DeviceSecurity

API for check device securty (JailBrake for iOS, root for Android etc.)

Enabling the API

This API is part of the devicesecurity extension.

extensions: ["devicesecurity"]

Setting allowed certificate signatures for the app

It is only applicable to Android platform. This will embed certain certificate signatures to the app that can be checked with calling:

Rho::DeviceSecurity.getAppCertificateSignatures

Rho::DeviceSecurity.getAllowedCertificateSignatures

To determine required signature you may use this demo app: DeviceSecurityDemo

Sign it with your production certificate and observe signature value after running the app. Then paste the value into build.yml. Signature value will look like Base64 encoded string, for instance ‘4o7xYWLVqbE+lK020bKX0+wnM48=’. Multiple values can be used.

android:
  security:
    allowed_cert_signatures:
    - "4o7xYWLVqbE+lK020bKX0+wnM48="
    - "signature1"
    - "signature2"
    - "signature3"

Setting allowed installer packages for the app

This will embed certain package names to the app which can be compared against actuall app intaller package. It is only applicable to Android platform.

Rho::DeviceSecurity.getInstallerPackageName

Rho::DeviceSecurity.getAllowedInstallerPackages

For instance if you only want your app to be installed from Google Play Store, allow ‘com.android.vending’ installer package. Multiple values can be used.

android:
  security:
    allowed_installers:
    - 'com.android.vending'

Methods

getAllowedCertificateSignatures()

Returns allowed certificates signatures inbuilt to application.

Synchronous Return:

  • ARRAY

Method Access:

  • Class Method: This method can only be accessed via the API class object.
    • JavaScript: Rho.DeviceSecurity.getAllowedCertificateSignatures()
    • Ruby: Rho::DeviceSecurity.getAllowedCertificateSignatures()

getAllowedInstallerPackages()

Returns allowed installer package names inbuilt to application.

Synchronous Return:

  • ARRAY

Method Access:

  • Class Method: This method can only be accessed via the API class object.
    • JavaScript: Rho.DeviceSecurity.getAllowedInstallerPackages()
    • Ruby: Rho::DeviceSecurity.getAllowedInstallerPackages()

getAppCertificateSignatures()

Returns application certificates signatures.

Synchronous Return:

  • ARRAY

Method Access:

  • Class Method: This method can only be accessed via the API class object.
    • JavaScript: Rho.DeviceSecurity.getAppCertificateSignatures()
    • Ruby: Rho::DeviceSecurity.getAppCertificateSignatures()

getInstallerPackageName()

Returns application installer package name.

Synchronous Return:

  • STRING

Method Access:

  • Class Method: This method can only be accessed via the API class object.
    • JavaScript: Rho.DeviceSecurity.getInstallerPackageName()
    • Ruby: Rho::DeviceSecurity.getInstallerPackageName()

haveAnyInstallerIssues()

Checks if there are mismatches between allowed and runtime installer packages. Will return false if no allowed installers were set.

Synchronous Return:

  • BOOLEAN

Method Access:

  • Class Method: This method can only be accessed via the API class object.
    • JavaScript: Rho.DeviceSecurity.haveAnyInstallerIssues()
    • Ruby: Rho::DeviceSecurity.haveAnyInstallerIssues()

haveAnySignatureIssues()

Checks if there are mismatches between allowed and runtime certificates. Will return false if no allowed signatures were set.

Synchronous Return:

  • BOOLEAN

Method Access:

  • Class Method: This method can only be accessed via the API class object.
    • JavaScript: Rho.DeviceSecurity.haveAnySignatureIssues()
    • Ruby: Rho::DeviceSecurity.haveAnySignatureIssues()

isDebugMode()

return true if application run in Debug mode

Synchronous Return:

  • BOOLEAN

Method Access:

  • Class Method: This method can only be accessed via the API class object.
    • JavaScript: Rho.DeviceSecurity.isDebugMode()
    • Ruby: Rho::DeviceSecurity.isDebugMode()

isDeviceJailbroken()

return true if device Jailbroken

Synchronous Return:

  • BOOLEAN

Method Access:

  • Class Method: This method can only be accessed via the API class object.
    • JavaScript: Rho.DeviceSecurity.isDeviceJailbroken()
    • Ruby: Rho::DeviceSecurity.isDeviceJailbroken()

isDeviceRooted()

return true if device rooted

Synchronous Return:

  • BOOLEAN

Method Access:

  • Class Method: This method can only be accessed via the API class object.
    • JavaScript: Rho.DeviceSecurity.isDeviceRooted()
    • Ruby: Rho::DeviceSecurity.isDeviceRooted()

isDeviceSecured()

return true is device secured. On iOS checked – device is not JailBraked, on Android checked – device is not rooted + is not simulator + not in debug mode + no signature issues + no installer issues

Synchronous Return:

  • BOOLEAN

Method Access:

  • Class Method: This method can only be accessed via the API class object.
    • JavaScript: Rho.DeviceSecurity.isDeviceSecured()
    • Ruby: Rho::DeviceSecurity.isDeviceSecured()

isRunOnSimulator()

return true if application run on simulator

Synchronous Return:

  • BOOLEAN

Method Access:

  • Class Method: This method can only be accessed via the API class object.
    • JavaScript: Rho.DeviceSecurity.isRunOnSimulator()
    • Ruby: Rho::DeviceSecurity.isRunOnSimulator()