hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-21 03:06:31 +01:00
Code Issues Packages Projects Releases Wiki Activity
Files
75b13da4e422c6f00519b51a3d29017cebf40aab
codeql/java/ql/test/query-tests/security/CWE-295/AndroidMissingCertificatePinning/Test4/Test.java
Tony Torralba bd8f35bef7 Java: Fix FPs in Missing certificate pinning 
Local URIs should never require pinning
2023-12-12 18:02:12 +01:00

34 lines
1.1 KiB
Java
Raw Blame History

package com.example;
import java.net.URL;
import java.net.URLConnection;
import java.security.KeyStore;
import javax.net.ssl.TrustManagerFactory;
import javax.net.ssl.HttpsURLConnection;
import javax.net.ssl.SSLContext;
import android.content.res.Resources;
class Test {
void test1(Resources resources) throws Exception {
KeyStore keyStore = KeyStore.getInstance("BKS");
keyStore.load(resources.openRawResource(R.raw.cert), null);
TrustManagerFactory tmf =
TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
tmf.init(keyStore);
SSLContext sslContext = SSLContext.getInstance("TLS");
sslContext.init(null, tmf.getTrustManagers(), null);
URL url = new URL("http://www.example.com/");
HttpsURLConnection urlConnection = (HttpsURLConnection) url.openConnection();
urlConnection.setSSLSocketFactory(sslContext.getSocketFactory());
}
void test2() throws Exception {
URL url = new URL("http://www.example.com/");
HttpsURLConnection urlConnection = (HttpsURLConnection) url.openConnection(); // $hasNoTrustedResult
}
}
Reference in New Issue View Git Blame Copy Permalink