update

Author: Tomaandr

FreeRASPDemoApp/app/build.gradle

@@ -1,18 +1,17 @@
 plugins {
-    id 'com.android.application'
-    id 'kotlin-android'
+    alias(libs.plugins.android.application)
 }
 
 android {
+    namespace "com.aheaditec.talsec.demoapp"
+
     defaultConfig {
         applicationId "com.aheaditec.talsec.demoapp"
         minSdkVersion 23
         compileSdkVersion 36
         targetSdkVersion 36
         versionCode 1
         versionName "1.0"
-
-        testInstrumentationRunner "androidx.test.runner.AndroidJUnitRunner"
     }
 
     buildTypes {
@@ -23,24 +22,15 @@ android {
     }
 
     compileOptions {
-        sourceCompatibility JavaVersion.VERSION_1_8
-        targetCompatibility JavaVersion.VERSION_1_8
-    }
-
-    kotlinOptions {
-        jvmTarget = '1.8'
+        sourceCompatibility JavaVersion.VERSION_17
+        targetCompatibility JavaVersion.VERSION_17
     }
-
-    namespace "com.aheaditec.talsec.demoapp"
 }
 
 dependencies {
     // freeRASP SDK
-    implementation 'com.aheaditec.talsec.security:TalsecSecurity-Community:18.0.1'
+    implementation libs.talsec.security
 
-    implementation "org.jetbrains.kotlin:kotlin-stdlib:$kotlin_version"
-    implementation 'androidx.core:core-ktx:1.17.0'
-    implementation 'androidx.appcompat:appcompat:1.7.1'
-    implementation 'com.google.android.material:material:1.13.0'
-    implementation 'androidx.constraintlayout:constraintlayout:2.2.1'
-}
+    implementation libs.kotlin.stdlib
+    implementation libs.bundles.androidx
+}

FreeRASPDemoApp/app/src/main/java/com/aheaditec/talsec/demoapp/TalsecApplication.kt

@@ -9,134 +9,100 @@ import com.aheaditec.talsec_security.security.api.Talsec
 import com.aheaditec.talsec_security.security.api.TalsecConfig
 import com.aheaditec.talsec_security.security.api.ThreatListener
 
-class TalsecApplication : Application(), ThreatListener.ThreatDetected {
+class TalsecApplication : Application() {
 
-    override fun onCreate() {
-        super.onCreate()
-
-        // Uncomment the following Log.e(...) to get your expectedSigningCertificateHashBase64
-        // Copy the result from logcat and assign to expectedSigningCertificateHashBase64
-        // Log.e("SigningCertificateHash", Utils.computeSigningCertificateHash(this))
-
-        val config = TalsecConfig.Builder(
-            expectedPackageName,
-            expectedSigningCertificateHashBase64)
-            .watcherMail(watcherMail)
-            .supportedAlternativeStores(supportedAlternativeStores)
-            .prod(isProd)
-            .killOnBypass(true) // determines if the app should be killed within the SDK if the callbacks are hooked/modified by an attacker
-            .build()
-        
-        ThreatListener(this, deviceStateListener, raspExecutionStateListener).registerListener(this)
-        Talsec.start(this, config)
-
-        registerActivityLifecycleCallbacks(object : ActivityLifecycleCallbacks {
-            override fun onActivityCreated(activity: Activity, bundle: Bundle?) {
-                Talsec.blockScreenCapture(activity, false)
-            }
-
-            override fun onActivityStarted(activity: Activity) {}
-
-            override fun onActivityResumed(activity: Activity) {
-                ScreenProtector.INSTANCE.registerScreenCallbacks(activity)
-            }
-
-            override fun onActivityPaused(activity: Activity) {
-                ScreenProtector.INSTANCE.unregisterScreenCallbacks(activity)
-            }
-
-            override fun onActivityStopped(activity: Activity) {}
-
-            override fun onActivitySaveInstanceState(activity: Activity, bundle: Bundle) {}
-
-            override fun onActivityDestroyed(activity: Activity) {}
-        })
-    }
+    // Listener for security threat detection events (root, debugger, emulator, tampering, etc.)
+    private val threatDetected = object : ThreatListener.ThreatDetected() {
+        override fun onRootDetected() {
+            // Set your reaction
+            println("onRootDetected")
+        }
 
-    override fun onRootDetected() {
-        // Set your reaction
-        println("onRootDetected")
-    }
+        override fun onDebuggerDetected() {
+            // Set your reaction
+            // Triggered only in release build
+            println("onDebuggerDetected")
+        }
 
-    override fun onDebuggerDetected() {
-        // Set your reaction
-        // Triggered only in release build
-        println("onDebuggerDetected")
-    }
+        override fun onEmulatorDetected() {
+            // Set your reaction
+            // Triggered only in release build
+            println("onEmulatorDetected")
+        }
 
-    override fun onEmulatorDetected() {
-        // Set your reaction
-        // Triggered only in release build
-        println("onEmulatorDetected")
-    }
+        override fun onTamperDetected() {
+            // Set your reaction
+            // Triggered only in release build
+            println("onTamperDetected")
+        }
 
-    override fun onTamperDetected() {
-        // Set your reaction
-        // Triggered only in release build
-        println("onTamperDetected")
-    }
+        override fun onUntrustedInstallationSourceDetected() {
+            // Set your reaction
+            // Triggered only in release build
+            println("onUntrustedInstallationSourceDetected")
+        }
 
-    override fun onUntrustedInstallationSourceDetected() {
-        // Set your reaction
-        // Triggered only in release build
-        println("onUntrustedInstallationSourceDetected")
-    }
+        override fun onHookDetected() {
+            // Set your reaction
+            println("onHookDetected")
+        }
 
-    override fun onHookDetected() {
-        // Set your reaction
-        println("onHookDetected")
-    }
+        override fun onDeviceBindingDetected() {
+            // Set your reaction
+            println("onDeviceBindingDetected")
+        }
 
-    override fun onDeviceBindingDetected() {
-        // Set your reaction
-        println("onDeviceBindingDetected")
-    }
+        override fun onObfuscationIssuesDetected() {
+            // Set your reaction
+            println("onObfuscationIssuesDetected")
+        }
 
-    override fun onObfuscationIssuesDetected() {
-        // Set your reaction
-        println("onObfuscationIssuesDetected")
-    }
+        override fun onMalwareDetected(suspiciousApps: List<SuspiciousAppInfo>) {
+            // Set your reaction
+            println("onMalwareDetected")
+            suspiciousApps.forEach {
+                println("Suspicious app: ${it.packageInfo.packageName}, reason: ${it.reason}")
+            }
+        }
 
-    override fun onMalwareDetected(suspiciousApps: List<SuspiciousAppInfo>) {
-        // Set your reaction
-        println("onMalwareDetected")
-        suspiciousApps.forEach {
-            println("Suspicious app: ${it.packageInfo.packageName}, reason: ${it.reason}")
+        override fun onAutomationDetected() {
+            // Set your reaction
+            println("onAutomationDetected")
         }
-    }
 
-    override fun onScreenshotDetected() {
-        // Set your reaction
-        println("onScreenshotDetected")
-    }
+        override fun onScreenshotDetected() {
+            // Set your reaction
+            println("onScreenshotDetected")
+        }
 
-    override fun onScreenRecordingDetected() {
-        // Set your reaction
-        println("onScreenRecordingDetected")
-    }
+        override fun onScreenRecordingDetected() {
+            // Set your reaction
+            println("onScreenRecordingDetected")
+        }
 
-    override fun onMultiInstanceDetected() {
-        // Set your reaction
-        println("onMultiInstanceDetected")
-    }
+        override fun onMultiInstanceDetected() {
+            // Set your reaction
+            println("onMultiInstanceDetected")
+        }
 
-    override fun onUnsecureWifiDetected() {
-        // Set your reaction
-        println("onUnsecureWifiDetected")
-    }
+        override fun onUnsecureWifiDetected() {
+            // Set your reaction
+            println("onUnsecureWifiDetected")
+        }
 
-    override fun onTimeSpoofingDetected() {
-        // Set your reaction
-        println("onTimeSpoofingDetected")
-    }
+        override fun onTimeSpoofingDetected() {
+            // Set your reaction
+            println("onTimeSpoofingDetected")
+        }
 
-    override fun onLocationSpoofingDetected() {
-        // Set your reaction
-        println("onLocationSpoofingDetected")
+        override fun onLocationSpoofingDetected() {
+            // Set your reaction
+            println("onLocationSpoofingDetected")
+        }
     }
 
     // This is optional. Use only if you are interested in device state information like device lock and HW backed keystore state
-    private val deviceStateListener = object : ThreatListener.DeviceState {
+    private val deviceState = object : ThreatListener.DeviceState() {
         override fun onUnlockedDeviceDetected() {
             // Set your reaction
             println("onUnlockedDeviceDetected")
@@ -164,23 +130,64 @@ class TalsecApplication : Application(), ThreatListener.ThreatDetected {
     }
 
     // This is optional. Use only if you are interested in RASP execution state information
-    private val raspExecutionStateListener = object : ThreatListener.RaspExecutionState() {
+    private val raspExecutionState = object : ThreatListener.RaspExecutionState() {
         override fun onAllChecksFinished() {
             println("onAllChecksFinished")
         }
     }
 
-    companion object {
-        private const val expectedPackageName = "com.aheaditec.talsec.demoapp" // Don't use Context.getPackageName!
-        private val expectedSigningCertificateHashBase64 = arrayOf(
+    override fun onCreate() {
+        super.onCreate()
+
+        // Uncomment the following Log.e(...) to get your expectedSigningCertificateHashBase64
+        // Copy the result from logcat and assign to expectedSigningCertificateHashBase64
+        // Log.e("SigningCertificateHash", Utils.computeSigningCertificateHash(this))
+
+        val config = TalsecConfig.Builder(EXPECTED_PACKAGE_NAME, EXPECTED_SIGNING_CERTIFICATE_HASH_BASE64)
+            .watcherMail(WATCHER_MAIL)
+            .supportedAlternativeStores(SUPPORTED_ALTERNATIVE_STORES)
+            .prod(IS_PROD)
+            .killOnBypass(true) // determines if the app should be killed within the SDK if the callbacks are hooked/modified by an attacker
+            .build()
+
+        ThreatListener(threatDetected, deviceState, raspExecutionState).registerListener(this)
+        Talsec.start(this, config)
+
+        registerActivityLifecycleCallbacks(object : ActivityLifecycleCallbacks {
+            override fun onActivityCreated(activity: Activity, bundle: Bundle?) {
+                Talsec.blockScreenCapture(activity, false)
+            }
+
+            override fun onActivityStarted(activity: Activity) {}
+
+            override fun onActivityResumed(activity: Activity) {
+                ScreenProtector.INSTANCE.registerScreenCallbacks(activity)
+            }
+
+            override fun onActivityPaused(activity: Activity) {
+                ScreenProtector.INSTANCE.unregisterScreenCallbacks(activity)
+            }
+
+            override fun onActivityStopped(activity: Activity) {}
+
+            override fun onActivitySaveInstanceState(activity: Activity, bundle: Bundle) {}
+
+            override fun onActivityDestroyed(activity: Activity) {}
+        })
+    }
+
+
+    private companion object {
+        private const val EXPECTED_PACKAGE_NAME = "com.aheaditec.talsec.demoapp" // Don't use Context.getPackageName!
+        private val EXPECTED_SIGNING_CERTIFICATE_HASH_BASE64 = arrayOf(
             "mVr/qQLO8DKTwqlL+B1qigl9NoBnbiUs8b4c2Ewcz0k=",
             "cVr/qQLO8DKTwqlL+B1qigl9NoBnbiUs8b4c2Ewcz0m="
         ) // Replace with your release (!) signing certificate hashes
-        private const val watcherMail = "john@example.com" // for Alerts and Reports
-        private val supportedAlternativeStores = arrayOf(
+        private const val WATCHER_MAIL = "john@example.com" // for Alerts and Reports
+        private val SUPPORTED_ALTERNATIVE_STORES = arrayOf(
             // Google Play Store and Huawei AppGallery are supported out of the box, you can pass empty array or null or add other stores like the Samsung's one:
             "com.sec.android.app.samsungapps" // Samsung Store
         )
-        private const val isProd = true
+        private const val IS_PROD = true
     }
-}
+}

FreeRASPDemoApp/build.gradle

@@ -1,28 +1,9 @@
 // Top-level build file where you can add configuration options common to all sub-projects/modules.
-buildscript {
-    ext.kotlin_version = "2.0.21"
-    repositories {
-        google()
-        mavenCentral()
-    }
-    dependencies {
-        classpath 'com.android.tools.build:gradle:8.13.2'
-        classpath "org.jetbrains.kotlin:kotlin-gradle-plugin:$kotlin_version"
-
-        // NOTE: Do not place your application dependencies here; they belong
-        // in the individual module build.gradle files
-    }
-}
-
-allprojects {
-    repositories {
-        google()
-        mavenCentral()
-        maven { url "https://europe-west3-maven.pkg.dev/talsec-artifact-repository/freerasp" }
-        maven { url 'https://jitpack.io' }
-    }
+plugins {
+    alias(libs.plugins.android.application) apply false
 }
 
-task clean(type: Delete) {
+// noinspection GrDeprecatedAPIUsage
+tasks.register('clean', Delete) {
     delete rootProject.buildDir
-}
+}

FreeRASPDemoApp/gradle.properties

@@ -18,4 +18,7 @@ android.useAndroidX=true
 # Automatically convert third-party libraries to use AndroidX
 android.enableJetifier=true
 # Kotlin code style for this project: "official" or "obsolete":
-kotlin.code.style=official
+kotlin.code.style=official
+# Temporary compatibility settings for AGP 9.0 migration
+android.builtInKotlin=true
+android.newDsl=false

FreeRASPDemoApp/gradle/wrapper/gradle-wrapper.properties

@@ -1,5 +1,5 @@
 distributionBase=GRADLE_USER_HOME
 distributionPath=wrapper/dists
-distributionUrl=https\://services.gradle.org/distributions/gradle-8.14.3-bin.zip
+distributionUrl=https\://services.gradle.org/distributions/gradle-9.3.1-bin.zip
 zipStoreBase=GRADLE_USER_HOME
-zipStorePath=wrapper/dists
+zipStorePath=wrapper/dists