npm
Sign UpSign In

@capacitor-community/security-provider
TypeScript icon, indicating that this package has built-in type declarations

6.0.0 • Public • Published


Android Security Provider

@capacitor-community/security-provider

Check and update the Android Security Provider in a Capacitor app.


About

Capacitor plugin with a method to check and update the Android Security Provider.

Android relies on a security Provider to provide secure network communications. However, from time to time, vulnerabilities are found in the default security provider. To protect against these vulnerabilities, Google Play services provides a way to automatically update a device's security provider to protect against known exploits. By calling Google Play services methods, you can help ensure that your app is running on a device that has the latest updates to protect against known exploits.

For example, a vulnerability was discovered in OpenSSL (CVE-2014-0224) that can leave apps open to an on-path attack that decrypts secure traffic without either side knowing. Google Play services version 5.0 offers a fix, but apps must check that this fix is installed. By using the Google Play services methods, you can help ensure that your app is running on a device that's secured against that attack.

Install

npm install @capacitor-community/security-provider
npx cap sync

Usage

import { CapacitorSecurityProvider, SecurityProviderStatus } from '@capacitor-community/security-provider';
...
    const result = await CapacitorSecurityProvider.installIfNeeded();
    if (result.status !== SecurityProviderStatus.Success && result.status != SecurityProviderStatus.NotImplemented) {
        // Do not proceed. The Android Security Provider failed to verify / install.
    }

See Sample Capacitor 5 application that uses this plugin.

API

installIfNeeded()

installIfNeeded() => Promise<{ status: SecurityProviderStatus; }>

Returns: Promise<{ status: SecurityProviderStatus; }>

Enums

SecurityProviderStatus

Members Value Description
Success 'Success' This indicates that the provider was already up to date or was successfully updated
NotImplemented 'NotImplemented' This will occur on iOS and Web as these platforms cannot call the Android Security Provider
GooglePlayServicesRepairableException 'GooglePlayServicesRepairableException' Indicates that Google Play services is out of date, disabled, etc. If this is returned a native dialog will notify and prompt the user to update.
GooglePlayServicesNotAvailableException 'GooglePlayServicesNotAvailableException' Indicates a non-recoverable error; the ProviderInstaller can't install an up-to-date Provider. You should abort running the application.

Readme

Keywords

Package Sidebar

Install

npm i @capacitor-community/security-provider

Repository

github.com/capacitor-community/security-provider

Homepage

github.com/capacitor-community/security-provider#readme

Weekly Downloads

66

Version

6.0.0

License

MIT

Unpacked Size

31.8 kB

Total Files

27

Last publish

Collaborators

  • ionicjs
  • danielprrazevedo
  • nkalupahana
  • dtarnawsky
  • ryaa
  • dallasjames
  • tafelnl
  • thegnuu
  • pbowyer
  • capcombot
  • jcesarmobile
  • maxlynch
  • mhartington
  • it_mike_s
  • byrds
  • rdlabo
  • priyankpatel
  • dwieeb
  • stewan
  • arielhernandezmusa
  • jeepq
  • start9keagan
  • boosten
  • nklayman
  • ihadeed
  • ckgaparajita
  • jpender
  • nhyatt
  • pwespi
  • epicshaggy
  • thomasvidas
  • robingenz
  • diachedelic
  • johnborges
  • tobyas
  • elylucas
  • larsmikkelsen
  • giodimiliaionic
  • brownoxford
  • mrbatista
  • bazuka5801
  • hemang
Try on RunKit
Report malware