I am developing a native android app in java, that needs to communicate with a server, which is very old and only have TLSv1 connectivity with limited number of cipher suites available.
Building the app using Android Studio Chipmunk (2021.2.1) compileSDK 31 minSDK 19 targetSDK 25
My code as follows:
System.setProperty("https.protocols", "TLSv1,TLSv1.1,TLSv1.2,SSL3");
TrustManager[] trustAllCerts = new TrustManager[] {
new X509TrustManager() {
public java.security.cert.X509Certificate[] getAceptedIssuers() {
return null;
}
public void checkClientTrusted(X509Certificate[] certs, String authType) {}
public void checkServerTrusted(X509Certificate[] certs, String authType) {}
}
};
ExecutorService ex = Executors.newSingleThreadExecutor();
Callable<String> connectedCallableTask = () -> {
SSLContext sslContext = SSLContext.getInstance("TLSv1");
sslContext.init( null, trustAllCerts, new java.security.SecureRandom());
SSLSocket sslSocket = (SSLSocket) sslFactory.createSocket(serverip, serverport);
sslSocket.startHandshake();
...
...
}
Future<String ContentFuture = ex.submit(connectedCallableTask);
...
...
The code stopped/crashed at sslSocket.startHandshake();
After researched for a while, I found out the cipher suites from the client is not accepted by the server.
After I talked to others, they shared a wireshark packets to me. One of the Cipher Suites the server accepts is "TLS_RSA_WITH_RC4_128_MD5". So, I thought I can simply add the following ciper suites in my client side code:
SSLParameters params = new SSLParameters();
params.setProtocols(new String[] {"TLSv1"});
params.setCipherSuites(new String[] {"TLS_RSA_WITH_RC4_18_MD5"});
sslSocket.setSSLParameters(params);
sslSocket.startHandshake();
It throws me an exception: Unsupported Cipher Suites
What could I do to connect to the old server, which I have no idea whats in there.