UI Hardening (Android)
Integration
The UI Hardening feature, which is newly added, comes as a separate file named uihardening*.aar alongside the SDK library.
-
Begin by copying the library files into your project.
We recommend placing the uihardening*.aar file inside the 'artifacts/libs' directory, similar to other libraries as mentioned here.
-
Next, specify the path to these library files in the dependencyResolutionManagement section of your project's settings.gradle file.
dependencyResolutionManagement {
...
repositories {
...
flatDir {
dirs 'artifacts/libs'
}
...
}
}
- Now, you can add the library as a dependency in your
:app:build.gradle
file.
// For Java:
debugImplementation (':uihardening-debug@aar') {
transitive = true
}
releaseImplementation (':uihardening-release@aar') {
transitive = true
}
// For Kotlin:
debugImplementation (':uihardening-debug@aar') {
exclude group: 'org.jetbrains.kotlin', module: 'kotlin-stdlib-jdk7'
transitive = true
}
releaseImplementation (':uihardening-release@aar') {
exclude group: 'org.jetbrains.kotlin', module: 'kotlin-stdlib-jdk7'
transitive = true
}
Setting Logging Callbacks
Hardening.getInstance().viewloggingCallBack();
This function sets up a way for the hardening library to report events by calling a specified function. If no function is specified, the library will still log events to the system's logcat output. However, it is crucial to note that in release versions, a callback function must be set up to avoid logging unencrypted data.
UI Hardening
Hardening.getInstance().hardenView(View v, Boolean b);
- @v: View, which needs to be made more secure
- @b: Block access to the view
This feature allows for additional security measures to be applied to a graphical user interface (GUI) view:
- Disabling access (making it inaccessible)
- Halting the processing of input events when transparent overlays are present above the UI element(s) of the application
- Blocking access to prevent passwords from being readable
To ensure that passwords cannot be read anywhere in the app, we need to implement a measure to prevent unauthorized access.
Enable Ui Hardening
Hardening.getInstance().enableViewHardener();
Activate the UI-View hardening feature. All subsequent calls contribute to strengthening the hardening process. This feature is turned on by default.
Disable Ui Hardening
Hardening.getInstance().disableViewHardener();
Disables the UI-View hardening. After this is done, any future actions will not add extra protection. You can use this setting for views that do not need extra security measures.
HardenScreen
public void onCreate(Bundle savedInstanceState) {
Hardening.hardenScreen(this); // to be called here
super.onCreate(savedInstanceState);
[...]
@param activity the activity to be hardened
This function will activate screen protection for the specified activity. Note that it can only be applied to activities and not to fragments.
Hardening.getInstance().hardenView(View v, Boolean b);
Activates the UI-View hardening. All following calls help to harden. It is turned on by default.