2021-04-26 17:29:13 +02:00
|
|
|
include::../description.adoc[]
|
2021-02-02 15:02:10 +01:00
|
|
|
|
2021-04-26 17:29:13 +02:00
|
|
|
== Noncompliant Code Example
|
2020-06-30 12:49:37 +02:00
|
|
|
|
2021-04-26 17:29:13 +02:00
|
|
|
``++javax.net.ssl.SSLContext++`` library:
|
2021-02-02 15:02:10 +01:00
|
|
|
|
2021-04-26 17:29:13 +02:00
|
|
|
----
|
|
|
|
|
val sc: SSLContext = SSLContext.getInstance("TLSv1.1") // Noncompliant
|
|
|
|
|
----
|
2020-06-30 12:49:37 +02:00
|
|
|
|
2021-04-26 17:29:13 +02:00
|
|
|
https://square.github.io/okhttp/[okhttp] library:
|
2021-02-02 15:02:10 +01:00
|
|
|
|
2021-04-26 17:29:13 +02:00
|
|
|
----
|
|
|
|
|
val spec: ConnectionSpec = ConnectionSpec.Builder(ConnectionSpec.MODERN_TLS)
|
|
|
|
|
.tlsVersions(TlsVersion.TLS_1_1) // Noncompliant
|
|
|
|
|
.build()
|
|
|
|
|
----
|
2020-06-30 12:49:37 +02:00
|
|
|
|
2021-04-26 17:29:13 +02:00
|
|
|
== Compliant Solution
|
|
|
|
|
|
|
|
|
|
``++javax.net.ssl.SSLContext++`` library:
|
2020-06-30 12:49:37 +02:00
|
|
|
|
|
|
|
|
----
|
2021-04-26 17:29:13 +02:00
|
|
|
val sc: SSLContext = SSLContext.getInstance("TLSv1.2") // Compliant
|
2020-06-30 12:49:37 +02:00
|
|
|
----
|
|
|
|
|
|
2021-04-26 17:29:13 +02:00
|
|
|
https://square.github.io/okhttp/[okhttp] library:
|
2020-06-30 12:49:37 +02:00
|
|
|
|
|
|
|
|
----
|
2021-04-26 17:29:13 +02:00
|
|
|
val spec: ConnectionSpec = ConnectionSpec.Builder(ConnectionSpec.MODERN_TLS)
|
|
|
|
|
.tlsVersions(TlsVersion.TLS_1_2) // Compliant
|
|
|
|
|
.build()
|
2020-06-30 12:49:37 +02:00
|
|
|
----
|
|
|
|
|
|
|
|
|
|
include::../see.adoc[]
|
