I'm developing an application using ChopperClient. To improve application security I want to do certificate pinning by using http_certificate_pinning library.
What I've tried: I try using HttpCertificatePinning.check as suggested in the library's official guide. The serverURL is my mock api url. When I run the application, the application crashed and exited. When I change the url to https://www.google.com/ the application is not crash and the result is returned as false.
Does anyone have experience using Chopper with this library? How should I do certificate pinning with this library?
Future<bool> myCustomImplementation(String url, Map<String, String> headers,
List<String> allowedSHAFingerprints) async {
try {
final String secure = await HttpCertificatePinning.check(
serverURL: url, //mock api url
headerHttp: headers, //mock headers
sha: SHA.SHA256,
allowedSHAFingerprints: allowedSHAFingerprints, //mock fingerprints
timeout: 100);
if (secure.contains("CONNECTION_SECURE")) {
return true;
} else {
return false;
}
} catch (e) {
return false;
}
}
