smart_dev_pinning_plugin 2.1.0

This plugin creates a secure native TLS connection to execute HTTP requests with certificate pinning.

Smart Dev Pinning Plugin

This plugin creates a secure native TLS connection to execute HTTP requests with certificate pinning. It supports both public key pinning and leaf certificate pinning for enhanced security.

Features

• 🔐 SSL Certificate Pinning (Public Key & Leaf Certificate)
• 🚀 Native performance with FFI implementation
• 📊 Built-in performance benchmarking
• 🎯 Type-safe pinning method selection
• 📱 Cross-platform support (Android & iOS)

Requirements

• Flutter 3.3.0 or higher
• Dart SDK 3.7.2 or higher
• Compatible with Android and iOS

Installation

Add the dependency to your pubspec.yaml:

dependencies:
  smart_dev_pinning_plugin: ^1.0.0

Then run:

flutter pub get

How to use

Pinning Methods

This plugin supports two types of certificate pinning:

1. Public Key Pinning (PinningMethod.publicKey): Pins against the server's public key
2. Leaf Certificate Pinning (PinningMethod.certificate): Pins against the entire leaf certificate

Generate certificate hash

You need to generate a certificate hash depending on the pinning method you want to use.

For Public Key Pinning

Extract the public key hash using OpenSSL:

# Method 1: Direct public key extraction
openssl s_client -connect <HOST>:443 -servername <HOST> </dev/null 2>/dev/null \
  | openssl x509 -pubkey -noout \
  | openssl pkey -pubin -outform DER \
  | openssl dgst -sha256 -binary \
  | openssl base64

For Leaf Certificate Pinning

Extract the certificate hash:

# Get the leaf certificate hash
openssl s_client -connect <HOST>:443 -servername <HOST> 2>/dev/null \
  | openssl x509 -outform DER \
  | openssl dgst -sha256 -binary \
  | openssl base64

Use the Client

import 'package:smart_dev_pinning_plugin/smart_dev_pinning_plugin.dart';

final client = SecureClient();

// Using Public Key Pinning
final requestResponse = await client.httpRequest(
  certificateHash: "/UzJAZYxLBnEpBwXAcmd4WHi7f8aYgfMExGnoyp5B04=",
  method: 'GET',
  url: 'https://jsonplaceholder.typicode.com/posts/1',
  headers: {'Content-type': 'application/json; charset=UTF-8'},
  pinningMethod: PinningMethod.publicKey, // Required parameter
);

// Using Certificate Pinning
final requestResponseCert = await client.httpRequest(
  certificateHash: "YOUR_CERTIFICATE_HASH_HERE",
  method: 'GET',
  url: 'https://yourapi.com/endpoint',
  headers: {'Content-type': 'application/json; charset=UTF-8'},
  pinningMethod: PinningMethod.certificate, // Required parameter
);

print(requestResponse);
);
print(requestResponse);

Performance Benchmarking

The plugin includes a built-in benchmarking tool to measure the performance impact of SSL pinning:

// The example app includes a comprehensive benchmark that compares:
// - Standard HTTP requests vs SSL Pinned requests
// - Response times, throughput, and statistical analysis
// - Visual performance comparison with detailed metrics

API Reference

SecureClient

Main class for making secure HTTP requests with certificate pinning.

Methods

httpRequest()

Makes an HTTP request with certificate pinning.

Parameters:

• certificateHash (String): Base64-encoded certificate or public key hash
• method (String): HTTP method ('GET', 'POST', 'PUT', 'DELETE', etc.)
• url (String): Target URL
• headers (Map<String, String>): HTTP headers
• pinningMethod (PinningMethod): Type of pinning to use
• body (String, optional): Request body for POST/PUT requests
• encoding (String, optional): Character encoding (default: 'utf-8')

Returns: Future<String> - Response body

PinningMethod Enum

Defines the type of certificate pinning to use:

• PinningMethod.publicKey: Pin against the server's public key
• PinningMethod.certificate: Pin against the leaf certificate

Example

See the example/ directory for a complete Flutter app using this plugin, including:

• Interactive SSL pinning testing
• Performance benchmarking tools
• Visual comparison between standard and secure clients
• Real-time performance metrics and analysis

Platform Support

• Android
• iOS

License

See LICENSE for details.