alfayez-expo-rasp-plus-plugin
v1.0.0
Published
Expo config plugin for RASP+ React Native security plugin
Downloads
7
Maintainers
alfayez-devReadme
expo-rasp-plus-plugin
An Expo config plugin for integrating RASP+ (Runtime Application Self-Protection) React Native security SDK into your Expo project.
Features
This plugin automatically configures your Expo project with:
Android
- Sets minimum SDK version to 23 (or higher)
- Configures Kotlin version for compatibility
- Adds required permissions for various detection features
- Initializes RASP+ in MainApplication
- Optional overlay detection in MainActivity
- Optional ProGuard configuration for code obfuscation
iOS
- Copies configuration file to the iOS project
- Adds configuration file to Xcode project resources
Prerequisites
- Expo SDK 47 or higher
- React Native >= 0.65.3
- RASP+ React Native plugin installed from your custom git repository
Installation
- First, install the RASP+ React Native plugin:
npm install <your-custom-git-link>#<release-tag>
# or
yarn add <your-custom-git-link>#<release-tag>- Install this Expo plugin:
npm install expo-rasp-plus-plugin
# or
yarn add expo-rasp-plus-pluginConfiguration
Add the plugin to your app.json or app.config.js:
Basic Configuration
{
"expo": {
"plugins": ["expo-rasp-plus-plugin"]
}
}Full Configuration
{
"expo": {
"plugins": [
[
"expo-rasp-plus-plugin",
{
"android": {
"minSdkVersion": 23,
"kotlinVersion": "2.0.0",
"enableScreenshotDetection": true,
"enableScreenRecordingDetection": true,
"enableLocationSpoofingDetection": true,
"enableUnsecureWifiDetection": true,
"enableOverlayDetection": true,
"blockEventsOnOverlay": false,
"enableProguard": true,
"talsecMode": "BACKGROUND"
}
}
]
]
}
}Configuration Options
Android Options
| Option | Type | Default | Description |
|--------|------|---------|-------------|
| minSdkVersion | number | 23 | Minimum Android SDK version |
| kotlinVersion | string | "2.0.0" | Kotlin version for the project |
| enableScreenshotDetection | boolean | false | Add DETECT_SCREEN_CAPTURE permission (Android 14+) |
| enableScreenRecordingDetection | boolean | false | Add DETECT_SCREEN_RECORDING permission (Android 15+) |
| enableLocationSpoofingDetection | boolean | false | Add location permissions for spoofing detection |
| enableUnsecureWifiDetection | boolean | false | Add WiFi and location permissions |
| enableOverlayDetection | boolean | false | Add overlay detection to MainActivity |
| blockEventsOnOverlay | boolean | false | Block touch/key events when overlay detected |
| enableProguard | boolean | false | Enable ProGuard minification |
| talsecMode | "BACKGROUND" | "FOREGROUND" | "BACKGROUND" | RASP+ initialization mode |
RASP+ Configuration File
RASP+ requires a signed and encrypted configuration file named tscfg.txt.
- Place your
tscfg.txtfile in the root of your project - The plugin will automatically copy it to the correct locations:
- Android:
android/app/src/main/assets/tscfg.txt - iOS:
ios/<ProjectName>/tscfg.txt
- Android:
Important: Ensure the file is named exactly
tscfg.txtand contains no additional characters, spaces, or new lines.
React Native Implementation
After configuration, implement the RASP+ listeners in your app:
// App.tsx
import { useTalsec } from 'talsec-react-native-security-plugin';
const actions = {
// Android & iOS
privilegedAccess: () => console.log('privilegedAccess'),
debug: () => console.log('debug'),
simulator: () => console.log('simulator'),
appIntegrity: () => console.log('appIntegrity'),
unofficialStore: () => console.log('unofficialStore'),
hooks: () => console.log('hooks'),
deviceBinding: () => console.log('deviceBinding'),
passcode: () => console.log('passcode'),
secureHardwareNotAvailable: () => console.log('secureHardwareNotAvailable'),
systemVPN: () => console.log('systemVPN'),
screenshot: () => console.log('screenshot'),
screenRecording: () => console.log('screenRecording'),
// iOS only
deviceID: () => console.log('deviceID'),
// Android only
obfuscationIssues: () => console.log('obfuscationIssues'),
devMode: () => console.log('devMode'),
adbEnabled: () => console.log('adbEnabled'),
multiInstance: () => console.log('multiInstance'),
timeSpoofing: () => console.log('timeSpoofing'),
locationSpoofing: () => console.log('locationSpoofing'),
unsecureWifi: () => console.log('unsecureWifi'),
overlay: () => console.log('overlay'), // If overlay detection enabled
};
const executionStateActions = {
allChecksFinished: () => console.log('allChecksFinished'),
};
export default function App() {
useTalsec(actions, executionStateActions);
return (
// Your app content
);
}Additional Features
Screen Capture Blocking
import { blockScreenCapture, isScreenCaptureBlocked } from 'talsec-react-native-security-plugin';
// Block screen capture
await blockScreenCapture(true);
// Unblock screen capture
await blockScreenCapture(false);
// Check if screen capture is blocked
const isBlocked = await isScreenCaptureBlocked();External ID
import { storeExternalId } from 'talsec-react-native-security-plugin';
// Store external ID for data collection
const externalId = await storeExternalId('your-uuid');Runtime Permissions
Some features require runtime permission requests. Use React Native's PermissionsAndroid:
import { PermissionsAndroid } from 'react-native';
// Request location permission for location spoofing detection
const granted = await PermissionsAndroid.request(
PermissionsAndroid.PERMISSIONS.ACCESS_FINE_LOCATION
);Building
After configuring the plugin, rebuild your app:
# For development
npx expo prebuild
# For production
npx expo build:android
npx expo build:ios
# or with EAS
eas build --platform android
eas build --platform iosTroubleshooting
Plugin not applying changes
Clear the build cache:
npx expo prebuild --cleanEnsure the plugin is correctly listed in your
app.json/app.config.js
tscfg.txt not found
- Ensure
tscfg.txtis in your project root - Verify the file has no extra characters or spaces
- Check file permissions
Kotlin version conflicts
If you encounter Kotlin version conflicts, ensure your kotlinVersion setting matches your project requirements.
License
MIT