runSecurityCheck method
Runs all enabled security checks and returns a SecurityStatus.
Implementation
Future<SecurityStatus> runSecurityCheck() async {
bool isRooted = false;
bool isAppIntegrityValid = true;
bool isCertPinningValid = true;
bool isEmulator = false;
bool isScreenBeingRecorded = false;
bool isTampered = false;
bool isRuntimeHooked = false;
if (_enableRootDetection) {
final result = await _checkRoot();
// Fail secure: if the check itself errors, treat as potentially rooted.
isRooted = result.dataOrNull ?? true;
}
if (_enableAppIntegrity) {
final result = await _checkAppIntegrity();
isAppIntegrityValid = result.dataOrNull ?? false;
}
if (_enablePinning) {
for (final entry in _certificatePins.entries) {
final result = await _validateCertificate(
host: entry.key,
pins: entry.value,
);
if (result.dataOrNull != true) {
isCertPinningValid = false;
break;
}
}
}
if (_enableEmulatorDetection) {
final result = await _checkEmulator();
isEmulator = result.dataOrNull ?? false;
}
if (_enableScreenRecordingDetection) {
final result = await _checkScreenRecording();
isScreenBeingRecorded = result.dataOrNull ?? false;
}
if (_enableTamperDetection) {
final result = await _checkTamper();
// Fail secure: assume tampered if the check itself errors.
isTampered = result.dataOrNull ?? true;
}
if (_enableRuntimeProtection) {
final result = await _checkRuntimeProtection();
isRuntimeHooked = result.dataOrNull ?? false;
}
final status = SecurityStatus(
isRooted: isRooted,
isAppIntegrityValid: isAppIntegrityValid,
isCertificatePinningValid: isCertPinningValid,
isEmulator: isEmulator,
isScreenBeingRecorded: isScreenBeingRecorded,
isTampered: isTampered,
isRuntimeHooked: isRuntimeHooked,
);
SecurityLogger.info('Security check complete: $status');
return status;
}