Use TLSv1.3 if available

2025-07-23 01:45:50 +00:00 · 2020-06-15 14:16:45 +02:00 · 2020-06-15 14:16:45 +02:00 · 76a808cb0d
commit 76a808cb0d
parent 7710db7612
2 changed files with 16 additions and 11 deletions
--- a/owncloudComLibrary/src/main/java/com/owncloud/android/lib/common/http/HttpClient.java
+++ b/owncloudComLibrary/src/main/java/com/owncloud/android/lib/common/http/HttpClient.java
@ -71,16 +71,21 @@ public class HttpClient {
                SSLContext sslContext;

                try {
-                    sslContext = SSLContext.getInstance("TLSv1.2");
-                } catch (NoSuchAlgorithmException tlsv12Exception) {
+                    sslContext = SSLContext.getInstance("TLSv1.3");
+                } catch (NoSuchAlgorithmException tlsv13Exception) {
                    try {
-                        Timber.w("TLSv1.2 is not supported in this device; falling through TLSv1.1");
-                        sslContext = SSLContext.getInstance("TLSv1.1");
-                    } catch (NoSuchAlgorithmException tlsv11Exception) {
-                        Timber.w("TLSv1.1 is not supported in this device; falling through TLSv1.0");
-                        sslContext = SSLContext.getInstance("TLSv1");
-                        // should be available in any device; see reference of supported protocols in
-                        // http://developer.android.com/reference/javax/net/ssl/SSLSocket.html
+                        Timber.w("TLSv1.3 is not supported in this device; falling through TLSv1.2");
+                        sslContext = SSLContext.getInstance("TLSv1.2");
+                    } catch (NoSuchAlgorithmException tlsv12Exception) {
+                        try {
+                            Timber.w("TLSv1.2 is not supported in this device; falling through TLSv1.1");
+                            sslContext = SSLContext.getInstance("TLSv1.1");
+                        } catch (NoSuchAlgorithmException tlsv11Exception) {
+                            Timber.w("TLSv1.1 is not supported in this device; falling through TLSv1.0");
+                            sslContext = SSLContext.getInstance("TLSv1");
+                            // should be available in any device; see reference of supported protocols in
+                            // http://developer.android.com/reference/javax/net/ssl/SSLSocket.html
+                        }
                    }
                }

--- a/owncloudComLibrary/src/main/java/com/owncloud/android/lib/common/http/TLSSocketFactory.java
+++ b/owncloudComLibrary/src/main/java/com/owncloud/android/lib/common/http/TLSSocketFactory.java
@ -74,8 +74,8 @@ public class TLSSocketFactory extends SSLSocketFactory {
    }

    private Socket enableTLSOnSocket(Socket socket) {
-        if(socket != null && (socket instanceof SSLSocket)) {
-            ((SSLSocket)socket).setEnabledProtocols(new String[] {"TLSv1.1", "TLSv1.2"});
+        if((socket instanceof SSLSocket)) {
+            ((SSLSocket)socket).setEnabledProtocols(new String[] {"TLSv1.1", "TLSv1.2", "TLSv1.3"});
        }
        return socket;
    }