1

I am not sure about how to use the ssl pinning plugin in flutter. when I am using it I am getting a platform exception saying that the fingerprints doesn't match. is it the sha 1 or sha 256 of the project that we want to provide or the sha of the server we want to provide, and what to pass in the header section while calling the method (SslPinningPlugin.check()).

here is the function I wrote for ssl pinning

Future<bool> _verifySSlCertificate(String url) async {
    // return true;
    try {
      if (!url.contains(serverURl)) {
        debugPrint('Overriding SSL Pinning, url is different ::: ' + url);
        return true;
      }
      Codec<String, String> stringToBase64 = utf8.fuse(base64);
      String decodedSha1 = stringToBase64.decode(sslFingerPrint);

      String result = await SslPinningPlugin.check(
          serverURL: url,
          httpMethod: HttpMethod.Get,
          headerHttp: {},
          sha: SHA.SHA1,
          allowedSHAFingerprints: [decodedSha1],
          timeout: 50);
      debugPrint('SSL Pinning result::: ' + result);
      return result == 'CONNECTION_SECURE';
    } catch (e) {
      debugPrint(e.toString());
      return false;
    }
  }

the success response would be a String "CONNECTION SECURE".

Improve this question
Related questions
141
MissingPluginException while using plugin for flutter
340
Flutter and google_sign_in plugin: PlatformException(sign_in_failed, com.google.android.gms.common.api.ApiException: 10: , null)
1
Extracting public key information from a PEM certificate
Load 5 more related questions Show fewer related questions

0

Reset to default

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.