Android Security SDK, also known as Haotian SDK, is an intelligent analysis platform based on massive threat intelligence data, connecting mobile, cloudThe PC's full chain security data, using the deep learning AI platform to carry out correlation analysis from a large number of security events, can sense potential Internet threats and APT events, and can analyze and identify the infrastructure and technical means of the attack camp, bid farewell to the passive defense situation, and provide users with a more secure Internet experience.
Client integration steps
Please integrate the aar file provided by this SDK into the application.
The aar file provided by this SDK already contains AndroidManifest.xml, which confuses the configuration.No additional configuration is required, unless the SDK needs to be configured to a non main process. See the chapter "Multi process support" for the configuration method.
The aar package contains the so packages of armeabi, armeabi-v7a, arm64-v8a, x86, and x86_64. If the compatible abi types of the integrated app are less than this aar, you should add the AbiFilter configuration of the ndk in the build.gradle file, and select the abi supported by this app to prevent the introduction of so for all five abis from causing the loss of other so files on a specific abi.
API interface
Set user consent privacy protocol interface
Call this interface to tell the security SDK user whether he or she has agreed to the privacy protocol.
Before agreeing to the privacy agreement, all calls to the security SDK will not take effect. Methods with return values will get empty return values, and the initialization process will be suspended after the delay until the privacy agreement is agreed.
String appkey, seckey: used for server access verification. These two keys are uniquely associated with the package name and signature of the integration host.If the package name or signature changes, it needs to be reassigned.
Open the security service interface
Start the security service by calling this interface.
Ensure that this interface is called after initialization.When calling this interface, ensure that it is in the same process as the init interface call.If these two conditions are not met, starting the security service will fail, and this interface will return false.This interface is recommended to be called as early as possible after the initialization interface is called.If you need to avoid the performance overhead during application startup, please call this interface when necessary.
If you call this interface before you agree to the privacy agreement, the startup process will be suspended and will automatically continue after you call the method of agreeing to the privacy agreement.
boolean HTH.start()
Return value description:
The return value of this interface means whether the security service process is correctly started.
If initialization is not called in the same process, or an empty context, appkey, seckey is passed in for initialization, this interface will return false.Otherwise, this interface returns true.
Get the current ZToken interface (return immediately)
You can get the current ztoken by calling this interface.This value is the index used to obtain cloud fingerprint and security factor, and it is variable and cannot be applied to host business.This interface will scan the security environment if it meets the passed in parameter conditions.
Please note that the value of ztoken changes and will be updated regularly, so please do not save ztoken for multiple use.
Please select one of the following two methods for use. The difference is whether it contains custom parameters.
a) String account_id is the account ID, which can be null.
b) Int host_call_env: call the eventId of the scene.Please obtain the eventId corresponding to the use scenario from the appendix list.
c) Sring parm (optional): a json string that can pass custom parameters to the security environment for scanning. It can be null.
be careful
It is prohibited to save ZToken in the host. The value of ZToken is variable.
Get the current ZToken interface (delay callback return)
You can get the current ztoken by calling this method.This value is the index used to obtain cloud fingerprint and security factor, and it is variable and cannot be applied to host business.Please note that the value of ztoken changes and will be updated regularly, so please do not save ztoken for multiple use.
This method is an asynchronous time consuming method, and a timeout is required.
void HTH.gzfi(Context context,String account_id,int host_call_env,String parm, int timeout, GzfiCallBack callback)
Parameter Description
a) String account_id is the account ID, which can be null.
b) Int host_call_env is eventId;This value is the security environment scanning call scenario. When it is equal to 0, the security environment scanning will not be called. If the string 3300-3400 is passed in, the security environment scanning will be called. You can choose to pass in according to the business.
c) Sring parm is a json string, which can pass custom parameters to the security environment for scanning. It can be null.
d) Int timeout is the timeout.Please set a value greater than 0 in seconds. If an illegal value (0 or negative value) is passed in, the default timeout of 20 seconds will be used.
e) GzfiCallback callback: callback interface, which returns resultCode and ztoken result methods.
public interface GzfiCallback {void onComplete(int resultCode, String ztoken, String errorMsg);}
The meanings and corresponding relationships of the resultCode, ztoken and errorMessage of GzfiCallback are shown in the following table:
Result code
Meaning of result code
ztoken
error message
one
Cloud fingerprint has been generated successfully
ZToken issued by the cloud for cloud fingerprint query
nothing
-1
uninitialized
The default ztoken generated locally. At this time, cloud generation may not be completed, and fingerprints may not be queried
nothing
-2
No network
The default ztoken generated locally. At this time, cloud generation may not be completed, and fingerprints may not be queried
nothing
-3
Network exception
The default ztoken generated locally. At this time, cloud generation may not be completed, and fingerprints may not be queried
nothing
-4
Get timeout
The default ztoken generated locally. At this time, cloud generation may not be completed, and fingerprints may not be queried
nothing
-5
Sdk internal error
The default ztoken generated locally. At this time, cloud generation may not be completed, and fingerprints may not be queried
Error information, for troubleshooting
-6
Cloud service error
The default ztoken generated locally. At this time, cloud generation may not be completed, and fingerprints may not be queried
Error information, for troubleshooting
Remove GzfiCallback interface
Call this method repeatedly to remove the registered GzfiCallback.If the business has exited and the registered callback is no longer needed, call this method to remove the callback from the list.
Take the asynchronous gzfi method used in the Activity interface as an example. If the interface is destroyed, the incoming GzfiCallback has not been recalled, and you want the GzfiCallback to no longer be recalled, you need to call the remove method to remove it from the queue.
If it is not removed, the following consequences may be caused:1. Memory leak: Because a callback holds an activity object and the SDK holds a reference to the callback, the activity cannot be released, resulting in a memory leak.2. Logic execution exception: if the code logic in the callback is written before the business exits, a callback after the business is launched may lead to code execution exception, for example, a parameter has been recycled, resulting in a null pointer exception.
void removeGzfiCallback(GzfiCallback callback)
Parameter description:
GzfiCallback callback: GzfiCallback object to be removed from the callback list.
Use the process correctly
Please follow the steps below to use this SDK:
Step 1: After the user agrees to the privacy agreement, call 4.1 Agree to the privacy agreement interface.
Step 2: Call the initialization method of 4.2 in the onCreate method of Application.The initialization method and the privacy agreement interface do not need to distinguish the time before and after relationship.
Step 3: After calling the initialization method, call the 4.3 Start Security Service method to start the security service.If the agree privacy protocol interface has not been called at the time of calling to pass in true, the security service will be enabled after the privacy protocol is agreed. In this case, it is not necessary to call the enable security service method again.
Step 4: Call the 4.4 or 4.5 method to obtain the ztoken.The difference between the two methods is as follows:
method
Recommended usage scenarios
remarks
4.4: gzfi method (return immediately)
The business does not rely strongly on fingerprints, or the results need to be obtained in real time.
The ztoken obtained by this method for the first time is more likely to be generated locally. At this time, the cloud has not yet generated fingerprints.
The business strongly depends on fingerprint. When the fingerprint is not successfully generated, it can wait for a period of time.
This method is called when the cloud has not generated a fingerprint, which may take some time. If the cloud has generated a fingerprint, this method will call back immediately after calling.
Step 5: If the synchronization method of 4.4 is used, use the results directly.If the asynchronous method of 4.5 is used, judge the result code provided by the method. If it is 1, it indicates that the cloud fingerprint has been generated. You can use the obtained ztoken to query the cloud fingerprint.If the result code is not 1, you can try to obtain it again after a certain time.
If the 4.5 asynchronous gzfi method is called, and the business logic has exited before the callback, and you no longer want GzfiCallback to be called back, you need to call the 4.6 removal method to remove the GzfiCallback object from the callback list.
Multi process support
The Haotian SDK supports multiple processes running under the same host. By default, it runs in the main process.SDK initialization and component configuration must be in the same process. Please pay attention to the following points:
a) If you need to configure the Haotian SDK to run in other processes, please configure all the following components in the same process through the Android: process attribute.