freerasp 0.0.3 copy "freerasp: ^0.0.3" to clipboard
freerasp: ^0.0.3 copied to clipboard

Published 3 years agoverified publishertalsec.app• Latest: 7.0.0
outdated

Metadata

freeRASP is a Community-driven In-App Protection and User Safety suite.

More...

freeRASP for Flutter #

freeRASP for Flutter is a part of security SDK for the app shielding and security monitoring. Learn more about provided features on the freeRASP's main repository first.

Usage #

Step 1: Prepare Talsec library #

Add dependency to your pubspec.yaml file

dependencies:
  freerasp: 1.0.0

and run pub get.

iOS setup #

After depending on plugin:

  • Open terminal
  • Navigate to your Flutter project
  • Switch to ios folder
  • Run pod install
cd ios
pod install

Note: .symlinks folder should be now visible under your ios folder.

  • Open ios folder of Flutter project in xcode
  • Go to Product > Scheme > Edit Scheme... > Build (dropdown arrow) > Pre-actions
  • Hit + and then New Run Script Action
  • Set Provide build setting from to Runner
  • Use the following code to use an appropriate Talsec for a release or debug build:
cd "${SRCROOT}/.symlinks/plugins/freerasp/ios"
if [ "${CONFIGURATION}" = "Release" ]; then
    rm -rf ./TalsecRuntime.xcframework
    ln -s ./Release/TalsecRuntime.xcframework/ TalsecRuntime.xcframework
else
    rm -rf ./TalsecRuntime.xcframework
    ln -s ./Debug/TalsecRuntime.xcframework/ TalsecRuntime.xcframework
fi
  • close window

Then resolve warnings in xcode project:

  • Go to Show the Issue navigator
  • Click twice on Update to recommended settings under Runner project issue > Perform changes
  • Click twice on Update to recommended settings under Pods project issue > Perform changes

Note: Issues should be clear now.

Android setup #

  • From root of your project, go to android > app > build.gradle
  • In defaultConfig update minSdkVersion to (at least) level 19
android {
...
defaultConfig {
    ...
    minSdkVersion 19
    ...
    }
...
}

Release version #

Release version enables all checks - root/jailbreak, emulator/simulator, tamper, hook, signing, passcode...

Dev version #

This version disables some security checks.

Android disabled checks:

  • onEmulatorDetected
  • onTamperDetected

iOS disabled checks:

  • onSignatureDetected

For both platforms disabled checks:

  • onDebuggerDetected

Step 2: Setup the Configuration for your App #

Convert your top most widget to stateful and override its initState:

@override
void initState() {
  super.initState();
  //TODO: freeRASP implementation
}

Then create config and provide androidConfig and/or IOSConfig Example:

        /// Provide TalsecConfig your expected data and then use them in TalsecApp
        TalsecConfig config = TalsecConfig(
    
          /// For Android
            androidConfig: AndroidConfig(
            expectedPackageName: 'YOUR_PACKAGE_NAME',
            expectedSigningCertificateHash: 'HASH_OF_YOUR_APP',
            supportedAlternativeStores: ["com.sec.android.app.samsungapps"],
          ),
    
          /// For iOS
          IOSConfig: IOSconfig(
            appBundleId: 'YOUR_APP_BUNDLE_ID',
            appTeamId: 'YOUR_APP_TEAM_ID',
          ),
    
          watcherMail: 'john@example.com',
        );

expectedSigningCertificateHash and expectedPackageName are needed for Android version of app.
appBundleId and appTeamId are needed for iOS version of app.
Note: If you publish on the Google Play Store and/or Huawei AppGallery, you don't have to assign anything.

Step 3: Provide callback handler #

Create VoidCallback functions to handle detected threats.
For Android you can handle:

  • onRootDetected
  • onEmulatorDetected
  • onHookDetected
  • onFingerPrintDetected
  • onTamperDetected

For iOS you can handle:

  • onSignatureDetected
  • onJailbreakDetected
  • onRuntimeManipulationDetected
  • onPasscodeDetected
  • onPasscodeChangeDetected
  • onSimulatorDetected
  • onMissingSecureEnclaveDetected

For both platforms you can handle:

  • onDebuggerDetected

Example:

    TalsecCallback callback = TalsecCallback(
      /// For Android
      androidCallback: AndroidCallback(
          onRootDetected: () => print('Root detected'),
          onEmulatorDetected: () => print('Emulator detected'),
          onFingerprintDetected: () => print('Fingerprint detected'),
          onHookDetected: () => print('Hook detected'),
          onTamperDetected: () => print('Tamper detected'),
      ),

      /// For iOS
      IOSCallback: IOScallback(
        onSignatureDetected: () => print('Signature detected'),
        onRuntimeManipulationDetected: () => print('Runtime manipulation detected'),
        onJailbreakDetected: () => print('Jailbreak detected'),
        onPasscodeChangeDetected: () => print('Passcode change detected'),
        onPasscodeDetected: () => print('Passcode detected'),
        onSimulatorDetected: () => print('Simulator detected'),
        onMissingSecureEnclaveDetected: () => print('Missing secure enclave detected'),
      ),

      /// Debugger is common for both platforms
      onDebuggerDetected: () => print("Debugger detected"),
    );

Step 4: Start talsec and listen to changes #

Start talsec to detect threats:

TalsecApp app = TalsecApp(
      config: config,
      callback: callback,
    );

app.start();

Metadata

511
likes
0
points
27.1k
downloads

Publisher

verified publishertalsec.app

Weekly Downloads

Metadata

freeRASP is a Community-driven In-App Protection and User Safety suite.

Repository (GitHub)
View/report issues

License

unknown (license)

Dependencies

flutter

More

Packages that depend on freerasp

Back