update qcloud sdk to 1.5.70

Author: jordanqin

QCloudFoundation/foundation/build.gradle

@@ -7,8 +7,8 @@ android {
         minSdkVersion 15
         targetSdkVersion 28
 
-        versionCode 10569
-        versionName "1.5.69"
+        versionCode 10570
+        versionName "1.5.70"
 
         testInstrumentationRunner 'androidx.test.runner.AndroidJUnitRunner'
 

QCloudFoundation/foundation/src/main/java/com/tencent/qcloud/core/http/OkHttpClientImpl.java

@@ -27,12 +27,18 @@
 import com.tencent.qcloud.core.http.interceptor.RetryInterceptor;
 import com.tencent.qcloud.core.http.interceptor.TrafficControlInterceptor;
 
+import java.io.ByteArrayInputStream;
+import java.security.KeyStore;
+import java.security.SecureRandom;
 import java.util.concurrent.TimeUnit;
 
 import javax.net.ssl.HostnameVerifier;
+import javax.net.ssl.KeyManager;
+import javax.net.ssl.KeyManagerFactory;
 import javax.net.ssl.SSLContext;
 import javax.net.ssl.SSLSession;
 import javax.net.ssl.TrustManager;
+import javax.net.ssl.TrustManagerFactory;
 import javax.net.ssl.X509TrustManager;
 
 import okhttp3.Call;
@@ -74,8 +80,11 @@ public void init(QCloudHttpClient.Builder b, HostnameVerifier hostnameVerifier,
 //                .addNetworkInterceptor(new HttpMetricsInterceptor())
                 .addInterceptor(logInterceptor)
                 .addInterceptor(new RetryInterceptor(b.retryStrategy))
-                .addInterceptor(new TrafficControlInterceptor())
-                .addInterceptor(redirectInterceptor);
+                .addInterceptor(new TrafficControlInterceptor());
+        // 设置重定向
+        if(b.redirectEnable){
+            builder.addInterceptor(redirectInterceptor);
+        }
         // 绕过ssl
         if(!b.verifySSLEnable){
             try {
@@ -102,13 +111,44 @@ public java.security.cert.X509Certificate[] getAcceptedIssuers() {
                             }
                         }
                 };
-                SSLContext sslContext = SSLContext.getInstance("SSL");
+                SSLContext sslContext = SSLContext.getInstance("TLS");
                 sslContext.init(null, trustAllCerts, new java.security.SecureRandom());
                 builder.sslSocketFactory(sslContext.getSocketFactory(), (X509TrustManager)trustAllCerts[0]);
             } catch (Exception e){
                 e.printStackTrace();
             }
         }
+
+        // 设置客户端证书
+        if(b.clientCertificateBytes != null) {
+            try {
+                // 加载客户端证书
+                KeyStore clientKeyStore = KeyStore.getInstance("BKS");
+                if (b.clientCertificateBytes != null) {
+                    clientKeyStore.load(new ByteArrayInputStream(b.clientCertificateBytes), b.clientCertificatePassword);
+                } else {
+                    throw new IllegalStateException("No client certificate provided");
+                }
+
+                // 创建一个KeyManager，用于提供客户端证书
+                KeyManagerFactory keyManagerFactory = KeyManagerFactory.getInstance(KeyManagerFactory.getDefaultAlgorithm());
+                keyManagerFactory.init(clientKeyStore, b.clientCertificatePassword);
+                KeyManager[] keyManagers = keyManagerFactory.getKeyManagers();
+
+                // 创建一个TrustManager，用于信任服务器证书
+                TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
+                trustManagerFactory.init((KeyStore) null);
+                TrustManager[] trustManagers = trustManagerFactory.getTrustManagers();
+
+                // 创建一个SSLContext，并设置KeyManager和TrustManager
+                SSLContext sslContext = SSLContext.getInstance("TLS");
+                sslContext.init(keyManagers, trustManagers, new SecureRandom());
+                builder.sslSocketFactory(sslContext.getSocketFactory(), (X509TrustManager) trustManagers[0]);
+            } catch (Exception e) {
+                e.printStackTrace();
+            }
+        }
+
         okHttpClient = builder.build();
         redirectInterceptor.setClient(okHttpClient);
     }

QCloudFoundation/foundation/src/main/java/com/tencent/qcloud/core/http/QCloudHttpClient.java

@@ -314,6 +314,10 @@ public final static class Builder {
         List<String> prefetchHost = new LinkedList<>();
         boolean dnsCache = false;
         boolean verifySSLEnable = true;
+        boolean redirectEnable = false;
+
+        byte[] clientCertificateBytes;
+        char[] clientCertificatePassword;
 
         public Builder() {
         }
@@ -374,6 +378,22 @@ public Builder setVerifySSLEnable(boolean verifySSLEnable) {
             return this;
         }
 
+        /**
+         * 设置tls客户端证书
+         * @param certificateBytes 客户端证书字节数组, 需要为BKS格式
+         * @param password BKS文件的密码，如果你的BKS文件没有密码，请传入null
+         */
+        public Builder setClientCertificate(byte[] certificateBytes, char[] password) {
+            this.clientCertificateBytes = certificateBytes;
+            this.clientCertificatePassword = password;
+            return this;
+        }
+
+        public Builder setRedirectEnable(boolean redirectEnable) {
+            this.redirectEnable = redirectEnable;
+            return this;
+        }
+
         public QCloudHttpClient build() {
             if (retryStrategy == null) {
                 retryStrategy = RetryStrategy.DEFAULT;