API for check device securty (JailBrake for iOS, root for Android etc.)
This API is part of the devicesecurity
extension.
:::ruby
extensions: [“devicesecurity”]
It is only applicable to Android platform. This will embed certain certificate signatures to the app that can be checked with calling: :::ruby Rho::DeviceSecurity.getAppCertificateSignatures
:::ruby Rho::DeviceSecurity.getAllowedCertificateSignatures
To determine required signature you may use this demo app: a link
Sign it with your production certificate and observe signature value after running the app. Then paste the value into build.yml. Signature value will look like Base64 encoded string, for instance ‘4o7xYWLVqbE+lK020bKX0+wnM48=’. Multiple values can be used.
:::ruby android: security:
allowed_cert_signatures: - 4o7xYWLVqbE+lK020bKX0+wnM48= - "signature1" - "signature2" - "signature3"
This will embed certain package names to the app which can be compared against actuall app intaller package. It is only applicable to Android platform. :::ruby Rho::DeviceSecurity.getInstallerPackageName
:::ruby Rho::DeviceSecurity.getAllowedInstallerPackages
For instance if you only want your app to be installed from Google Play Store, allow ‘com.android.vending’ installer package. Multiple values can be used.
:::ruby android: security:
allowed_installers: - 'com.android.vending'
Returns allowed certificates signatures inbuilt to application.
Synchronous Return:
Method Access:
Rho.DeviceSecurity.getAllowedCertificateSignatures()
Rho::DeviceSecurity.getAllowedCertificateSignatures()
Returns allowed installer package names inbuilt to application.
Synchronous Return:
Method Access:
Rho.DeviceSecurity.getAllowedInstallerPackages()
Rho::DeviceSecurity.getAllowedInstallerPackages()
Returns application certificates signatures.
Synchronous Return:
Method Access:
Rho.DeviceSecurity.getAppCertificateSignatures()
Rho::DeviceSecurity.getAppCertificateSignatures()
Returns application installer package name.
Synchronous Return:
Method Access:
Rho.DeviceSecurity.getInstallerPackageName()
Rho::DeviceSecurity.getInstallerPackageName()
Checks if there are mismatches between allowed and runtime installer packages. Will return false if no allowed installers were set.
Synchronous Return:
Method Access:
Rho.DeviceSecurity.haveAnyInstallerIssues()
Rho::DeviceSecurity.haveAnyInstallerIssues()
Checks if there are mismatches between allowed and runtime certificates. Will return false if no allowed signatures were set.
Synchronous Return:
Method Access:
Rho.DeviceSecurity.haveAnySignatureIssues()
Rho::DeviceSecurity.haveAnySignatureIssues()
return true if application run in Debug mode
Synchronous Return:
Method Access:
Rho.DeviceSecurity.isDebugMode()
Rho::DeviceSecurity.isDebugMode()
return true if device Jailbroken
Synchronous Return:
Method Access:
Rho.DeviceSecurity.isDeviceJailbroken()
Rho::DeviceSecurity.isDeviceJailbroken()
return true if device rooted
Synchronous Return:
Method Access:
Rho.DeviceSecurity.isDeviceRooted()
Rho::DeviceSecurity.isDeviceRooted()
return true is device secured. On iOS checked – device is not JailBraked, on Android checked – device is not rooted + is not simulator + not in debug mode + no signature issues + no installer issues
Synchronous Return:
Method Access:
Rho.DeviceSecurity.isDeviceSecured()
Rho::DeviceSecurity.isDeviceSecured()
return true if application run on simulator
Synchronous Return:
Method Access:
Rho.DeviceSecurity.isRunOnSimulator()
Rho::DeviceSecurity.isRunOnSimulator()