npm - react-native-device-defense - Versions diffs - 1.0.0 → 1.0.2 - Mend

react-native-device-defense 1.0.0 → 1.0.2

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (40) hide show

package/src/api.ts CHANGED Viewed

@@ -9,6 +9,7 @@ import type {
   BlockOnSecurityThreatOptions,
   SecurityStatus,
   SecurityThreat,
+  SSLSecurityStatus,
 } from './types';
 /**
@@ -52,6 +53,12 @@ class DeviceSecurity {
         hasMagisk: false,
         isDebuggable: false,
         isEmulator: false,
+        hasSSLValidationBypass: false,
+        hasSSLPinningBypass: false,
+        hasProxyConfiguration: false,
+        hasModifiedSSLLibraries: false,
+        hasCertificateTampering: false,
+        hasSSLSecurityIssue: false,
       };
     }
@@ -64,6 +71,38 @@ class DeviceSecurity {
     }
   }
+  /**
+   * Get detailed SSL security status
+   */
+  async getSSLSecurityStatus(): Promise<SSLSecurityStatus> {
+    if (Platform.OS !== 'android') {
+      // iOS: no-op for now, return secure status
+      return {
+        hasSSLValidationBypass: false,
+        hasSSLPinningBypass: false,
+        hasProxyConfiguration: false,
+        hasModifiedSSLLibraries: false,
+        hasCertificateTampering: false,
+        hasSSLSecurityIssue: false,
+      };
+    }
+    try {
+      const statusJson = await NativeDeviceSecurity.getSSLSecurityStatus();
+      return JSON.parse(statusJson) as SSLSecurityStatus;
+    } catch (error) {
+      console.error('DeviceSecurity: Error getting SSL security status', error);
+      return {
+        hasSSLValidationBypass: false,
+        hasSSLPinningBypass: false,
+        hasProxyConfiguration: false,
+        hasModifiedSSLLibraries: false,
+        hasCertificateTampering: false,
+        hasSSLSecurityIssue: false,
+      };
+    }
+  }
   /**
    * Check if device is rooted (synchronous, Android only)
    */
@@ -160,6 +199,104 @@ class DeviceSecurity {
     }
   }
+  // ===== SSL Security Methods =====
+  /**
+   * Check if SSL validation has been bypassed
+   */
+  hasSSLValidationBypass(): boolean {
+    if (Platform.OS !== 'android') {
+      return false;
+    }
+    try {
+      return NativeDeviceSecurity.hasSSLValidationBypass();
+    } catch (error) {
+      console.error('DeviceSecurity: Error checking SSL validation bypass', error);
+      return false;
+    }
+  }
+  /**
+   * Check if SSL pinning bypass tools are present
+   */
+  hasSSLPinningBypass(): boolean {
+    if (Platform.OS !== 'android') {
+      return false;
+    }
+    try {
+      return NativeDeviceSecurity.hasSSLPinningBypass();
+    } catch (error) {
+      console.error('DeviceSecurity: Error checking SSL pinning bypass', error);
+      return false;
+    }
+  }
+  /**
+   * Check if proxy is configured (potential MITM)
+   */
+  hasProxyConfiguration(): boolean {
+    if (Platform.OS !== 'android') {
+      return false;
+    }
+    try {
+      return NativeDeviceSecurity.hasProxyConfiguration();
+    } catch (error) {
+      console.error('DeviceSecurity: Error checking proxy configuration', error);
+      return false;
+    }
+  }
+  /**
+   * Check if SSL libraries have been modified
+   */
+  hasModifiedSSLLibraries(): boolean {
+    if (Platform.OS !== 'android') {
+      return false;
+    }
+    try {
+      return NativeDeviceSecurity.hasModifiedSSLLibraries();
+    } catch (error) {
+      console.error('DeviceSecurity: Error checking modified SSL libraries', error);
+      return false;
+    }
+  }
+  /**
+   * Check if certificates have been tampered with
+   */
+  hasCertificateTampering(): boolean {
+    if (Platform.OS !== 'android') {
+      return false;
+    }
+    try {
+      return NativeDeviceSecurity.hasCertificateTampering();
+    } catch (error) {
+      console.error('DeviceSecurity: Error checking certificate tampering', error);
+      return false;
+    }
+  }
+  /**
+   * Comprehensive SSL security check
+   */
+  hasSSLSecurityIssue(): boolean {
+    if (Platform.OS !== 'android') {
+      return false;
+    }
+    try {
+      return NativeDeviceSecurity.hasSSLSecurityIssue();
+    } catch (error) {
+      console.error('DeviceSecurity: Error checking SSL security', error);
+      return false;
+    }
+  }
   /**
    * Block app when security threat detected
    * This will show an alert and potentially exit the app
@@ -215,6 +352,12 @@ class DeviceSecurity {
       hasMagisk: false,
       isDebuggable: false,
       isEmulator: false,
+      hasSSLValidationBypass: false,
+      hasSSLPinningBypass: false,
+      hasProxyConfiguration: false,
+      hasModifiedSSLLibraries: false,
+      hasCertificateTampering: false,
+      hasSSLSecurityIssue: false,
     };
   }
 }

package/src/components/SecurityBlockedScreen.tsx CHANGED Viewed

@@ -38,6 +38,11 @@ const THREAT_TITLES: Record<SecurityThreat, string> = {
   magisk_detected: 'Phát hiện Magisk',
   debugger_detected: 'Phát hiện Debugger',
   emulator_detected: 'Phát hiện Bộ giả lập',
+  ssl_validation_bypass: 'SSL Validation bị bypass',
+  ssl_pinning_bypass: 'SSL Pinning bị bypass',
+  proxy_configuration: 'Phát hiện Proxy (MITM)',
+  modified_ssl_libraries: 'SSL Library đã sửa đổi',
+  certificate_tampering: 'Certificate bị can thiệp',
 };
 const THREAT_DESCRIPTIONS: Record<SecurityThreat, string> = {
@@ -52,6 +57,11 @@ const THREAT_DESCRIPTIONS: Record<SecurityThreat, string> = {
   magisk_detected: 'Phát hiện Magisk - công cụ root ẩn danh.',
   debugger_detected: 'Phát hiện debugger đang gắn vào ứng dụng.',
   emulator_detected: 'Ứng dụng đang chạy trên bộ giả lập, không an toàn cho môi trường production.',
+  ssl_validation_bypass: 'SSL certificate validation đã bị bypass, kết nối có thể không an toàn.',
+  ssl_pinning_bypass: 'Phát hiện công cụ SSL pinning bypass (Frida, Xposed...) - tấn công MITM có thể xảy ra.',
+  proxy_configuration: 'Phát hiện cấu hình proxy - có thể là dấu hiệu của tấn công MITM.',
+  modified_ssl_libraries: 'SSL libraries đã bị sửa đổi - có thể dẫn đến kết nối không an toàn.',
+  certificate_tampering: 'Phát hiện certificate đã bị can thiệp - kết nối có thể bị theo dõi.',
 };
 /**

package/src/hooks/useDeviceSecurity.ts CHANGED Viewed

@@ -2,7 +2,7 @@
  * React hook for device security
  */
-import { useCallback, useEffect, useState } from 'react';
+import { useCallback, useEffect, useRef, useState } from 'react';
 import { Platform } from 'react-native';
 import deviceSecurity from '../api';
 import type {
@@ -14,12 +14,7 @@ import type {
 export function useDeviceSecurity(
   options: UseDeviceSecurityOptions = {},
 ): UseDeviceSecurityReturn {
-  const {
-    onSecurityThreat,
-    blockOnThreat = false,
-    blockOptions,
-    checkInterval = 0,
-  } = options;
+  const { checkInterval = 0 } = options;
   const [isSecure, setIsSecure] = useState<boolean | null>(null);
   const [isLoading, setIsLoading] = useState(true);
@@ -28,6 +23,12 @@ export function useDeviceSecurity(
   );
   const [error, setError] = useState<Error | null>(null);
+  // Use refs for options to avoid infinite loops when inline objects/functions are passed
+  const optionsRef = useRef(options);
+  useEffect(() => {
+    optionsRef.current = options;
+  }, [options]);
   const checkSecurity = useCallback(async () => {
     if (Platform.OS !== 'android') {
       setIsSecure(true);
@@ -45,14 +46,16 @@ export function useDeviceSecurity(
       // Handle security threats
       if (!status.isSecure) {
+        const currentOptions = optionsRef.current;
         // Call callback for each threat
         for (const threat of status.threats) {
-          onSecurityThreat?.(threat, status);
+          currentOptions.onSecurityThreat?.(threat, status);
         }
         // Block if requested
-        if (blockOnThreat) {
-          deviceSecurity.blockOnSecurityThreat(blockOptions);
+        if (currentOptions.blockOnThreat) {
+          deviceSecurity.blockOnSecurityThreat(currentOptions.blockOptions);
         }
       }
     } catch (err) {
@@ -63,7 +66,7 @@ export function useDeviceSecurity(
     } finally {
       setIsLoading(false);
     }
-  }, [onSecurityThreat, blockOnThreat, blockOptions]);
+  }, []);
   const recheck = useCallback(async () => {
     await checkSecurity();

package/src/types.ts CHANGED Viewed

@@ -12,7 +12,30 @@ export type SecurityThreat =
   | 'xposed_detected'
   | 'magisk_detected'
   | 'debugger_detected'
-  | 'emulator_detected';
+  | 'emulator_detected'
+  | 'ssl_validation_bypass'
+  | 'ssl_pinning_bypass'
+  | 'proxy_configuration'
+  | 'modified_ssl_libraries'
+  | 'certificate_tampering';
+/**
+ * SSL Security Status
+ */
+export interface SSLSecurityStatus {
+  /** SSL validation has been bypassed */
+  hasSSLValidationBypass: boolean;
+  /** SSL pinning bypass tools detected */
+  hasSSLPinningBypass: boolean;
+  /** Proxy configuration detected (potential MITM) */
+  hasProxyConfiguration: boolean;
+  /** SSL libraries have been modified */
+  hasModifiedSSLLibraries: boolean;
+  /** Certificate tampering detected */
+  hasCertificateTampering: boolean;
+  /** Any SSL security issue detected */
+  hasSSLSecurityIssue: boolean;
+}
 /**
  * Detailed security status
@@ -44,6 +67,18 @@ export interface SecurityStatus {
   isDebuggable: boolean;
   /** Running on emulator */
   isEmulator: boolean;
+  /** SSL validation has been bypassed */
+  hasSSLValidationBypass: boolean;
+  /** SSL pinning bypass tools detected */
+  hasSSLPinningBypass: boolean;
+  /** Proxy configuration detected */
+  hasProxyConfiguration: boolean;
+  /** SSL libraries have been modified */
+  hasModifiedSSLLibraries: boolean;
+  /** Certificate tampering detected */
+  hasCertificateTampering: boolean;
+  /** Any SSL security issue detected */
+  hasSSLSecurityIssue: boolean;
   /** Additional details about detection */
   details?: Record<string, boolean | string | number>;
 }