Use SSLContext instead of SSLCertificateSocketFactory

sunkup · sunkup · commit 13044658d370 · 2025-11-19T15:01:13.000+01:00
diff --git a/lib/src/test/java/at/bitfire/cert4android/CustomCertManagerTest.kt b/lib/src/test/java/at/bitfire/cert4android/CustomCertManagerTest.kt
@@ -10,16 +10,18 @@
 
 package at.bitfire.cert4android
 
-import android.net.SSLCertificateSocketFactory
 import org.apache.http.conn.ssl.AllowAllHostnameVerifier
 import org.junit.Assume.assumeNotNull
 import org.junit.Before
 import org.junit.Test
 import java.io.IOException
 import java.net.URL
+import java.security.SecureRandom
 import java.security.cert.CertificateException
 import java.security.cert.X509Certificate
 import javax.net.ssl.HttpsURLConnection
+import javax.net.ssl.SSLContext
+import javax.net.ssl.TrustManager
 import javax.net.ssl.X509TrustManager
 
 class CustomCertManagerTest {
@@ -99,21 +101,17 @@ class CustomCertManagerTest {
         val conn = url.openConnection() as HttpsURLConnection
         try {
             conn.hostnameVerifier = AllowAllHostnameVerifier()
-            conn.sslSocketFactory = object : SSLCertificateSocketFactory(1000) {
-                init {
-                    setTrustManagers(arrayOf(object : X509TrustManager {
-                        override fun checkClientTrusted(
-                            chain: Array<out X509Certificate?>?,
-                            authType: String?
-                        ) { /* OK */ }
-                        override fun checkServerTrusted(
-                            chain: Array<out X509Certificate?>?,
-                            authType: String?
-                        ) { /* OK */ }
-                        override fun getAcceptedIssuers(): Array<out X509Certificate?>? = emptyArray()
-                    }))
-                }
-            }
+            conn.sslSocketFactory = SSLContext.getInstance("TLS").apply {
+                init(
+                    null,
+                    arrayOf<TrustManager>(object : X509TrustManager {
+                        override fun checkClientTrusted(chain: Array<out X509Certificate>?, authType: String?) {}
+                        override fun checkServerTrusted(chain: Array<out X509Certificate>?, authType: String?) {}
+                        override fun getAcceptedIssuers(): Array<X509Certificate> = emptyArray()
+                    }),
+                    SecureRandom()
+                )
+            }.socketFactory
             conn.inputStream.read()
             val certs = mutableListOf<X509Certificate>()
             conn.serverCertificates.forEach { certs += it as X509Certificate }
