connect_secure 1.0.1 copy "connect_secure: ^1.0.1" to clipboard
connect_secure: ^1.0.1 copied to clipboard

Published 2 days ago
SDKFlutter
PlatformAndroidiOSLinuxmacOSWindows
β†’

Metadata

Production-ready SSL pinning for Dart/Flutter with Dio, http (IOClient) and dart:io. Protects against MITM attacks with SHA-256 certificate fingerprint validation.

More...

example/lib/main.dart

import 'dart:convert';
import 'package:connect_secure/connect_secure.dart';
import 'package:dio/dio.dart';

Future<void> main() async {
  //  Allowed certificate fingerprints (dummy example)
  //  In production, use real certificate fingerprints from your server
  final allowedFingerprints = [
    "A1:B2:C3:D4:E5:F6:12:34:56:78:9A:BC:DE:F0:12:34:56:78:90:AB:CD:EF:12:34:56:78:90:AB:CD:EF:12:34:56"
  ];

  print("πŸ”’ Connect Secure - SSL Pinning Demo");
  print("=====================================\n");

  // =============================
  // Example 1: Using SecureHttpClient
  // =============================
  print("1️⃣ Testing SecureHttpClient...");
  try {
    final client = SecureHttpClient(allowedFingerprints: allowedFingerprints);
    final response = await client.get(Uri.parse("https://example.com"));
    final responseBody = await response.transform(utf8.decoder).join();
    print("βœ… SecureHttpClient response received");
    print("Status: ${response.statusCode}");
    print("Body length: ${responseBody.length} characters\n");
  } on SslPinningException catch (e) {
    print("❌ SSL Pinning failed:");
    print("   Message: ${e.message}");
    print("   Host: ${e.host}");
    print("   Rejected fingerprint: ${e.rejectedFingerprint}");
    print("   Allowed fingerprints: ${e.allowedFingerprints}\n");
  } catch (e) {
    print("❌ Other error: $e\n");
  }

  // =============================
  // Example 2: Using Dio + SSL Pinning
  // =============================
  print("2️⃣ Testing Dio with SSL Pinning...");
  final dio = Dio();
  dio.httpClientAdapter = DioSslPinning(
    allowedFingerprints: allowedFingerprints,
    fingerprintsByHost: {
      'example.com': [
        'A1 B2 C3 D4 E5 F6 12 34 56 78 9A BC DE F0 12 34 56 78 90 AB CD EF 12 34 56 78 90 AB CD EF 12 34 56',
      ],
    },
  );

  try {
    final dioResponse = await dio.get("https://example.com");
    print("βœ… Dio response received");
    print("Status: ${dioResponse.statusCode}");
    print("Data type: ${dioResponse.data.runtimeType}\n");
  } on SslPinningException catch (e) {
    print("❌ SSL Pinning failed:");
    print("   Message: ${e.message}");
    print("   Host: ${e.host}");
    print("   Rejected fingerprint: ${e.rejectedFingerprint}");
    print("   Allowed fingerprints: ${e.allowedFingerprints}\n");
  } catch (e) {
    print("❌ Other error: $e\n");
  }

  // =============================
  // Example 3: Using http (IOClient) + SSL Pinning
  // =============================
  print("3️⃣ Testing http IOClient with SSL Pinning...");
  final ioClient = createPinnedHttpClient(
    allowedFingerprints: allowedFingerprints,
    fingerprintsByHost: {
      'example.com': [
        'A1 B2 C3 D4 E5 F6 12 34 56 78 9A BC DE F0 12 34 56 78 90 AB CD EF 12 34 56 78 90 AB CD EF 12 34 56',
      ],
    },
  );

  try {
    final httpResponse = await ioClient.get(Uri.parse('https://example.com'));
    print("βœ… http IOClient response received");
    print("Status: ${httpResponse.statusCode}");
    print("Headers: ${httpResponse.headers.length} headers\n");
  } on SslPinningException catch (e) {
    print("❌ SSL Pinning failed:");
    print("   Message: ${e.message}");
    print("   Host: ${e.host}");
    print("   Rejected fingerprint: ${e.rejectedFingerprint}");
    print("   Allowed fingerprints: ${e.allowedFingerprints}\n");
  } catch (e) {
    print("❌ Other error: $e\n");
  }

  // =============================
  // Example 4: Demonstrating fingerprint normalization
  // =============================
  print("4️⃣ Demonstrating fingerprint normalization...");
  final testFingerprints = [
    "A1:B2:C3:D4:E5:F6", // Colon-separated
    "A1 B2 C3 D4 E5 F6", // Space-separated
    "a1b2c3d4e5f6", // Continuous hex
  ];

  for (final fp in testFingerprints) {
    final normalized = SslPinningUtils.normalizeFingerprint(fp);
    print("   '$fp' -> '$normalized'");
  }
  print(
      "   All normalize to the same value: ${testFingerprints.map(SslPinningUtils.normalizeFingerprint).toSet().length == 1}\n");

  print("πŸŽ‰ Demo completed!");
  print("\nπŸ’‘ Note: These examples use dummy fingerprints.");
  print(
      "   In production, replace with real certificate fingerprints from your server.");
  print("   Use the commands in the README to obtain actual fingerprints.");
  print("");
  print("πŸ”§ New Features Available:");
  print("   β€’ Certificate discovery and fingerprint extraction");
  print("   β€’ Real-time certificate health monitoring");
  print("   β€’ Certificate validation and rotation");
  print("   β€’ CLI tools for automated management");
  print("");
  print("πŸ“š See certificate_lifecycle_example.dart for advanced features!");
}

← Metadata

7
likes
160
points
250
downloads

Publisher

unverified uploader

Weekly Downloads

Metadata

Production-ready SSL pinning for Dart/Flutter with Dio, http (IOClient) and dart:io. Protects against MITM attacks with SHA-256 certificate fingerprint validation.

Repository (GitLab)
View/report issues

Topics

#security #networking #ssl #certificate-pinning #mitm-protection

Documentation

Documentation
API reference

License

MIT (license)

Dependencies

crypto, dio, http

More

Packages that depend on connect_secure

Back