= +-----END CERTIFICATE----- diff --git a/gradle/libs.versions.toml b/gradle/libs.versions.toml index a1803f378..d64eecc6b 100644 --- a/gradle/libs.versions.toml +++ b/gradle/libs.versions.toml @@ -62,6 +62,7 @@ navigation-fragment = { module = "androidx.navigation:navigation-fragment", vers navigation-ui = { module = "androidx.navigation:navigation-ui", version.ref = "navigation" } okhttp = { module = "com.squareup.okhttp3:okhttp", version.ref = "okhttp" } okhttp-logging = { module = "com.squareup.okhttp3:logging-interceptor", version.ref = "okhttp" } +okhttp-tls = { module = "com.squareup.okhttp3:okhttp-tls", version.ref = "okhttp" } okio = { module = "com.squareup.okio:okio", version.ref = "okio" } paging-runtime = { module = "androidx.paging:paging-runtime", version.ref = "paging" } preference-ktx = { module = "androidx.preference:preference-ktx", version.ref = "preference" }