Skip to content

dtarnawsky/capacitor-plugin-security-provider

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

6 Commits

android

android

 
 

dist

dist

 
 

ios

ios

 
 

src

src

 
 

.eslintignore

.eslintignore

 
 

.gitignore

.gitignore

 
 

.prettierignore

.prettierignore

 
 

CONTRIBUTING.md

CONTRIBUTING.md

 
 

CapacitorPluginSecurityProvider.podspec

CapacitorPluginSecurityProvider.podspec

 
 

README.md

README.md

 
 

package.json

package.json

 
 

rollup.config.js

rollup.config.js

 
 

tsconfig.json

tsconfig.json

 
 

Repository files navigation

capacitor-plugin-security-provider

Capacitor plugin with methods to check and update the Android Security Provider.

Android relies on a security Provider to provide secure network communications. However, from time to time, vulnerabilities are found in the default security provider. To protect against these vulnerabilities, Google Play services provides a way to automatically update a device's security provider to protect against known exploits. By calling Google Play services methods, you can help ensure that your app is running on a device that has the latest updates to protect against known exploits.

For example, a vulnerability was discovered in OpenSSL (CVE-2014-0224) that can leave apps open to an on-path attack that decrypts secure traffic without either side knowing. Google Play services version 5.0 offers a fix, but apps must check that this fix is installed. By using the Google Play services methods, you can help ensure that your app is running on a device that's secured against that attack.

Install

npm install capacitor-plugin-security-provider
npx cap sync

Usage

import { CapacitorSecurityProvider } from 'capacitor-plugin-security-provider';
...
    const result = await CapacitorSecurityProvider.installIfNeeded();
    if (!result.status == SecurityProviderStatus.Success && result.status != SecurityProviderStatus.NotImplemented) {
        // Do not proceed. We have a failure.
    }

API

installIfNeeded()

installIfNeeded() => Promise<{ status: SecurityProviderStatus; }>

Returns: Promise<{ status: SecurityProviderStatus; }>

Enums

SecurityProviderStatus

Members Value Description
Success 'Success' This indicates that the provider was already up to date or was successfully updated
NotImplemented 'NotImplemented' This will occur on iOS and Web as these platforms cannot call the Android Security Provider
GooglePlayServicesRepairableException 'GooglePlayServicesRepairableException' Indicates that Google Play services is out of date, disabled, etc. If this is returned a native dialog will notify and prompt the user to update.
GooglePlayServicesNotAvailableException 'GooglePlayServicesNotAvailableException' Indicates a non-recoverable error; the ProviderInstaller can't install an up-to-date Provider. You should abort running the application.

About

No description, website, or topics provided.

Resources

Readme
Activity

Stars

0 stars

Watchers

1 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages