Jump to content

[TOPIC: topicViewTemplate]
[GLOBAL: userSmallPhoto]
Photo

Android SSL - TLS 1.2 support for older devices
Started by TandG Jun 07 2018 01:07 AM

4 replies to this topic
android ssl tls
[TOPIC CONTROLS]
[/TOPIC CONTROLS]
[modOptionsDropdown]
[/modOptionsDropdown]
[reputationFilter]
[TOPIC: post.html]
#1

TandG

[GLOBAL: userInfoPane.html]
TandG
  • Contributor

  • 421 posts
  • Corona SDK

Hi all,

 
A project I work on has recently set their web services to only accept TLS 1.2, they can't enable TLS 1.0 or SSLv3 due to security issues.
 
The issue is Android devices running anything less than 5.0 have TLS 1.1 and 1.2 disabled by default. This results in those devices failing the SSL handshake with the web API. See the error below:
 
ERROR: network: javax.net.ssl.SSLProtocolException: SSL handshake aborted: ssl=0x5aae5ec0: Failure in SSL library, usually a protocol error
   error:14077410:SSL routines:SSL23_GET_SERVER_HELLO:sslv3 alert handshake failure (external/openssl/ssl/s23_clnt.c:741 0x5cc4f55c:0x00000000): [WEB_URL] (javax.net.ssl.SSLHandshakeException)
 
From the looks of things it's fairly simple to enable TLS 1.2 via Java:
 
Can Corona implement this?
 
 
Some extra info:
PCI-DSS compliance requires disabling the use of TLS 1.0 as of July 1, 2018. I know a lot of people aren't concerned about PCI compliance, but we have to be due to the nature of the app. More and more web services will start stopping support for TLS1.0 and I imagine far more developers here will start having this issue.
 
 
Thanks,
 
Jamie
 


[TOPIC: post.html]
#2

Rob Miracle

[GLOBAL: userInfoPane.html]
Rob Miracle
  • Moderator

  • 24,865 posts
  • Corona Staff

I'll ask Jamie!

 

Rob



[TOPIC: post.html]
#3

TandG

[GLOBAL: userInfoPane.html]
TandG
  • Contributor

  • 421 posts
  • Corona SDK

Great, thanks Rob.



[TOPIC: post.html]
#4

petrsvar

[GLOBAL: userInfoPane.html]
petrsvar
  • Enthusiast

  • 53 posts
  • Corona SDK

I have the same wish. Is there any progress on this, please?



[TOPIC: post.html]
#5

TandG

[GLOBAL: userInfoPane.html]
TandG
  • Contributor

  • 421 posts
  • Corona SDK

Not that I'm aware of...

 

I ended up re-coding all my network calls natively in Java so that I could enable support myself. It was fairly awkward to mimic Corona's network calls, but it may be your best bet as I doubt this will be addressed anytime soon.




[topic_controls]
[/topic_controls]

Also tagged with one or more of these keywords: android, ssl, tls