Android developer portal with tools, libraries, and apps
Kevlar is a security toolkit (library) for Android apps. It is divided in 3 packages (antipiracy, rooting and integrity), each containing specific tooling and components.
Its purpose is to be an auditing tool, used to inspect the security environment on Android devices.
A security environment is the security state of a device, which can be probed with the different packages kevlar provides.
Each package focuses on a specific security environment area:
- antipiracy detects the presence of pirate software installed on the device (user-wise security);
- rooting detects the presence of root access, custom binaries, and abnormal OS status (system-wise security);
- integrity detects certain types of tampering attempts your app may have been targeted with (app-wise security).
Kevlar is intended to be used any time it is deemed necessary to determine whether the device your app is running on can be regarded as secure, according to your policies and security requirements.
Manage passwords like a pro with industry level features.
Safe to run has been developed in order to simplify development of secure android applications. In particular the goal of the project is to provide a simple, configurable way for app developers to define when an app should or should not run and a simple way of calling that check.
Extensions to encrypt DataStore using Tink.
⚠️ This tiny library will be maintained until an official solution for DataStore encryption will be released by Google.
A heuristic evasion library for Android. A KTX scoping function that prevents code from analysis.
An open source app locker, vault, call blocker application.
A library for encryption/decryption and digitally media (photo/video) signing/verifying.
This project is created to provide standards for Android application security before making it live to Google Play.
The Hardware Security SDK is the best framework for using Security Keys (YubiKeys, Nitrokeys, …) and smart cards on Android. It supports NFC and USB connections.
Our SDK extends your app with:
- FIDO two-factor authentication
- SSH authentication with PIV/OpenPGP
- TLS client certificate authentication
A small and simple library for managing trial period in your android app.
This is an lightweight library for save and get data secure into the Keystore which encrypted and decrypted.
Now make your applications more secure with Hasher. Simple and easy to use Hashing library that enables you to Hash in MD5 (Message Digest), SHA-1, SHA-256, SHA-392, and SHA-512.
BillingProtector is a small Android library aiming to check the device state & purchases security. Its main purpose is to block a transition if the application has been modified or patched; it can also be used to prevent applications from being executed on an unprotected/insecure environment.
A simple Android Library for performing encryption with AES.
A demo of how to implement AES encryption in Android & iOS.
A simple way to encrypt your secure data like passwords into a native .so library.
This is a lightweight library to generate a 64-bit random key and using AES Algorithm to encrypt/decrypt that random number to get a Secret Key and save it to Key Store.
This library especially supports for Realm Encryption. That means when using you don't have to care about how to get a random key, where to save that key for safe, ... this library will take it.
Email and password signup is a technology that has not been innovated on in decades. Signup forms are cumbersome and repetitive. When users forget their credentials and fail to sign in, you can lose customers. So, that's why here twitter digits comes in picture.
Reactive Auth APIs Wrapper Library for Google's Smart Lock for Passwords API.
Secure and efficient cryptography library for Android. (Auto fix SecureRandom bugs in API 18 and below.)
Features
- AES-256 encryption algorithm
- CBC/CTR mode of operations
- Block padding with PKCS7 (only with CBC)
- Computationally secure random salt (of cipher block size)
- Password stretching with PBKDF2
- Random IV generated on each encryption (16 bytes)
- Supports MD5, SHA1, and SHA2 hash functions
- Generate secure keys with SecureRandom or random.org
- Asymmetric encryption with RSA
- Auto handle large data by using hybrid asymmetric encryption
- Supported RSA key sizes are 2048 bits and 4096 bits
The MSAL library for Android gives your app the ability to begin using the Microsoft Cloud by supporting Microsoft Azure Active Directory and Microsoft Accounts in a converged experience using industry standard OAuth2 and OpenID Connect. The library also supports Azure AD B2C.
Storing Credentials securely on a Device is a must. To make that possible we have combined the Android Keystore for generating Cryptographic keys, and storing them securely and using those keys we encrypt the credentials and save them in the SharedPreferences.
Encryptor4j consists of a set of wrapper and utility classes that make leveraging cryptography in your application alot easier.
It enables developers to encrypt and decrypt with little room for error, using few lines of code and supports all popular encryption algorithms such as AES, DES, RSA etc.
Simple wrapper library in Kotlin is designed to save secret to local shared preferences using Android default security and Android Keystore. KeystoreCompat ensures handling LockScreen and compatibility among diversity of Android versions.
It`s a simple java library for encryption. This library contains next encryption methods:
- AES
- ARCFOUR
- Blowfish
- DES
- DESede
- RSA
- HMAC
- PBE
It`s realy easy to use.
Passay is password policy enforcement for Java including password generators and validators helpers.
One tool to manage key generation, key storing and encryption on different APIs of Android.
As you may know android provided API to use keystore that is stored in system only from API 18. They introduced AndroidKeyStore provider that is responsible to manage this.
But as always there are underwater stones. Up to API 23 you are only able to create asymmetric keys using AndroidKeyStore provider. Also algorithms that you can use are limited. And what about devices below API 18 ?
This project provides API that wraps default JCA api and AndroidKeyStore API and makes it easy to create, manage and use your keys on any andorid API.
This is a reference guide for Android Security things.