flutter_certificate_pinning 1.0.1

Flutter certificate pining for Dio package

flutter_certificate_pinning

HTTPS certificate verification or public key pinning for Dio.

How to use

• Get SHA256 Certificate Fingerprint from Unit Test

flutter test test/flutter_certificate_pinning_test.dart

Output

ExpiredAt: Dec 11 08:19:25 2023 GMT
Fingerprints: [b235f7c569490f2b2b861d2237e303337fe45a80ffec55dc140abda69e843d51]

• SHA256 Certificate Fingerprint

class Sha256CertificateFingerprint extends CertificateFingerprint {
  @override
  Future<List<String>> fingerprints() async {
    return [
      // ExpiredAt: Dec 11 08:19:25 2023 GMT
      'b235f7c569490f2b2b861d2237e303337fe45a80ffec55dc140abda69e843d51',
    ];
  }
}

• Custom Validator

class SelfCustomValidator implements CustomValidator {
  @override
  bool validate(X509Certificate cert, String host, int port) {
    final hostMatches = _validateHost(host);
    return hostMatches;
  }

  bool _validateHost(String host) {
    return 'google.com' == host;
  }
}

• Certificate Trusted Configuration (Optional)

class LocalCertificateTrustedConfiguration implements CertificateTrustedConfiguration {
  @override
  List<List<int>> certificates() {
    // Certificate bytes
    return [];
  }
}

• Using

final certificateTrustedConfiguration = LocalCertificateTrustedConfiguration();
final sha256CertificateFingerprint = Sha256CertificateFingerprint();
final selfCustomValidator = SelfCustomValidator();
final certificateValidator = SelfCertificateValidator(selfCustomValidator);
final securityHttpClientCreator = SecurityHttpClientCreator(
  certificateValidator,
  certificateTrustedConfiguration: certificateTrustedConfiguration,
);
final httpsCertificateVerification = HttpsCertificateVerification(
  securityHttpClientCreator,
  certificateValidator,
  sha256CertificateFingerprint,
);
final dio = Dio();
httpsCertificateVerification.config(dio);