check method
Implementation
Future<String> check({
required String serverURL,
Map<String, String>? headerHttp,
int? timeout,
}) async{
log("check method invoked" , name: "com.quixxi.security");
final passphraseUtf8 = "h0uAdkGReYwu0zuv8eR4AJQNVqCKZxIe";
final saltPharse = "yIXmS8GVxGbmX2DL";
final ByteData data = await rootBundle.load('packages/quixxi/asset/info.txt');
if (data.lengthInBytes == 0){
throw const ImproperSSLPinningConfig();
}
log("read infoencrypted file" , name: "com.quixxi.security");
Uint8List fileContent = data.buffer.asUint8List(data.offsetInBytes, data.lengthInBytes);
String ivHex = '717569787869736869656c6470617373';
Uint8List salt = convertStringToUint8List(saltPharse);
Uint8List passphrase = convertStringToUint8List(passphraseUtf8);
Uint8List key = generateKey(salt, passphrase);
Uint8List iv = Uint8List.fromList(hex.decode(ivHex));
String encodedString = utf8.decode(fileContent);
if (!isBase64(encodedString)){
throw const ImproperSSLPinningConfig();
}
Uint8List decodedFileContent = base64.decode(encodedString);
Uint8List decrypted = decrypt(decodedFileContent, key, iv);
String decryptedString = String.fromCharCodes(decrypted);
List<String> allowedShA1FingerprintList = [];
final settings = json.decode(decryptedString);
if (settings.length <=0 ){
throw const ImproperSSLPinningConfig();
}
for (String setting in settings){
allowedShA1FingerprintList.add(setting);
}
log("invoking check method");
return QuixxiShieldPluginPlatform.instance.check(serverURL: serverURL, sha: SHA.SHA256, allowedSHAFingerprints: allowedShA1FingerprintList,
headerHttp: headerHttp, timeout: timeout, releaseMode:kReleaseMode);
}
