API for check device securty (JailBrake for iOS, root for Android etc.)
This API is part of the devicesecurity extension.
extensions: ["devicesecurity"]
It is only applicable to Android platform. This will embed certain certificate signatures to the app that can be checked with calling:
Rho::DeviceSecurity.getAppCertificateSignatures Rho::DeviceSecurity.getAllowedCertificateSignatures
To determine required signature you may use this demo app: DeviceSecurityDemo
Sign it with your production certificate and observe signature value after running the app. Then paste the value into build.yml. Signature value will look like Base64 encoded string, for instance ‘4o7xYWLVqbE+lK020bKX0+wnM48=’. Multiple values can be used.
RhoMobile Suite Documentationandroid:
security:
allowed_cert_signatures:
- "4o7xYWLVqbE+lK020bKX0+wnM48="
- "signature1"
- "signature2"
- "signature3"
This will embed certain package names to the app which can be compared against actuall app intaller package. It is only applicable to Android platform.
Rho::DeviceSecurity.getInstallerPackageName Rho::DeviceSecurity.getAllowedInstallerPackages
For instance if you only want your app to be installed from Google Play Store, allow ‘com.android.vending’ installer package. Multiple values can be used.
android:
security:
allowed_installers:
- 'com.android.vending'
Returns allowed certificates signatures inbuilt to application.
Synchronous Return:
Method Access:
Rho.DeviceSecurity.getAllowedCertificateSignatures() Rho::DeviceSecurity.getAllowedCertificateSignatures()
Returns allowed installer package names inbuilt to application.
Synchronous Return:
Method Access:
Rho.DeviceSecurity.getAllowedInstallerPackages() Rho::DeviceSecurity.getAllowedInstallerPackages()
Returns application certificates signatures.
Synchronous Return:
Method Access:
Rho.DeviceSecurity.getAppCertificateSignatures() Rho::DeviceSecurity.getAppCertificateSignatures()
Returns application installer package name.
Synchronous Return:
Method Access:
Rho.DeviceSecurity.getInstallerPackageName() Rho::DeviceSecurity.getInstallerPackageName()
Checks if there are mismatches between allowed and runtime installer packages. Will return false if no allowed installers were set.
Synchronous Return:
Method Access:
Rho.DeviceSecurity.haveAnyInstallerIssues() Rho::DeviceSecurity.haveAnyInstallerIssues()
Checks if there are mismatches between allowed and runtime certificates. Will return false if no allowed signatures were set.
Synchronous Return:
Method Access:
Rho.DeviceSecurity.haveAnySignatureIssues() Rho::DeviceSecurity.haveAnySignatureIssues()
return true if application run in Debug mode
Synchronous Return:
Method Access:
Rho.DeviceSecurity.isDebugMode() Rho::DeviceSecurity.isDebugMode()
return true if device Jailbroken
Synchronous Return:
Method Access:
Rho.DeviceSecurity.isDeviceJailbroken() Rho::DeviceSecurity.isDeviceJailbroken()
return true if device rooted
Synchronous Return:
Method Access:
Rho.DeviceSecurity.isDeviceRooted() Rho::DeviceSecurity.isDeviceRooted()
return true is device secured. On iOS checked – device is not JailBraked, on Android checked – device is not rooted + is not simulator + not in debug mode + no signature issues + no installer issues
Synchronous Return:
Method Access:
Rho.DeviceSecurity.isDeviceSecured() Rho::DeviceSecurity.isDeviceSecured()
return true if application run on simulator
Synchronous Return:
Method Access:
Rho.DeviceSecurity.isRunOnSimulator() Rho::DeviceSecurity.isRunOnSimulator()