use Conscrypt as security provider if available (#23984)

Summary: This PR adds support to use Conscrypt as Security Provider if available runtime. Consscrypt supports TLS 1.2 on Android 4.x and TLS 1.3 on all Android versions. Fixes issues (ex #23151) with HTTPS connections on Android 4.x. Just add below to your project build.gradle and it'll use it. ```gradle implementation('org.conscrypt:conscrypt-android:2.0.0') ``` [Android] [Changed] - Add TLS 1.3 support to all Android versions using Conscrypt. Pull Request resolved: #23984 Differential Revision: D14506000 Pulled By: cpojer fbshipit-source-id: 58bf18f7203d20519fb4451bae83f01e2f020a44
facebook · Mar 18, 2019 · 75af15e · 75af15e
1 parent eec2495
commit 75af15e
Showing 1 changed file with 10 additions and 1 deletion.
diff --git a/ReactAndroid/src/main/java/com/facebook/react/modules/network/OkHttpClientProvider.java b/ReactAndroid/src/main/java/com/facebook/react/modules/network/OkHttpClientProvider.java
@@ -13,6 +13,8 @@
 import com.facebook.common.logging.FLog;
 
 import java.io.File;
+import java.security.Provider;
+import java.security.Security;
 import java.util.ArrayList;
 import java.util.List;
 import java.util.concurrent.TimeUnit;
@@ -69,7 +71,14 @@ public static OkHttpClient.Builder createClientBuilder() {
       .writeTimeout(0, TimeUnit.MILLISECONDS)
       .cookieJar(new ReactCookieJarContainer());
 
-    return enableTls12OnPreLollipop(client);
+    try {
+      Class ConscryptProvider = Class.forName("org.conscrypt.OpenSSLProvider");
+      Security.insertProviderAt(
+        (Provider) ConscryptProvider.newInstance(), 1);
+      return client;
+    } catch (Exception e) {
+      return enableTls12OnPreLollipop(client);
+    }
   }
 
   public static OkHttpClient.Builder createClientBuilder(Context context) {