Kotlin Insecure Certificate Validation
Description
Detects implementations of TrustManager that may bypass proper SSL/TLS certificate validation in Kotlin code. This vulnerability can allow man-in-the-middle attacks by accepting invalid or untrusted certificates, compromising secure communication channels.
Detection Strategy
• Identifies class initializations (init function) that implement TrustManager interface
• Checks if the implementation contains potentially dangerous certificate validation logic
• Reports a vulnerability if the TrustManager implementation appears to accept all certificates without proper validation checks
Vulnerable code example
import javax.net.ssl.SSLContext
import javax.net.ssl.X509TrustManager
val trustAllCerts = arrayOf(object : X509TrustManager {
override fun checkClientTrusted(chain: Array<java.security.cert.X509Certificate>,
authType: String) {} // Insecure: Empty implementation accepts any certificate
override fun checkServerTrusted(chain: Array<java.security.cert.X509Certificate>, ...✅ Secure code example
import java.security.KeyStore
import javax.net.ssl.SSLContext
import javax.net.ssl.TrustManagerFactory
// Create trust manager using system's default trusted CAs
val tmf = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm()).apply {
init(null as KeyStore?) // Use system default trust store for certificate validation
}...Search for vulnerabilities in your apps for free with Fluid Attacks' automated security testing! Start your 21-day free trial and discover the benefits of the Continuous Hacking Essential plan. If you prefer the Advanced plan, which includes the expertise of Fluid Attacks' hacking team, fill out this contact form.