Security with Android

Starting with ProGuard

Avoiding SSL Exploits

val playSecurity = AdessoSecurityProvider.getDefaultSecurityProvider(context)

playSecurity.update()

playSecurity.updateAsync(callback)

publicKeyPinner

.add( “*.adesso.de”, CertificateUtility.fromAssets(this)[0], PublicKeyPinner.Algorithm.SHA_1 )

.add(“**.adesso.de”, CertificateUtility.fromAssets(this)[0])

.add(“www.adesso.de”, CertificateUtility.fromAssets(this)[0])

.pin()

trustStore

.trust( “alias”, CertificateUtility.fromFile( filesDir.path, “app_certificate”, CertificateUtility.Extension.DER ) )

AdessoSecurityProvider

.getOkHttpCertPinner()

.pin(okhttpClientBuilder, socketProvider.getFactory(), trustStore.getTrustManagers()[0])

Data Security

val encrypted = aesEncrypt(“text”) { specs = AesAlgorithmSpecs.GcmSpecs()}

val encrypted = aesEncrypt(“text”) { specs = AesAlgorithmSpecs.CbcSpecs()}

rsaSign(textToSign) { pair, signValue ->

keyPair = pair

signedText = signValue

}

rsaVerify(textToSign, signedText, keyPair.public)

val secureHash =

sha(SecureHash.Algorithm.SHA2_512) { “text” }

val secureHash=

sha(SecureHash.Algorithm.SHA3_512, EncodingType.HEX) { “text” }

--

--

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store