I am not sure about how to use the ssl pinning plugin in flutter. when I am using it I am getting a platform exception saying that the fingerprints doesn't match. is it the sha 1 or sha 256 of the project that we want to provide or the sha of the server we want to provide, and what to pass in the header section while calling the method (SslPinningPlugin.check()).
here is the function I wrote for ssl pinning
Future<bool> _verifySSlCertificate(String url) async {
// return true;
try {
if (!url.contains(serverURl)) {
debugPrint('Overriding SSL Pinning, url is different ::: ' + url);
return true;
}
Codec<String, String> stringToBase64 = utf8.fuse(base64);
String decodedSha1 = stringToBase64.decode(sslFingerPrint);
String result = await SslPinningPlugin.check(
serverURL: url,
httpMethod: HttpMethod.Get,
headerHttp: {},
sha: SHA.SHA1,
allowedSHAFingerprints: [decodedSha1],
timeout: 50);
debugPrint('SSL Pinning result::: ' + result);
return result == 'CONNECTION_SECURE';
} catch (e) {
debugPrint(e.toString());
return false;
}
}
the success response would be a String "CONNECTION SECURE".
