runSecurityCheck method
Runs all enabled security checks and returns a SecurityStatus.
Implementation
Future<SecurityStatus> runSecurityCheck() async {
bool isRooted = false;
bool isAppIntegrityValid = true;
bool isCertPinningValid = true;
if (_enableRootDetection) {
final result = await _checkRoot();
// Fail secure: if the check itself errors, treat as potentially rooted.
isRooted = result.dataOrNull ?? true;
}
if (_enableAppIntegrity) {
final result = await _checkAppIntegrity();
isAppIntegrityValid = result.dataOrNull ?? false;
}
if (_enablePinning) {
for (final entry in _certificatePins.entries) {
final result = await _validateCertificate(
host: entry.key,
pins: entry.value,
);
if (result.dataOrNull != true) {
isCertPinningValid = false;
break;
}
}
}
final status = SecurityStatus(
isRooted: isRooted,
isAppIntegrityValid: isAppIntegrityValid,
isCertificatePinningValid: isCertPinningValid,
);
SecurityLogger.info('Security check complete: $status');
return status;
}