mir/kdeconnect-android
2
0
Fork 0
mirror of https://github.com/KDE/kdeconnect-android synced 2025-08-31 14:15:14 +00:00
Code Issues Releases Wiki Activity

Remove specific list of ciphers

Browse Source 
We can let the system use the full list when negotiating since we no longer
support Android < 5.0
This commit is contained in:
Albert Vaca Cintora
2023-03-05 17:19:47 +01:00
parent 4b3ddf9cc4
commit aae3518bb9
1 changed files with 1 additions and 13 deletions
Download Patch File Download Diff File Expand all files Collapse all files

14
src/org/kde/kdeconnect/Helpers/SecurityHelpers/SslHelper.java
View File

@@ -222,19 +222,7 @@ public class SslHelper {
}
private static void configureSslSocket(SSLSocket socket, boolean isDeviceTrusted, boolean isClient) throws SocketException {
// These cipher suites are most common of them that are accepted by kde and android during handshake
// FIXME: Check if we can remove this and let Android chose
ArrayList<String> supportedCiphers = new ArrayList<>();
supportedCiphers.add("TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384"); // API 20+
supportedCiphers.add("TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256"); // API 20+
supportedCiphers.add("TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384"); // API 20+
supportedCiphers.add("TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256"); // API 20+
supportedCiphers.add("TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA"); // API 11+
socket.setEnabledCipherSuites(supportedCiphers.toArray(ArrayUtils.EMPTY_STRING_ARRAY));
socket.setSoTimeout(10000);
socket.setSoTimeout(10000);
if (isClient) {
socket.setUseClientMode(true);
} else {