flutter_freerasp_dev 1.0.1

freeRASP is a Community-driven In-App Protection and User Safety suite.

freeRASP for Flutter

freeRASP for iOS is a part of security SDK for the app shielding and security monitoring. Learn more about provided features on the freeRASP's main repository first.

Usage

Step 1: Depend on Talsec library

Add dev dependency to your pubspec.yaml file:

dev_dependencies:
  flutter_freerasp_dev: 1.0.0

Dev version

This version disables some security checks. Android disabled checks:

• onRootDetected
• onEmulatorDetected
• onHookDetected
• onTamperDetected

iOS disabled checks:

• onSignatureDetected

For both platforms disabled checks:

• onDebuggerDetected

Step 2: Setup the Configuration for your App

At the most top widget of your app, override its initState:

@override
void initState() {
  super.initState();
  //TODO: freeRASP implementation
}

Then create config and add your expected values.
Example:

    /// Provide TalsecConfig your expected data and then use them in TalsecApp
    TalsecConfig config = TalsecConfig(
        expectedSigningCertificateHash: 'HASH OF YOUR APP',
        expectedPackageName:
            'com.ahead_itec.flutter.flutter_demo_talsec_example',
        appBundleId: '[YOUR_APP_BUNDLE_ID]',
        appTeamId: '[YOUR TEAM ID]',
        watcherMail: 'example@ahead-itec.com',
        supportedAlternativeStores: ["com.sec.android.app.samsungapps"]);

expectedSigningCertificateHash and expectedPackageName are needed for Android version of app.
appBundleId and appTeamId are needed for iOS version of app.

Step 3: Handle detected threats

Create VoidCallback functions to handle detected threats.
For Android you need to handle:

• onRootDetected
• onEmulatorDetected
• onHookDetected
• onFingerPrintDetected
• onTamperDetected

For iOS you need to handle:

• onSignatureDetected
• onJailbreakDetected
• onRuntimeManipulationDetected
• onPasscodeDetected
• onPasscodeChangeDetected
• onSimulatorDetected
• onMissingSecureEnclaveDetected

For both platforms you need to handle:

• onDebuggerDetected

Example:

TalsecApp app = TalsecApp(
        config: config,
        onRootDetected: (){
          // TODO: Handle threat
        },
        onEmulatorDetected: () {
          // TODO: Handle threat
        },
        onHookDetected: () {
          // TODO: Handle threat
        },
        onFingerprintDetected: () {
          // TODO: Handle threat
        },
        onDebuggerDetected: () {
          // TODO: Handle threat
        },
        onTamperDetected: () {
          // TODO: Handle threat
        }
);

Step 4: Start talsec and listen to changes

Lastly, start talsec to detected and listen to threat detections:

app.start();
app.listen();

Example implementation can be found under Example section at pub.dev