JSPM

  • ESM via JSPM
  • ES Module Entrypoint
  • Export Map
  • Keywords
  • License
  • Repository URL
  • TypeScript Types
  • README
  • Created
  • Published
  • Downloads 155
  • Score
    100M100P100Q88847F
  • License MIT

Check/pin SSL certificates

Package Exports

  • capacitor-ssl-pinning
  • capacitor-ssl-pinning/dist/esm/index.js
  • capacitor-ssl-pinning/dist/plugin.cjs.js

This package does not declare an exports field, so the exports above have been automatically detected and optimized by JSPM instead. If any package subpath is missing, it is recommended to post an issue to the original package (capacitor-ssl-pinning) to support the "exports" field. If that is not possible, create a JSPM override to customize the exports field for this package.

Readme

Capacitor SSL Pinning

Ionic Capacitor Plugin to perform SSL checking/pinning. Will soon be published to npm.

Install

git clone https://github.com/mchl18/Capacitor-SSL-Pinning
cd Capacitor-SSL-Pinning
npm install
npm run build
cd /root/of/your/ionic/project
npm install /path/to/cloned/Capacitor-SSL-Pinning
npx cap sync

Obtain fingerprint

via website

via command line

API

checkCertificate(...)

checkCertificate(options: SSLCertificateCheckerOptions) => Promise<SSLCertificateCheckerResult>
Param Type
options SSLCertificateCheckerOptions

Returns: Promise<SSLCertificateCheckerResult>

Type Aliases

SSLCertificateCheckerResult

{ /** * The subject of the certificate * @platform Android / subject?: string; /* * The issuer of the certificate * @platform Android / issuer?: string; /* * The valid from date of the certificate * @platform Android / validFrom?: string; /* * The valid to date of the certificate * @platform Android / validTo?: string; /* * The fingerprint of the certificate * @platform Android / fingerprint?: string; /* * Whether the fingerprint matches the expected fingerprint */ fingerprintMatched: boolean; } | { error: string; }

SSLCertificateCheckerOptions

{ url: string; fingerprint: string; }

Usage

SSLCertificateChecker.checkCertificate({
    url: 'https://example.com', // replace with your server url
    fingerprint: '50:4B:A1:B5:48:96:71:F3:9F:87:7E:0A:09:FD:3E:1B:C0:4F:AA:9F:FC:83:3E:A9:3A:00:78:88:F8:BA:60:26' // replace with your server fingerprint
}).then((res) => {
    console.log(res.fingerprintMatched);
})

Example Interceptor:

// src/app/interceptors/ssl-pinning.interceptor.ts

import { Injectable } from '@angular/core';
import {
  HttpRequest,
  HttpHandler,
  HttpEvent,
  HttpInterceptor,
} from '@angular/common/http';
import { from, Observable, switchMap, throwError } from 'rxjs';
import { SSLCertificateChecker } from 'certificate-checker';
import { environment } from 'src/environments/environment';

@Injectable()
export class SslPinningInterceptor implements HttpInterceptor {
  intercept(
    request: HttpRequest<any>,
    next: HttpHandler
  ): Observable<HttpEvent<any>> {
    return from(
      SSLCertificateChecker.checkCertificate({
        url: environment.baseUrl,
        fingerprint: environment.fingerprint,
      })
    ).pipe(
      switchMap((res) => {
        if (res.fingerprintMatched) {
          return next.handle(request);
        }
        return throwError(() => new Error('Fingerprint not matched'));
      })
    );
  }
}