search

google / conscrypt

Conscrypt is a Java Security Provider that implements parts of the Java Cryptography Extension and Java Secure Socket Extension.
Apache License 2.0
1.28k stars 272 forks source link

Illegal class access:attempting to access com.android.org.conscrypt.SSLParametersImpl #530

Closed all4coding closed 6 years ago

all4coding commented 6 years ago

We use reflect to access SSLParametersImpl to Hook the OpenSSLSocketImpl.So we can monitor the SSL handShake time in startHandshake().But it does not work at Android 8.1 and Android P.I know it is not a part of Android Public API. But why the "reflect" is not work at Android 8.1 and Android P

all4coding commented 6 years ago 
private static SSLParametersImpl reflectSSLParaImpl(SSLSocketFactory sslSocketFactory) {
    SSLParametersImpl sslParameters;
    try {
        sslParameters = (SSLParametersImpl) ReflectUtil.getTheFieldValue(
                ReflectUtil.getAssignableField(
                sslSocketFactory.getClass(), SSLParametersImpl.class, false),
                sslSocketFactory);
    } catch (Throwable throwable) {
        sslParameters = null;
    }

    parameters = sslParameters;
    return reflectSSLParaImpl(sslParameters);
}

private static SSLParametersImpl reflectSSLParaImpl(SSLParametersImpl sslParameters) {
    try {
        Method method = SSLParametersImpl.class.getDeclaredMethod("clone", new Class[0]);
        method.setAccessible(true);
        return ((SSLParametersImpl) method.invoke(sslParameters, new Object[0]));
    } catch (Throwable throwable) {
        QLog.enet("reflectSSLParaImpl Throwable:", throwable);
    }

    return parameters;
}
all4coding commented 6 years ago

SSLParametersImpl is public below Android 8.1 and change to private at Android 8.1 and Android P?

flooey commented 6 years ago

Android is restricting the ability of apps to call non-SDK interfaces starting in P. See https://developer.android.com/about/versions/pie/restrictions-non-sdk-interfaces for details.